Digital Transformation

Reducing the Burden of FOI and Complaint Responses with AI - Without Automating the Decision

Blue icon of a person with a gear, representing user settings or account configuration.
Prabal Laad
Blue calendar icon with a grid representing days and two rings at the top.
June 17, 2026

The teams feeling the squeeze from both sides

Few functions in local government feel the squeeze quite like the teams handling Freedom of Information requests and complaints. The demand is relentless, the deadlines are statutory, and the teams are finite. And it has recently got harder from an unexpected direction: the regulator now reports that public authorities are seeing a rising volume of FOI requests generated by AI tools - often longer, more repetitive, broader in scope, and sometimes misquoting the very legislation they invoke. AI, in other words, has arrived on both sides of the desk.

Backlogs here are not merely a service embarrassment. They carry regulatory teeth: the Information Commissioner can issue an enforcement notice ordering an authority to clear a backlog by a given date. So, the pressure to respond faster, at volume, without dropping quality is real and rising - and AI looks like the obvious source of relief. It can be. But FOI and complaints are decision workflows, not writing workflows, and that distinction is the entire story.

“With FOI and complaints, the rule is simple: automate the process. Never the judgement.”

The pressure is real and AI is now on both sides

Start with the volume and the clock. FOI carries a statutory deadline of twenty working days; complaints carry their own timeframes and ombudsman expectations. Teams are stretched thin against both. Then came the twist. In May 2026 the ICO published specific guidance because authorities are increasingly receiving AI-generated requests, some that misquote or misinterpret FOI law, many that are long, repetitive or written in ways that make it hard to identify what is actually being asked, all adding load to already-busy teams. The guidance does not change the law; it stresses that every request must be handled fairly and consistently, however it was created.

And the cost of falling behind is not just reputational. Persistent backlogs can attract regulatory enforcement, up to and including a notice ordering the authority to clear them by a set date. Speed and consistency, in other words, are compliance issues, not just service ones. The temptation is to throw AI at the whole problem. The smarter, safer move is to be precise about which parts of the problem AI should touch and which it must not.

Where AI genuinely helps: the process

There is a great deal of mechanical, high-volume, judgement-free work in an FOI or complaints workflow, and this is exactly where AI earns its place.

  • Triage and classify. Is this an FOI request, an Environmental Information Regulations request, a data subject access request, or business as usual? What is actually being asked?
  • Make sense of messy requests. Summarise long, repetitive or AI-generated requests to clarify the real scope before the clock burns down - turning the regulator's reported headache into something manageable.
  • Locate and gather. Surface the relevant held information across systems for an officer to assess, rather than hunting manually.
  • Draft. Produce a first-draft response, acknowledgement or holding reply, grounded in the held information and the council's templates.
  • Keep it consistent. Apply a consistent tone, structure and process across hundreds of cases - the kind of consistency the regulator expects and overstretched teams struggle to maintain.
  • Track. Keep deadlines and case status visible so nothing slips through unnoticed.

All of this is real, valuable and safe - precisely because none of it is the decision.

Where AI must never go: the judgement

Here is the bright line, and it is non-negotiable. AI must not:

  • decide what information is disclosable;
  • apply, interpret or weigh an exemption - including the public-interest test;
  • make redaction decisions unsupervised;
  • determine whether a complaint is upheld, or what remedy is appropriate.

These are accountable decisions with legal weight, and they must be made and owned by a qualified human. This is not only good practice - it runs with the grain of regulation. The ICO is currently consulting on tighter rules for automated decision-making that has legal or similarly significant effects on people, following changes brought into force in 2026. The model can draft the reasoning; a person decides whether it is right and stands behind it. AI proposes; the officer disposes.

Why the stakes are higher than ordinary drafting

Unlike a routine internal report, an FOI refusal can be appealed to the ICO, and a complaint outcome escalated to an ombudsman; decisions can be published and publicly criticised. That scrutiny tail raises three bars that a casual drafting tool will not clear.

Grounding. The response must be built only from the information the authority actually holds - not from the model's general knowledge, and certainly not from the misquoted law that an AI-generated request might confidently assert. Every claim should be traceable to a source an officer can check.

Auditability. Who decided what, on what basis, and when - recorded and defensible if the decision is challenged. With FOI and complaints, challenge is not the exception; it is built into the process.

Consistency and fairness. The regulator is explicit that requests must be handled fairly and consistently regardless of how they were created. AI can help deliver that consistency across high volumes - but it must never become a reason to treat AI-generated requests as second-class, or to wave through decisions unchecked. Get any of these wrong, and the error is not private. It is on the record.

Doing it responsibly: the safeguards

Put together, the safeguards for FOI and complaints are specific and clear.

  • A human owns every disclosure decision, exemption and complaint outcome. AI assists; it never decides, signs or sends.
  • Drafts are grounded in held information and cite their source, so the officer verifies in seconds rather than re-researching from scratch.
  • Complex and AI-generated requests are summarised to clarify scope - and handled fairly, not dismissed because a machine found them awkward.
  • Everything is logged - a complete, defensible audit trail, because these decisions get challenged.
  • A DPIA and a clear lawful basis underpin the processing of personal data in requests and records, and any decision with legal or significant effect stays out of full automation.
  • Request and case data stay within the organisation's environment and are never used to train external models.
  • Volume pressure never becomes an excuse to shortcut the public-interest test or quality assurance.

The checklist: questions before AI touches FOI or complaints

A practical test for any AI tool aimed at these statutory workflows.

  1. Does a qualified officer make and own every disclosure decision, exemption call and complaint outcome?
  1. Are drafts grounded only in information we actually hold, with sources we can verify?
  1. Can it triage and summarise complex or AI-generated requests to clarify scope - and treat them as fairly as any other?
  1. Is there a complete audit trail of who decided what, and on what basis?
  1. Does it keep consequential decisions out of full automation, in line with regulatory expectations?
  1. Is the processing covered by a DPIA and a clear lawful basis?
  1. Do request and case data stay in our environment, never used to train any external model?
  1. Does it track statutory deadlines and surface risk before they are breached?

The prize - claimed safely

Done well, AI lets a stretched team meet statutory deadlines, reduce the backlog the regulator watches, and apply consistent quality across high volumes - while freeing officers from the mechanical work of triage, gathering and first drafts to concentrate on the judgement only they can make and own. It even rebalances the awkward new reality of AI on both sides of the desk: meet a rising tide of AI-generated requests with AI-assisted, human-owned responses. The point was never to respond without thinking. It is to spend the thinking where it actually counts - on the decision - and let the machine carry the rest.

Build it in, don't bolt it on

The clearest sign of an AI tool fit for FOI and complaints is that the line between process and judgement is built into how it works. Our own approach keeps the officer firmly in charge of every disclosure decision, exemption and outcome; grounds drafts in the information actually held, with traceable sources; summarises complex and AI-generated requests to clarify scope; logs every step for a defensible audit trail; and keeps request and case data within the organisation's environment, never training external models. AI to carry the process; people to make the call.

FOI and complaints will only become more pressured - and, with AI now on both sides of the exchange, more complex too. The authorities that cope will be the ones that draw the line cleanly: let AI carry the process and keep humans firmly on the judgement. Automate the workflow, never the decision. Do that, and you clear the backlog without ever having to defend a decision a machine made on its own.

If you are looking to ease FOI and complaints pressure without compromising on defensibility, we would be glad to share where the line between process and judgement should sit.

Blue upward trending arrow icon indicating growth or increase.

Recent Blogs

Multi-Entity Finance Consolidation in Oracle Fusion - How to Manage 10 Entities Under One Platform

Blue calendar icon with a white page and two rings on top.
June 18, 2026

Conversational AI for the Public Sector: Deflecting Demand Without Losing the Human Touch

Blue calendar icon with a white page and two rings on top.
June 18, 2026

Reducing the Burden of FOI and Complaint Responses with AI - Without Automating the Decision

Blue calendar icon with a white page and two rings on top.
June 17, 2026

The Audit Trail Is the Product: Explainability and Traceability in Regulated AI

Blue calendar icon with a white page and two rings on top.
June 18, 2026

Who Should See What? Why Access Control Is the Quiet Foundation of a Trustworthy CRM

Blue calendar icon with a white page and two rings on top.
June 17, 2026
Blue stylized letters and number forming the text VE3.

Innovating Ideas. Delivering Results.

ServicesExpertisePlatformsSolutionsIndustriesPartners
BlogCase StudiesResearchNewsNewsletterEvents
About usCareers at VE3Life @ VE3PoliciesCommitmentsContact Us

Subscribe to our Newsletter

Woman sitting on couch wearing a white cable-knit sweater and blue jeans, holding a phone with one hand.
  • © 2026 VE3. All rights reserved.
LinkedIn logo in white on a gray circular background.Facebook social media icon with white f on a gray circular background.Gray circle with white X symbol, indicating a close or cancel button.Gray play button icon within a rounded square with a subtle drop shadow on a white background.