Is it realistic or helpful for the law to be that any written request for information should fall under FOI?
On 23 April I noticed that an appeal to the First Tier Tribunal (Information Rights) had been made by Ryanair regarding a Freedom of Information Act 2000 (FOIA) matter, also involving the Office of Fair Trading (OFT). The Information Commissioner (ICO) Decision Notice in question has the reference number FS50391208. Knowing that Ryanair are sometimes a rather controversial outfit (although one acknowledges a lot of the controversy might actually be self-serving) I was interested to read the Decision Notice in question. The Tribunal’s website is rather basic, and the list of current appeals is uploaded only as a PDF document. This means that to read the Decision Notice in question one has to search for it elsewhere. However FS50391208 was, and is, nowhere to be found (unless my search skills have let me down).
This is a bit odd: a Decision Notice is a public document which the ICO issues when an application is made to him for a decision as to whether “a request for information made by the complainant to a public authority has been dealt with in accordance with the requirements [of FOIA]” (section 50, FOIA). I say “public” but as far as I know the open publication of Decision Notices is at the discretion of the ICO – nonetheless, it is clearly his standard custom to do this. So, any Decision Notice, especially one appealed by a company such as Ryanair, which is not published, might attract interest (bear in mind that Ryanair will have made request in question, and the OFT is the public authority involved). It is, of course, possible that an error has occurred: for instance, the Tribunal might have published the wrong reference number (although a search on the ICO’s site doesn’t throw up any Ryanair Decision Notices), or someone might just have omitted to upload the Notice.
Accordingly, I sent a tweet to the ICO’s twitter account
Hi @ICOnews DN FS50391208 (OFT) which Ryanair are appealing does not appear to be on your website. Can we see it pls?
I didn’t receive any reply, so, a few days later, sent another
Hi @ICOnews – I asked this q the other day https://twitter.com/bainesy1969/status/194375116493291520 Any answer pls? It wd qualify as FOI request after all 🙂
I still haven’t received a reply. Perhaps my little emoticon made the tweet not seem serious? By my calculation the ICO’s twenty working days to respond is up tomorrow, so I thought I’d blog this today, lest the lovely ICO people I met at last week’s PDP conference think I’ve just waited until the time is up before reminding them (again).
The ICO has said that FOI requests made by twitter are valid requests, and I’ve previously blogged about this. But it does make me wonder how realistic it is for a public authority (especially a large one, which, with all due respect, the ICO is not) to be expected to monitor all information channels in case a request for information is made (which doesn’t even need to mention FOI, of course). The Irish Freedom of Information Act 1997 requires requesters to state that the request is made under the Act. Although that would not really help the ICO in my example here, it would avoid the situation where an FOI request is lost among reams of correspondence on a related matter. I don’t think an amendment of FOIA to this effect has been proposed in the UK, but I’m starting to think it might be a good idea.
This isn’t the most pressing issue facing FOI, and light touch regulation should mean that no one loses too much sleep if a request is inadvertently overlooked, but it is a subject which keeps nagging at me.
I rather suspect I’ve previously advocated against requiring requesters to invoke FOI in a response, and I reserve my right to change my mind again. As Lawrence Serewicz said in his inspiring talk at that PDP Conference, he has very strong opinions, but he holds them very weakly. I like to think I’m the same.
7 responses to “How to overlook an FOI request”
I think people should stop giving the ICO the benefit of the doubt. Whoever is control of the official Twitter account works for the FOI regulator, and the FOI regulator has issued – without any noticeable clamour for it – guidance that FOI requests can be made by Twitter. They have no excuse. Either they simply don’t think the rules apply to them, or the ICO simply isn’t very good as an FOI public authority. I think the former explanation is unlikely, and I’ve seen more evidence for the latter. They also seem incapable of effectively enforcing FOI. Unless they take FOI seriously (in the way I think they take Data Protection seriously), they can’t expect anyone else to.
So, as of day 19 the ICO hasnt replied to a tweet – which yes, as stated above, appears to be a valid request. Tim, your response to this position is to shout that:
“Either they simply don’t think the rules apply to them, or the ICO simply isn’t very good as an FOI public authority”.
Is that really a fair analysis of the situation that has been described? Im not sure it would be a fair comment on day 119, let alone day 19. You appear to be wiping your backside before you’ve been to the toilet on this one.
Also, a little perspective please. I would very much imagine that whoever controls the Twitter account isnt an information rights specialist, so perhaps missing a tweet might not be the biggest crime after all. Perhaps you could reflect on the author’s far more balanced penultimate paragraph in this regard.
Likewise, what’s the problem with issuing guidance stating that Twitter requests are valid? Do you disagree with this premise? In anycase, is the guidance not helpful to public authorities? Or would it really be prudent to wait for a “clamour” for such guidance and then react, as you seem to imply? Would that be taking the legislation as seriously as you wish?
Finally, perhaps a happy medium might be applied to the main focus of the article. Could those who know how to make clear requests not do so voluntarily, via a format that helps everyone? Unfortunately I fear there are too many requestors more concerned with proving points than actually accessing information.
As someone who has made FOI requests to the Commissioner and assisted others to do so, I know that the ICO can be mediocre at handling FOI requests. and sometimes downright awful. Saying they aren’t very good is a masterclass in understatement. They’ve done stuff with my requests that I would never advise the authorities I train to do (and I advocate a more robust approach to dealing with FOIs than many). I think that unless they show a better-than-average approach to FOI, there is a credibility problem. I think the perspective problem is the way so many people want to make excuses for their inability to set a good example and follow their own guidance. But given that their published guidance sometimes contradicts itself, perhaps I should forgive their confusion.
The point about the Twitter FOI guidance is that reacting is a common position for the ICO to take, and yet they came out with the Twitter guidance without Tweeted FOIs being a big issue. So ignoring all of the other issues they could have usefully issued advice on and concentrating on this one should at least have got the message across to the people handling the ICO’s own Twitter account that rigorously following that advice would be a good idea. Everyone in the ICO should at least be information rights aware – you’d expect everyone who works at the HSE to know how to safely place a ladder, wouldn’t you? If Mr Baines has to write a blog post just to get them to do their jobs like anyone else, it says a lot about how seriously they take their guidance and their responsibilities.
I have always thought that a requirement to make an FOI request specific was a good idea :
(a) it avoids any possible misunderstanding
(b) it makes explaining to staff what ‘business as usual’ actually means easier
(c) it means you do not have to worry about ‘information requests’ buried in the middle of a twelve page rant / complaint
(d) it will assist correspondents who did not really want the full weight of FOI applied, just an answer to a simple question. When talking to requesters I often found they where horrified at the amount of work treating a request as FOI might involve just to ensure nothing was missed. Whilst there are ‘vexatious’ people who just want to cause mischief, there are far more who just want an efficient service, and who do not wish to waste precious public resources which they know they are ultimately paying for
I disagree with the proposition that people should have to explicitly mention the FOI Act in order to trigger their rights under that Act. It may make life easier for the public authority if the requester cites the Act, and it may mean the requester’s request is not overlooked, but requiring the requester to mention the Act would reverse one of the underlying principles of the Act.
The information held by a public authority is not the authority’s information: it belongs to all of us, and the authority is only the custodian or steward of the information, who should provide it to the public on request – unless the balance of public interest is that there is good reason not to. (And all exemptions are differently worded public interest tests in the end, even the ones that are absolute: they’re just public interest tests where the legislature has already pre-determined where the balance should lie.)
If it is my information, and I am the ‘principal’, then there should be no onus on me to inform my ‘agent’ that I am exercising my right to the information under a certain enactment. People enjoy rights under the Human Rights Act 1998 and the Data Protection Act 1998 without having to cite them, so why should it be any different for their access to information rights?
Phil’s points are valid, and I agree that it can be helpful – and even in the requester’s own interest – to mention the Act (or EIRs) when seeking information, but amending the Act to require this is a Rubicon that should not be crossed.
Certainly some fair points Tim. But day 19 of a request that was via a slightly awkward (but yes lawful) medium is no time to wheel out whatever wider preconceptions you hold – justified or not.
But if/when the girl who works in accounts at the HSE falls off the ladder filing away the expenses, I’ll look forward to your comments explaining why the entire organisation “Either don’t think the rules apply to them, or…simply isn’t very good as a Health and Safety Executive”.
I don’t think we should go down the “magic words” route for FOI requests – the present situation has many advantages for example a parent making a reasonable request for information from a state school does not need to know that the school is a public authority or even that the Act exists. That is quite a big advantage. Weigh that against the only mentioned disadvantage that a public authority employee misses both an FOI request and an internal review and as a consequence there is a note on the official record explaining what happened (a decision notice against the authority), but no fine.
Overall, I think that not having to say “magic words” is a great feature of the present FOI Act.