Mark's Musings

A miscellany of thoughts and opinions from an unimportant small town politician and bit-part web developer

Why aren’t we allowed to know which domains the government has registered?

| 2 Comments

If you’ve already read this, you might want to skip to the end where I’ve added some extra information.

You’d think, wouldn’t you, that there ought to be no problem finding out which official domain names (ie, those ending in .gov.uk) have been registered by government departments and organisations at both national and local level. It is, after all, one of things that, even if it isn’t directly published anywhere, should be amenable to a simple Freedom of Information request.

Unfortunately, this isn’t the case. And the various excuses given for not revealing the list are, to say the least, increasingly bizarre.

The story starts with an FoI request by John Cross to the Central Office of Information (COI) for a list of domain names ending in .gov.uk. The COI responded, not unreasonably, that they don’t hold the information themselves. However, they noted that it could be obtained from JANET, the organistion respondible for registering .gov.uk domains. Other people have made similar requests to COI, and got the same answer.

John didn’t immediately follow this up himself, at least not via WhatDoTheyKnow.com, but in April 2010 a similar request was sent to The JNT Association (aka JANET) by Steve Elibank. Entirely unreasonably in this case, the request was refused. JANET gave two reasons for their refusal:

1. The material is already available via the whois service (refusal under section 21 of the FOIA),
and
2. Release of the material in full is considered to “present a risk to the commercial interests” of JANET’s customers (refusal under section 43 of the FOIA).

As was pointed out in annotations to that request, these two reasons are mutually incompatible – if it’s already available, then releasing it can’t be a commercial problem. More relevantly, it simply isn’t true that the material is already available – whois will give you information about domains that you know about, but isn’t helpful for discovering the existance of domains that you don’t know about.

Not to be deterred, David Batley made a similar request in April this year. This, too, was refused on exactly the same grounds.

At this point, John Cross re-entered the fray with another request in which he detailed the reasons why neither section 21 nor section 43 were valid reasons to refuse the request. It’s also worth noting here that other requests for a full list of .ac.uk domains (ie, those owned by further educational establishments) and .police.uk domains had been successful.

After much to-ing and fro-ing, JANET eventually responded with the answer that, as a list of central government websites was online at the Cabinet Office website, they were refusing the request under section 21 (maerial available elsewhere). John pointed out that this wasn’t an answer to his question, and in the light of JANET’s continuing refusal to answer it, sent a formal complaint to the ICO. We still await the outcome of that (which may take several months, the ICO is not noted for the rapidity of its investigations).

That’s where I got involved. I was intrigued enough to wonder why JANET didn’t want to release the full list, so I submitted an FoI request to try to get some background information. In particular, I wanted to see the wording of the advice given that releasing the list would be a risk to commercial interests, and also to see if they had any documentation which explained why a list of .ac.uk domains can be released but not a list of .gov.uk domains. JANET’s response to this one, so far, has been to simply ignore it. They are now beyond the legal maximim period of time in which to answer FoI requests, but I’ve still got nothing.

More intriguingly, though, while trawling through the COI website, I came across the minutes of a meeting of the .gov.uk Naming and Approvals Committee in 2009. These contained a couple of action points:

JANET to notify COI of all domains for renewal at least 3 months in advance.

and

Review current list of .gov.uk domain names to check for redirects

Assuming these action points to have been, well, actioned, this rather gives the lie to the original claim by the COI that they don’t have the data as the committee cannot have carried out the second without it and, since this started in 2009, the first will have given them a full list by now (although, to be fair, this is a rather obscure reference and it’s entirely possible that the staff member who gave the original response was simply unaware that the committee might have the data). What I’ve now done, therefore, is go back to the COI with a new FoI request to see the contents of these notifications and the list. They’ve got until the 3rd October to answer that, so we’ll have to wait and see how that pans out.

In the meantime, John Cross has submitted yet another FoI request to JANET, this time asking just for a list of domains which aren’t included in the list available on the Cabinet Office website. That was sent on the 17th August. It’s now the 7th September, and the response is due no later than the 15th of this month. Despite that, John hasn’t even had the courtesy of a acknowledgement from JANET.

I would really like to know what’s going on here. Why is a list of government domain names considered commercially sensitive, when a list of educational and police domain names isn’t? Why has JANET suddenly become so unresponsive? Does anyone outside JANET have a clue? Does anyone inside JANET have a clue?

Update: A couple of things have transpired since I wrote the above. Firstly, by making enquiries elsewhere I discovered that JANET had, in fact, replied to these requests but the replies hadn’t got through – because they’d sent them with the destination address in the Bcc: header and nothing in the To: header, meaning that it inevitably got caught by spam filters. After having a certain amount of clue applied, the responses were re-sent. You can follow the link back to the request if you want, but here’s the response in full:

Dear Mark

The legal position is that JANET(UK) is not a body that is required to respond to requests under the Freedom of Information Act. We have helped as far as we can and will provide no further information on this request.

Tim Kidd
Operations Director

The same response has been sent to John Cross here and here.

Unfortunately, this statement is contradicted by JANET’s own documentation. Their publication scheme states:

The Freedom of Information Act received Royal Assent on 30 November 2000. The Act requires all public bodies to adopt and maintain a publication scheme. JANET(UK) is a public body for the purposes of this legislation, since it is a company wholly owned by bodies that are public authorities viz. the UK education funding councils.

Oddly enough, that document is no longer linked from the website. Just in case they decide to remove it, I’ve kept a copy here.

So, what do we make of this? I’d really like to know more. If anyone inside JANET wants to be a mole, then please get in touch.