There is a significant amount of public discussion currently around the use of WhatsApp and other messaging tools by public authorities. In particular, the ongoing inquiries into the response to the Covid-19 pandemic have seen a specific focus on public authority use of tools such as WhatsApp during the management of the pandemic, and whether relevant information has been appropriately recorded, retained and, where relevant, searched when responding to requests under FOI law.
Where tools such as WhatsApp are used by public authority staff to carry out official business, the information generated will, in most cases, fall under the scope of Scotland’s FOI laws. The Freedom of Information (Scotland) Act 2002 defines “information” as “information recorded in any form”. The Commissioner therefore expects public authorities to identify and consider all appropriate recorded information when responding to FOI and EIR requests, including, where relevant, information recorded in exchanges made through WhatsApp, Microsoft Teams, or other messaging tools.
In circumstances where the Commissioner finds that public bodies are not appropriately searching relevant sources in order to respond to information requests, he may consider regulatory action in order to support necessary improvements.
Where the Commissioner considers that an authority's records management or records retention practices fall short of standard set out in the FOI Act’s Code of Practice on Records Management (the Section 61 Code) he may, following consultation with the Keeper of the Records of Scotland, also consider regulatory action to support improvement.
David Hamilton, the Scottish Information Commissioner said, "I have been reviewing my live caseload and am liaising with the Keeper of the Records of Scotland to determine whether regulatory action may be required in specific cases".