World Bank Declines to Use Redaction Procedures

21 March 2014

By Toby McIntosh

The World Bank’s vaunted “presumption of disclosure” comes with a caveat – all or nothing.

Unlike most national and international right to information regimes, the Bank appears unwilling to redact (black out) portions of a document and release the rest.

The Bank’s restrictive redaction practice – seemingly at odds with its stated policy — came to light for on Feb. 19 when the Bank denied its request for a month’s worth of  access requests.

The decision “is inconsistent with international law,” according David Banisar, senior legal counsel at Article 19, the London-based freedom of expression group.

“The World Bank’s overly narrow reading of its obligations to make information public seriously undermines its own public commitments and is inconsistent with international law which states that all persons have right to information and public bodies are required to ensure that there are easy and effective mechanisms to obtain it,” according to Banisar.

Request for Requests Denied requested a month’s worth of other freedom of information requests to the Bank.

The release of requests or summaries of them is fairly common in other countries with the identities of requesters usually redacted. (See previous report.)

The Bank initially denied the request in December, citing concerns about the personal safety of requesters and the need to protect their personal information.

On appeal, the Bank’s internal Access to Information Committee (AIC) reaffirmed the denial and said it would not redact any personal information to address its concerns about not releasing personal information about the requesters. Deleting such personal information while disclosing the rest of a request document is standard operating procedure under most access to information systems.

Justifying its March 19 decision not to redact names and other personal information, the Bank cited an interpretation made by the Access to Information Committee just two weeks after the new policy was made effective in July of 2010. According to the decision:

The AIC considered the “access to information requests” in their original form, recognizing that the Policy “does not mandate the Bank to redact (black out) restricted information in order to make the document acceptable for public access” (Policy interpretation on redaction, issued by the AIC on July 14, 2010).

The 2010 interpretation, however, appears to make redaction discretionary.

Redaction Policy Permissive

The committee selectively quotes the two-sentence 2010 interpretation, leaving out the second sentence which appears to make redaction optional:

While the Bank does not have a redaction policy to black out restricted information in response to public access requests (meaning, documents that include restricted information are not publicly available), the Bank is not prevented from redacting restricted information on a case-by-case basis if it chooses to do so.

The option to use redaction is consistent with other statements in the World Bank access to information policy that give the Bank discretion to make releases to conform with the overall philosophy of “presumption of disclosure.”’s Feb. 7 appeal letter said:

Redaction is the accepted mechanism to achieve the goal of maximum disclosure while still adhering to the exemptions in the policy.  Redaction is essential to sensible implementation of an access policy. Redaction is absolutely standard practice at the national level.

Risks to Requesters?

The Bank committee said that the persons who had submitted the requests were not notified that their information would be made public and as a result, “neither consented nor had the opportunity to communicate concerns regarding such disclosure.”

It noted that “international codes of ethics and codes of conduct for archivists recognize the need to respect the privacy of users, including maintaining the confidentiality of their research and protecting their personal information.’

“In order to ascertain with certainty the level of risk posed to the requesters’ security and safety if their personal information was to be released,” the denial further states, “the Bank would need to notify and seek the views of each individual impacted by the disclosure, which means, at minimum, contacting and getting the views of each person who had submitted an access to information request in the month of October 2013.”

It further said that “in view of the blanket nature of the Request, it would be impractical for the Bank to address this portion of the Request within a reasonable period of time, should the Bank need to notify and consult each potentially impacted individual, noting that such notice and consultation are not mandated by the Policy.”

The denial also said “the Bank cannot reasonably discount or dismiss the possible risk of harm to the persons’ security and safety should the information be made public, nor can the Bank reasonably be expected to ascertain, in a reasonable period of time, the likelihood of such harm to each individual in each case, considering the blanket nature of this request.”

`Likely’ Endangerment Standard

The “safety and security” exemption in the access policy (Section 12) states in relevant part that the Bank does not provide access to:

(c) Information whose disclosure is likely to endanger the life, health, or safety of any individual, or the environment. in its Feb. 7 appeal letter questioned blanket application of the endangerment test, drawing attention to the use of the word “likely,” writing:

The language of the exemption requires a finding that disclosure is “likely” to endanger a person’s safety security. This choice of words indicates that there must be more than a remote possibility of endangerment. “Likely” necessitates a finding of probable harm, a good chance of harm, a real danger.

Such a finding should be based on objective evidence. The Bank here has failed to demonstrate any such likelihood that disclosures of requester information would “endanger the life, health or safety of any individual, or the environment.”

Additional Exemption Cited

Besides relying on the “safety and security” exemption, the Bank cited another one.

“Additionally, the AIC found that “access to information requests” reproduced from the Bank’s access to information case management system also reveal information about Bank staff (e.g., staff names) and the Bank’s information technology systems.  Thus, while the Bank’s communication to the requester only indicated the Security and Safety exception (which may also apply to Bank staff and assets), the AIC finds that Corporate Administrative Matters exception is also triggered.

The Bank said it maintains no summaries or lists of access to information requests made.

The AIC has issued 13 interpretations of the access to information policy, the most recent being Feb. 27, 2014.

Be Sociable, Share!


Filed under: IFTI Watch


In this column, Washington, D.C.-based journalist Toby J. McIntosh reports on the latest developments in information disclosure in International Financial and Trade Institutions (IFTI).
Contact: or
1-(703) 276-7748