Category Archives: Freedom of Information

August 16, 2014 · 6:29 pm

Wacky FOI requests – with serious motives?

Not for the first time the Local Government Association (LGA), an almost entirely public-funded association of first- and second-tier local councils in England and Wales, has produced a press release bemoaning the fact that its members have to deal with “wacky FOI requests”. Peter Fleming, of the LGA’s Improvement Board, is quoted as saying

While the majority of requests to councils are for details of council policy and expenditure, some of the FoI requests received do not relate very closely to the services they are focused on providing every day of the year. Councils are working very hard to keep local communities running as efficiently as possible during these challenging financial times and anything which distracts from that can affect the value for money that taxpayers receive

Examples of “wacky requests” are given, and the implication is very much that the requesters were wasting public money by making them. So let’s have a look at them:

Please list all the types of animals you have frozen since March 2012, including the type and quantity of each animal?
How very wacky. Or is it? Some councils freeze dead dogs and cats found by the roadside so that concerned or distressed owners of lost animals can try to locate them. Maybe that practice is beyond what councils need to do, and it certainly involves public expenditure. What is so wrong with someone wanting to look into the practice by making a relevant FOI request? Indeed, at least one council makes the information available as a dataset.
How many times has the council paid for the services of an exorcist, psychic or religious healer? Were the services performed on an adult, child, pet or building?
How very wacky. However, at least one council has previously been identified as paying an exorcist to remove a poltergeist from a tenancy. If such extraordinary use of public money were repeated elsewhere this would be a scandal, and it doesn’t seem too wrong to make an FOI request to establish if that might be the case.
Please can you let me know how many roundabouts are located within your council boundaries?
How wacky. But, research suggests that optimal use and placement of roundabouts on a highway network reduces delays and accidents, with consequent potentially large savings to the public purse. It seems entirely legitimate to request information like this, perhaps in pursuance of an investigation into whether a council is apportioning its resources properly when it comes to highways management.
What precautions, preparations, planning and costings have been undertaken in the case an asteroid crashes into Worthing, a meteorite landing in Worthing or solar activity disrupting electromagnetic fields?
How wacky. In fact, yes it is, despite what former MPs say. And despite the fact that, yes, I know there is always a risk of asteroidal impact. Move along.
How many holes in privacy walls between cubicles have been found in public toilets and within council buildings in the last 10 years?
How wacky. Not at all: the Home Office itself identifies voyeurism as a form of harassment and anti-social behaviour. Councils have statutory duties to prevent anti-social behaviour. Why is a request about one aspect of this so wacky?
How many bodies are there in mortuaries that have been unclaimed for ten years? How long have these bodies been in the mortuary? How old were they when they died? Is it possible to have the names of these people?
How wacky. Well, bear in mind that local authorities have a statutory duty to pay for burial or cremation of unclaimed bodies in their area. Perhaps a request for this information is aimed at investigating whether the council was saving money by disregarding its duties?
How many people in the town have a licence to keep a tiger, lion, leopard, lynx or panther as a pet?
How wacky. Why? There might be any number of reasons to make this request – councils have statutory duties to ensure that licences to own dangerous animals are only issued subject to rigid and specific conditions. A large number of dangerous animals within one town might point to failings in those duties.
How many requests were made to council-run historic public-access buildings (e.g. museums) requesting to bring a team of ‘ghost investigators’ into the building?
Not wacky (see “exorcism” above).
How many children in the care of the council have been micro-chipped?
How wacky. Well, maybe a bit – I’m not aware of any serious suggestions that this will happen. But there are many concerned – if perhaps deluded – people who think this might already be happening. This request might be odd,but I suspect it was made with the utmost seriousness.

I’m not saying that my speculations about the reasons behind these requests are right. Maybe some of the requests were made for entirely frivolous purposes, or to waste councils’ time and money, but I’m far from convinced that is the case. And, of course, if the requests were entirely frivolous the Freedom of Information Act 2000 contains a provision which enables the authority to dismiss them forthwith. Truly frivolous requests should not cost a council more than a few minutes’ work, and, in my experience, they are rare.

Careful readers will note that I haven’t mentioned the first of the LGA’s examples:

What plans are in place to protect the town from a dragon attack?
How wacky. Yes, boringly, gloom-inducingly unfunnily “wacky”, and thoroughly demolished (while questioning the motives of the council who publicised it) by Tim Turner only a couple of months ago.

There are many serious threats to councils’ revenues, but I don’t accept that FOI is one of them. FOI costs, but it costs relatively little and it has big societal benefits, as the Justice Committee recognised in 2012 when it called it a “significant enhancement of our democracy”. Truly “wacky requests” can be deftly deflected by using the “vexatiousness exemption” of the FOI Act, but let’s not assume that all requests with apparently wacky themes have unserious motives. And – digressing somewhat – let us not forget the LGA is not subject to FOI.

7 Comments

Filed under Freedom of Information, transparency

Tagged as

August 14, 2014 · 8:55 am

ICO refuses to disclose information about “non-trivial data security incident”

In July this year the Information Commissioner’s Office (ICO) disclosed within their annual report that they had themselves experienced

one non-trivial data security incident. The incident was treated as a self-reported breach. It was investigated and treated no differently from similar incidents reported to us by others. We also conducted an internal investigation. It was concluded that the likelihood of damage or distress to any affected data subjects was low and that it did not amount to a serious breach of the Data Protection Act. A full investigation was carried out with recommendations made and adopted.
This got a fair amount of attention, (even I, who rarely have anything to say on such matters, blogged about it) in a way which hadn’t happened when the ICO had reported a similar-sounding incident two years previously. I understand that there were several freedom of information (FOI) requests made to the ICO, and, I notice, they have now published their response, in their disclosure log.
I wasn’t hugely surprised to find that they are totally refusing disclosure. In their statement to me (and others) in July they had said
We are unable to provide details of the breach at this stage, as the information involved is linked to an ongoing criminal investigation
and this remains the position. Some information is exempt because it is the personal data of staff involved, and they do not have a reasonable expectation of disclosure. But primarily they invoke the exemption at section 30 of the FOI Act, which provides in terms an exemption to disclosure if the information is held for the purposes of an investigation to establish whether someone has committed an offence, or which may lead to a decision to bring criminal proceedings. As this is a qualified exemption, the ICO has considered whether the public interest in disclosure outweighs the public interest in maintaining the exemption, and finds that it doesn’t:
It is of the utmost importance that ICO is able to carry out its statutory duty and conduct investigations into potential criminal offences confident that information will not be inappropriately disclosed
However, the ICO have indicated that when the criminal investigation is completed “the ICO will make a clear public statement about what occurred and the action taken”.
As I say, none of this is particularly surprising: when one heard in July that there was an ongoing criminal investigation it was apparent that little further information would emerge until that was complete. We will have to be patient.

Leave a comment

Filed under Freedom of Information, Information Commissioner

Tagged as ,

August 9, 2014 · 4:31 pm

Lay, Laddie, Lay

In which I suggest the Information Commissioner could lay a report at Westminster drawing attention to compliance with time limits under the FOIA Act

The Scottish Information Commissioner (SIC), Rosemary Agnew, this week used the powers available to her under section 46(3) of the Freedom of Information (Scotland) Act 2002 (FOISA) to lay a report before the Holyrood Parliament. The report draws MSPs’ (and others) attention to

the issue of failure [by Scottish public authorities] to respond to information requests, and to stimulate debate about what we can collectively do to address it

The background is that approximately 25% of complaints to Agnew’s office in 2013/14 were about failures to respond to requests for information. Section 46(3) of FOISA permits the laying of reports “from time to time” by the SIC with respect to her functions. It thus confers a broad discretion on the SIC to draw attention to matters of concern to her. The report says

– Many public authorities have shown that it is possible to respond on time to large volumes of requests, but too many authorities are still not doing so. Delays and obfuscation are not only damaging to authorities’ relationships with individual requesters but also Scotland’s reputation for openness and transparency.
– The FOI experience is not consistent for all requesters or types of requesters
– Failure to respond is an issue, but it is not uniform across all Scottish public authorities.  Issues are more acute in some authorities than others

Requesters in the rest of UK experience similar difficulties, and similar lack of consistency, whereby some authorities are exemplary in the timeliness of responses to FOI requests, and some are very poor. As that last link indicates, the rUK Information Commissioner (IC) does monitor authorities for FOI compliance. He has also issued informal undertakings and even on occasions issued enforcement notices against authorities performing particularly poorly. However, what evidence there is does not suggest that this has led to overall improvements. Since 2009 the number of decision notices issued annually by the IC in which section 10 (“time for compliance”) was a factor have been as follows: 223 in 2009, 276 in 2010, 371 in 2011, 227 in 2012, 223 in 2013. These figures represent approximately 25% of all cases. They are not directly comparable with the SIC’s figures (which represent complaints made, rather than decisions notices issued) but they do suggest similar problems both sides of the border.

The IC does have essentially the same powers as the SIC to lay reports before Parliament (under section 49(2) of the Freedom of Information Act 2000 (FOIA)). However he has never exercised this FOIA power (there have been a couple of reports laid relating to data protection concerns). Given the serious concerns expressed by commentators about certain authorities’ attitude to FOIA, perhaps a report to Parliament would be a way of promoting debate – and improved compliance – which regulatory action has, to date, failed to achieve.

Leave a comment

Filed under Cabinet Office, FOISA, Freedom of Information, Information Commissioner

Tagged as ,

July 16, 2014 · 7:17 pm

The days of wine and disclosures

I like FOI. I like wine. Here’s an FOI disclosure about wine.

In the early days of the Freedom of Information Act 2000 (FOI) there were frequent attempts to get the government to disclose detailed information about its wine cellar (see for instance this seemingly interminable request). Eventually, the Information Commissioner got fed up with the lack of FOI hospitality from the Foreign and Commonwealth Office (FCO), who seem to be responsible for this sort of thing, and started issuing decision notices requiring disclosure.

I’m pleased to see that disclosure is now, if not a matter of routine, not resisted by FCO (except for some intriguing little redactions – one wonder if they hide things like “this is the Minister for X’s favourite”). So, we now know that the government has reserves of, for instance, 139 bottles of Latour 1961, with a market value of £321,000. This is the highest value wine, but we (sorry, they) also hold 110 bottles of Chateau Margaux 1983 (market value £15k – not the best vintage, after all). And their Pétrus is only the 1978, but even so, the estimated market value of £250 seems very low.

It’s a shame the dataset isn’t in resuable format, but, we’re all in it together, so I’d invite others to search out some other interesting cellar items. Those Krug ’82 magnums look a steal at £125 a pop…

Leave a comment

Filed under Freedom of Information, Information Commissioner, transparency, Uncategorized

Tagged as ,

July 16, 2014 · 2:58 pm

ICO v ICO?

UPDATE: 16 July 2014 – in the comments to this piece the ICO adds some further details on the “non-trivial” incident: “We are unable to provide details of the breach at this stage, as the information involved is linked to an ongoing criminal investigation.”

The ICO had a “non-trivial” data security incident last year. Can it “fine” itself? Will/has it?

There was an interesting teaser in the Information Commissioner’s Annual Report. As The Times reports

Christopher Graham, the Information Commissioner (ICO), revealed yesterday that his office had suffered a “non-trivial data security incident” within the last 12 months, which prompted a full internal investigation

The ICO, of course, processes personal data and in doing so assumes the role of the data controller (according to section 1(1) of the Data Protection Act 1998 (DPA)). It also assumes the obligation to comply with the data protection principles, and the liability for contravening them. In 2012 the ICO responded to a Freedom of Information Act 2000 (FOIA) request for its “data breach log” with a document that showed admirable commitment to recording even the smallest of potential data security incidents (“person taking photographs outside building”, “theft of small amount of money”). In that instance there were two incidents identified as “high risk”, but the ICO declined to provide information, and the requester, it seems, did not pursue the matter.

This time, with national media picking the story up, the matter may be pushed further. At the moment the ICO is apparently declining to offer any further comment to the media, advising The Times that

You will have to fill out a freedom of information request

which doesn’t really sit that well with their normal commitment to transparency.

But to what extent can or should the ICO investigate its own compliance with the DPA? The Act does not provide for any derogation for the ICO from its obligations, and nor does it provide for any alternative to “self regulation”. Nor, moreover, does it appear to provide for any delegation to a third party to investigate. When it deals with complaints about its own handling of FOIA requests it habitually issues decision notices about itself (sometimes even finding against itself). It does this by distinguishing between “the ICO” (the entity dealing with the request) and “the Commissioner” (the entity dealing with the complaint). I would imagine that a similar nominal separation would be used if it came to formal enforcement action being contemplated in response to a data security incident.

I emphasis the word “if” in the previous sentence, because, although The Times says

The ICO, which can levy fines of up to £500,000 for data protection breaches, did not disclose whether it had fined itself for the breach

it is clear in fact that no such enforcement action resulted in this instance. This is clear because, firstly, the ICO’s own Monetary Penalty Guidance says that any monetary penalty notice (for which “fine” is a convenient, if not strictly correct, shorthand) will be published on its website. None has been published (believe me – I check these things very regularly). And secondly, and more fundamentally, the ICO’s report says that the incident in question

did not amount to a serious breach of the Data Protection Act [emphasis added]

By section 55A a monetary penalty can only be served for a serious contravention of the data controller’s obligations under the DPA. If the incident was not a serious contravention, the statutory threshold for a monetary penalty is simply not met. So, regardless of what other information about the incident might be winkled out of the ICO, we are not going to have a story of “ICO fines ICO”.

However, on a final point, I note that the ICO expects data controllers to report serious data security incidents to the ICO. So the question arises – did the ICO report this to the ICO, or did the ICO assess this as not serious enough to refer to the ICO?  How did the ICO get to know? Could it have been a leak by the ICO? Or even by the ICO? These questions deserve answers*.

*no they don’t

8 Comments

Filed under Data Protection, enforcement, Freedom of Information, Information Commissioner, monetary penalty notice

Tagged as , ,

July 3, 2014 · 4:23 pm

A green light for publishing FOI requesters names? I hope not

The Information Commissioner’s Office (ICO) today issued a statement about the data protection implications of public authorities publishing the names of people who have made requests under the Freedom of Information Act 2000 (FOIA). It was issued to journalist Jules Mattsson (it may have been issued to others) and I credit him for pursuing it. It arose out of concerns expressed on Twitter yesterday that a council had uploaded a disclosure log in which the names of requesters were unredacted*.

When the Justice Committee undertook its post-legislative scrutiny of FOIA in 2012 it made a recommendation (¶82) that names of requesters be published in disclosure logs

it can be argued that someone seeking to exercise freedom of information rights should be willing for the fact they have requested such information to be in the public domain; we therefore recommend that where the information released from FOI requests is published in a disclosure log, the name of the requestor should be published alongside it

But this was rejected by the government in its response to the report (¶25)

The Government does not share the view that publishing the names of requesters in disclosure logs would be beneficial in terms of burdens. Such a move would have implications for the data protection of requesters..

 Tim Turner blogged in his usual meticulous style on these data protection implications yesterday, and I am not going to rehearse the points he makes. Indeed, the ICO in its statement more or less agrees with Tim’s comments on fairness, and necessity, when it comes to the publication of requesters’ names

Individuals who make…requests must have their details handled fairly. Many people who have made a request would not expect to have their name linked to published details of the request they have made. If a public authority is considering publishing this information then they must consider why publishing the requester’s name is necessary/ While there is a need for authorities to be transparent about the [FOI] process, in most cases this would not extend to releasing people’s name simply to deter requesters

There then follow some (correct) observations that journalists and politicians might have different expectations, before the statement says

At the very least people should be told that their details will be published and given the opportunity to explain to the council why their name should not be disclosed. If having raised it with the authority a person is not happy with the way their details have been handled then we may be able to help

So what the ICO appears to be doing is agreeing that there are data protection implications, but, as long as authorities give requesters a privacy notice, announcing that they’re not going to do anything (unless people complain). It’s not often I take issue with the excellent Matt Burgess, who runs FOI Directory, but he claims that “the ICO has criticised the Council”. With respect, I don’t see any targeted criticism in the ICO’s statement, and I fear some public authorities will see it as a green light to publishing names.

As source does inform me that an ICO spokesman has said that they are going to be in touch with the council in question, to find out the full details. However, I wonder if the statement shows an approach more in line with the ICO’s new, largely reactive (as opposed to proactive), approach to data protection concerns (described on my blog by Dr David Erdos as having worrying implications for the rule of law), but I fear it risks the exposure of the personal data of large numbers of people exercising their right to information under a statutory scheme which, at heart, is meant to be applicant-blind. As the ICO implies, this could have the effect of deterring some requesters, and this would be, in the words of the always perceptive Rich Greenhill, a type of reverse chilling effect for FOIA.

 *I’m not going to link to the information: I don’t think its publication is fair. 

 

 

UPDATE: 05.07.14

The Council appears to have taken the information down, with Jules Mattsson reporting on 3 July that they are reviewing the publication of requesters’ names.

6 Comments

Filed under Data Protection, Freedom of Information, Information Commissioner

Tagged as , ,

June 30, 2014 · 4:02 pm

What’s so foolish about FOI?

The television presenter Phillip Schofield took to Twitter recently to draw attention to a Freedom of Information (FOI) request to Avon and Somerset Police. He did so because the request had asked about the cost to the force of Mr Schofield’s attendance at an open day.

Message to Tom Hodder .. No Fee!! My bro works for the police, it was a family day out!

I’ve no problem with his drawing attention to it, nor with his naming the person, but I thought it was rather unpleasant that he chose to use the hashtags #WastingPoliceTime #Fool. As Mr Schofield, and the response on WhatDoTheyKnow.com, say, the cost was nil, but I don’t suppose Mr Hodder was to know that: Mr Schofield was described on his own employer’s site as having been invited to attend, and he promotes himself as someone for hire for “personal appearances”. I didn’t know Mr Schofield’s brother works for the police, and I suspect Mr Hodder didn’t either.

Wasting Police Time is a term used to describe a criminal offence. What Mr Hodder was doing was exercising his statutory right to ask a public authority for information (in this instance about the expenditure of public funds), and I see nothing wrong in what he asked (nor, indeed, in the response by the police. I am sure Mr Schofield wasn’t seriously suggesting the commission of a criminal offence, but his use of the term, and the epithet “fool” seem mean-spirited. And, of course, as he might have expected, many of his fans jumped to his defence and to verbally attack Mr Hodder.

All this seems rather ironic when one considers Mr Schofield’s involvement in 2012 in another “transparency” story. This was when he confronted the prime minister with a list of alleged child sex abusers which he had found online, but which he failed to shield from the studio cameras – a stunt which Jonathan Dimbleby described as “cretinous”. This led to his employer having to pay the late Lord McAlpine (whose name was on the list) £125,000 to settle a defamation claim. Even the apology which followed the incident had a mean-spirited air about it, when Mr Schofield appeared to blame the cameraman.

Mr Schofield has one of the largest followings on Twitter (2.99 million, at the time of writing). People with that sort of following carry some responsibility, and if they criticise named individuals they should do so fairly. I think it would be in order if he apologised to Mr Hodder.

 

 

2 Comments

Filed under Freedom of Information, police, social media

Tagged as ,

June 25, 2014 · 6:24 pm

Wading through the rules: fairness for litigants in the Information Tribunal

Any judicial system needs to have rules to ensure effective and efficient case management: failure to do so risks delays, backlogs and, ultimately, breaches of natural justice and Article 6 Convention rights. Thus, we have the civil, the criminal, and the family procedure rules, and, within the tribunal system, the 2008 Upper Tribunal Rules, and a whole host of First-tier Tribunal Rules (the ones relating to Information Rights cases are the General Regulatory Chamber Rules 2009 (TPR)). In addition, there are Practice Notes (such as one for “Closed Material in Information Rights Cases”) and a range of forms and guidance.  There are even specific “Guidance notes for individuals representing themselves in freedom of information appeals in the general regulatory chamber of the first-tier tribunal” (which I shall call the “LiP Guidance” (with LiP meaning Litigant in Person)). (Interestingly, the only copy of this I can find online is hosted on a third party site.)

For such litigants in person, these sources of rules and guidance (and the navigating of them) are essential but complicated. A neat illustration of this point comes in a recent judgment of the Upper Tribunal on a Freedom of Information Act 2000 (FOIA) case.

In the First-tier Tribunal (FTT) a Mr Matthews had sought to appeal the Information Commissioner’s (IC) decision notice  that the Department for Business, Innovation and Skills (DBIS) didn’t hold the majority of information sought about the tendering process for the delivery of marketing workshops from Business Link West Midlands, and that what it did hold was exempt from disclosure under section 40(2) of FOIA. Mr Matthews, referring to the LiP Guidance (at paragraph 16) asked for, and expected, an oral hearing.

However, in responding to the notice of appeal, the IC applied successfully, under rule 8(2)(a) of the TPR to “strike out” one ground of appeal, and under rule 8(3)(c) to “strike out” the remainder.

Lawyers, and those who deal in this subject regularly, recognise that to “strike out” all grounds of appeal means the appeal is no more. But others might sympathise with Mr Matthews, who did not have any help on this matter from the LiP Guidance, and who, when asked by the Upper Tribunal judge, explained that what he had thought it meant was

that the way in which he had written his grounds out may be stuck through or altered, or sent back to him to change, but that the appeal itself would continue

So, we have Mr Matthews, still expecting an appeal with a hearing, but getting neither.

But was he entitled to a hearing, not of his substantive appeal, but to determine whether his appeal should be struck out? This was what was, in the main, at issue in the Upper Tribunal.

Rule 32(3) of the TPR says that the general rule that the FTT must hold a hearing before disposing of an appeal need not apply when deciding whether to strike out a party’s case. It does not preclude a hearing, though, but, rather, leaves it to the FTT’s discretion. In this instance the Upper Tribunal judge decided that the FTT erred in law in not exercising its discretion to hold a hearing and, alternatively or additionally, for failing to give any reasons for not holding a hearing.

Accordingly, the case is remitted to the FTT for it to hold an oral hearing of the strike-out application.

This might seem a very convoluted and unimportant judgment, but it shows the Upper Tribunal is alive to the difficulties faced by lay self-represented litigants in what should be more of an inquisitorial, rather than adversial, system. And it shows, as have other cases before it (see for instance Dransfield v IC & Devon Council, and IICUS v IC & BIS & Ray) that the Upper Tribunal is not unwilling to remit cases to the FTT on grounds of procedural unfairness.

3 Comments

Filed under Freedom of Information, Information Commissioner, Information Tribunal, Upper Tribunal

Tagged as

June 12, 2014 · 1:44 pm

The Ministry of Poor Record Keeping?

If the Ministry of Justice really can’t search the text of emails for information, how can it comply with the FOI Code of Practice on Records Management?

In performing his functions under the Freedom of Information Act 2000 (FOIA) the Information Commissioner (IC) must promote the observance by public authorities of codes of practice issued under section 45 and section 46 of FOIA. Section 46 provides for a code of practice to be issued by the Lord Chancellor as to desirable practice for public authorities for the keeping, management and destruction of their records. A code was duly issued by the then Lord Chancellor Lord Irvine in 2002.

So, when deciding whether, for instance, a public authority has complied with its obligations under part 1 of FOIA (i.e. has it properly responded to a request for information?) the IC should, I submit, take into account where necessary whether the authority is complying with the Records Management Code.

With this in mind, consider the Ministry of Justice’s (MoJ) reported response to an FOI request for any mentions on its systems of the Howard League for Penal Reform. As Ian Dunt reports, the MoJ said that

On this occasion, the cost of determining whether we hold the information would exceed the limit set by the Freedom of Information Act

I have seen the MoJ response in question, and I accept that it is legitimate for a public authority to refuse to disclose information if the costs of determining whether it is held exceeds the limit prescribed by regulations (although authorities have an obligation under section 16 FOIA to advise and assist applicants as to how they might reframe their request to fall within the cost limits, and the MoJ have failed to do this). However, while the response refers to a necessity to search paper records, it also says

A manual search is required as central search functions (for example, those on email systems) would not identify all correspondence  – for example, if the Howard League for Penal Reform was mentioned in the body of the text

This appears to suggest, as Ian says, that “they can only search electronically for the headline of an email, not the body of a message”

If this is true (which seems extraordinary, but one is sure it must be, because intentionally to conceal information which otherwise should be disclosed under FOIA is an offence) it would appear to be contrary to the desirable practice in the Records Management Code, which says that

Records systems should be designed to meet the authority’s operational needs and using them should be an integral part of business operations and processes. Records systems should…enable quick and easy retrieval of information. With digital systems this should include the capacity to search for information requested under [FOIA]

It would be most interesting if the Howard League were to refer this to the IC for a decision. The IC rarely these days mentions the Records Management Code, but as the Code itself says

Records and information are the lifeblood of any organisation. They are the basis on which decisions are made, services provide and policies developed and communicate

Not only does poor records management affect compliance with FOIA (and other legal obligations), but it is not conducive to the reduction of back-office costs, developing new ways of working, and driving economies of scale (all things, of course, which the current Lord Chancellor prays in aid of his potentially devastating changes to legal aid provision).

p.s. As @Unity_MoT points out on twitter, if the MoJ struggles to search its systems to respond to FOIA requests, how does it undertake searches for responding to subject access requests under section 7 of the Data Protection Act 1998? See e.g. page 17 of the IC Code of Practice on Subject Access:

Not only should your systems have the technical capability to search for the information necessary to respond to a SAR, but they should also operate by reference to effective records management policies

 

Leave a comment

Filed under Freedom of Information, Information Commissioner, records management

Tagged as ,

June 9, 2014 · 3:08 pm

ICO’s power to refuse to decide cases is rarely used

The “filter” of section 50(2)(c) of the FOI Act allows the Information Commissioner to refuse to make a decision on frivolous or vexatious applications. It is rarely used. What an exciting intro to a blog post eh?

The First-tier Tribunal (Information Rights) (FTT), recently refused an application by Leeds City Council for an award of costs against a requester whose requests had been held by the Information Commissioner (IC), and the FTT itself, as vexatious under section 14(1) of the Freedom of Information Act 2000 (FOIA). Alistair Sloan has blogged about the decision itself, and I would commend his piece to readers, but an observation by the judge led me make an FOI request of my own.

After noting that

it must be possible, depending on the circumstances, for the maker of a request regarded by everyone else as vexatious, to defend his or her position on that point without automatically being treated under the costs Rules as behaving unreasonably

the judge adverted to section 50(2)(c) of FOIA. This permits to IC to not make a decision whether a public authority has complied with its FOIA obligations if the application for the decision is itself “frivolous or vexatious”. (This must be distinguished from a decision as to whether the original FOI request to the public authority was, pursuant to section 14(1), vexatious). It gives the IC an exception to the general requirement to make a formal decision on all cases where the applicant asks for one. The judge said

it is right to remember the protections which already exist for public authorities in the context of vexatious requests or hopeless appeals. Before a right of appeal is even a gleam in the Tribunal’s eye, there must be a complaint to the Information Commissioner (ICO). If the complaint to the ICO appears to be “frivolous or vexatious,” then there is no need for him even to make any decision appealable to the Tribunal. See Section 50(2) FIA

but then went on to note that he was

not aware of any published information about the extent to which the ICO makes use of this important provision.

 Ever keen to help our judiciary, I asked the IC, via What Do They Know. With admirable promptness they disclosed to me that, in the years for which records are retained (2007 onwards), the IC has declined to serve a decision notice because he considers the application vexatious or frivolous only 18 times (which breaks down into 16 frivolous and 2 vexatious).

Clearly, the IC considers this exceptional power to be just that – one that should be used only in exceptional cases, and maybe its use in 0.3% of cases accords with that. But in my research for this piece I did dig up again the IC’s submission to the Justice Committee for the latter’s 2012 post-legislative scrutiny of FOIA, and I noticed that there was this comment

For some reason Parliament made a distinction between this provision [section 50(2)(c)] and that in section 14(1) applying to requests to public authorities.

This strikes me as odd. It is quite clear that there is an important distinction between a vexatious request to a public authority and a frivolous or vexatious application for a decision. A requester could make a request to a public authority which was not in any way vexatious, yet choose to pursue the matter by applying for a decision in a way that made that application frivolous or vexatious. And it seems to me that this was what Judge Warren in the FTT was alluding to, and why it would be highly unusual – and potentially oppressive – to award costs against someone appealing a refusal of a vexatious request. Rule 10(1)(b) of the relevant tribunal rules does allow for the award of costs for unreasonably bringing (as opposed to conducting) the proceedings, but the availability of the filter of section 50(2)(c) FOIA should mean that it would be extraordinarily unusual for such an award ever to be made.

A final observation from me. The wording of section 50(2)(c) seems to make it clear that, as the IC would make no decision in a case where the application is frivolous or vexatious, then no possible right of appeal to the FTT could exist (and, therefore, judicial review would be the only legal remedy available). This would be in contrast to cases such as Sugar and (currently at case management stage in the Upper Tribunal) Cross v IC  where what is at issue is whether a decision by the IC that an organisation is not a public authority for the purposes of FOIA constitutes an appealable “decision”.

Leave a comment

Filed under Freedom of Information, Information Commissioner, Information Tribunal, judiciary, vexatiousness

Tagged as ,