Applications to access documents held by Queensland government agencies1 can be made under the Right to Information Act 2009 (RTI Act)2. Increasingly, the scope of these applications encompass social media platforms, such as Facebook and Twitter, agency documents held in personal webmail accounts, text messages sent using agency-issued devices, work-related text messages sent using personal devices and officer to officer communications (chats) stored in programs such as Teams and Zoom..
All agencies may want to consult Council Records: a guideline for mayors, councillors, CEOs and council employees, prepared jointly by the Crime and Corruption Commission and Queensland State Archives. It provides relevant, practical guidance applicable across all sectors of government.
Applications for access can only be made for documents of an agency or documents of a Minister.
A document of an agency is a document in the physical possession or legal control of an agency. A document of a Minister is a document that is not a document of an agency, is in the physical possession or legal control of the Minister, and relates to the affairs of an agency. It includes a document the Minister is entitled to access and documents in the possession or control of the Minister's staff or consultants.
A document does not have to be a public record to fall under the definition of document in the RTI Act. When conducting searches in response to an RTI application agencies have to capture every document in scope, regardless of whether or not it is a public record.
For more information refer to Documents of an agency and Documents of a Minister.
Social media is websites and applications that enable users to create and share content or to participate in social networking.3 Some of the more common social media platforms used by agencies are Facebook, Twitter, YouTube, Instagram and LinkedIn.4
There are two situations in which the contents of a social media account can be documents of an agency5 under the RTI Act:
In the former case, it will be necessary to determine if the social media account is being operated in an official capacity, as an officer of the agency or holder of an agency office, rather than a personal one. Indicators include:
If it is determined that the account is being operated in an official capacity, the contents of the account will be documents of the agency.
When searching a social media account, more than the public posts must be considered. Decision makers will need to consider the contents of private or limited-access sections, for example, chats, direct messages, private, restricted, or draft posts, and information available only to the account holder. This could include the identity of users that have 'liked' posts or other content, lists of blocked users, search history, comments hidden from public view, or interactions with, or reports to, the operator of the platform (eg Facebook, Twitter).8
Section 53 of the RTI Act allows an agency to refuse access to a document if the applicant can reasonably access it under other arrangements made by an agency. In some circumstances, if an application captures publicly available posts, tweets, photos or other material available on agency social media accounts, section 53 may apply.
However, consideration should be given to the ease with which specific posts etc containing the information can be located and to the applicant's circumstances; some applicants may not have the ability or equipment to access agency social media.
For more information, refer to Refuse access to a document – other access available.
Emails that have been sent or received in an official capacity or to conduct official business will be documents of an agency under the RTI Act, even if they are stored in an officer's private email account.9 This can be a webmail account, such as a Gmail or Hotmail account, or downloaded through a home email program from an account with no web interface.
Where agency policies specifically allow the use of private email accounts for agency business, for example where officers are travelling or working from home, decision makers may need to consider accounting for this in their search processes.
An officer's private email address is not routine personal work information and must be dealt with in the same way as other personal information under the RTI Act. This information would rarely be in the public interest to release.
Similar to social media accounts, text messages10 will be documents under the RTI Act in two circumstances:
In the former case, it will be necessary to carefully consider the context of any messages to determine if they are documents of an agency under the RTI Act. If so, steps will need to be taken to capture them, so they can be processed and, if appropriate, access given.
Where an agency has a bring your own device policy, allowing agency officers to use their own devices for agency business, it will be particularly important to ensure those devices are captured in any search requests.
If an officer of the agency sends, receives, and stores text messages on a device owned by the agency, the contents of the messages are irrelevant; the fact that the agency owns the device will make them documents under the RTI Act. However, an assessment of the content will be necessary to determine if the documents are within the scope of an application and if they should be released.
Where there are too many text messages to manually search, it may be necessary to download the text messages from the device before they can be searched, to determine which text messages are in scope. Capturing text messages is discussed below.
Agencies should consider including information in any BYOD or similar policies about officers' public records and RTI Act obligations. Any policies that allow personal use of agency devices should advise officers that information stored on the device, including personal text messages and documents, could potentially become subject to an RTI application.
On most smart phones, text messages are grouped together based on the participants in the conversation. These groups are sometimes referred to as 'text chains'. When considering text messages as part of an access application, each individual text message is the document, not the text chain.
Unlike email chains, in which an email is appended to the one before, text messages are simply displayed together in groups; they are not attached to each other. These groups are analogous to folders on a hard drive, grouping the individual text messages together for convenience. On most devices, you can deal with each text individually (delete, forward, save etc) without impacting the rest of the texts in the group.
When dealing with text messages, decision makers only need to consider the specific text messages within scope of the application and not the entire 'text chain'12.
There has been an increased uptake by agencies of business messaging applications such as Skype, Teams and Zoom. These programs generally allow direct messaging, audio and video calls, and group video chats, often used for hosting meetings or delivering training.
Where the program is provided by the agency, messages and recorded audio or video will be documents of an agency. If employees conduct official business on these programs using personal accounts, those records will also be documents of the agency.
Decision makers should liaise with their IT unit when dealing with applications for these documents, as they may have administrative tools for conducting searches and retrieving documents.
Processing and giving access to these kinds of documents can present unique challenges. However, if agencies create these documents, they have an obligation to take the steps necessary to ensure people can exercise their right of access. This may include acquiring specific software to assist in the process.
Queensland State Archives has produced guidance on capturing social media for the purposes of meeting record keeping obligations. Much of this can be applied to capturing documents to process for access applications.13
Taking screenshots of a webpage displaying a social media account or of a text message can be an effective way of capturing them for an access application. Screenshots of text messages are saved as photos on the device, which can then be downloaded for processing. Screenshots of webpages can be printed, pasted into a Word document, or dealt with however the agency prefers.
Webpages displaying social media accounts can be printed, either to paper or directly to PDF. An officer with emails in their private account can print them, to paper or to PDF, although forwarding them to an agency email account may be more efficient.
The contents of a social media account can be exported using different methods. These include paid third party services, tools built into the platform, and interfacing directly with the application programming interface (API).
Generally, the methods discussed above should be sufficient for capturing social media for an access application. If not, more information on exporting social media accounts is available from Queensland State Archives: Social Media Records
Where an agency has to deal with a large number of text messages, making screenshots impractical, it may need to explore acquiring software to capture, search, and process them. There are a number of third party programs available which can interface with different devices and operating systems.
Decision makers should consult with their IT units to determine suitable programs, but should ensure any program allows for text-based searching of messages and exporting into other formats, particularly PDF. This will allow key-word searching for text messages within scope and for in-scope text messages to be processed easily using standard redaction tools.
Current as at: December 12, 2022