September 26, 2024 · 6:12 am

Can a nullity be deemed a legal notice?

[reposted from LinkedIn]

I wrote recently about the fact that the Information Commissioner’s Office appeared to have served countless decision notices under section 50 of the Freedom of Information Act 2000 on the wrong legal person:

Someone recently made an FOI request to ask why the Commissioner had changed… terminology, because some decision notices are addressed to, say, the “University of Exeter”, while others are addressed to the “Governing Body of the University of Exeter”. The answer given by the Information Commissioner’s Office is that was not a change of approach, but, rather, that the examples of the former were “due to an error.”

Obviously I’ve not had any response to that from the ICO, and didn’t really expect one. But I do note a recent Information Tribunal case where the ICO argued that the Tribunal did not have jurisdiction to hear an appeal from a decision notice, because the ICO had discovered it had been served on the wrong body, and it was therefore a “nullity” – it wasn’t, and never had been a proper legal notice:

the IC submitted the DN was served upon [Harrogate Integrated Facilities Ltd] a trading name of [Harrogate Healthcare Facilities Management Ltd] and that [the latter] was the correct legal entity upon which the DN should have been served. As the DN was not served upon the correct public authority it should be deemed a nullity. An application was made to strike out the appeal under 8(2)(a) of the Rules due to lack of jurisdiction in relation to the proceedings.

Interestingly, although the Tribunal did not dispute the fact that the notice had been served on the wrong person, it skirted over (or, rather, avoided totally) the “nullity” submission. Instead, the Tribunal decided that it would itself “deem” the notice to have been served on Harrogate Healthcare Facilities Management Ltd (rather than on the wrong entity).

The Tribunal’s reasoning is sound on a common sense approach (they noted that if the proceedings were struck out the ICO would then just serve an identical notice on the correct body, and the whole process would need to restart, which would involve a disproportionate use of resources). However, it seems to me very dubious from a legal point of view, and there may be strong grounds to argue that its decision to treat what was argued to be a nullity as a decision notice for reasons of expediency (and not dealing with the nullity point) was ultra vires.

It will be interesting to see if the ICO appeal. Especially as if they do, it may open up a floodgate of other cases which – on their submission – might also be nullities.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

3 Comments

Filed under FOIA, Information Commissioner, Information Tribunal, rule of law

Tagged as ,

September 21, 2024 · 10:32 am

Exempt from FOI? Hoyle say it is

[reposted from LinkedIn]

Although the Information Commissioner’s Office is tasked with enforcing the Freedom of Information Act 2000, the Act contains some provisions which have the effect of ousting the ICO’s jurisdiction. A little-seen one appears in a recent decision notice about a request to the House of Commons for information and correspondence in relation to events at the controversial Opposition Day Debate on 21 February 2024. Much of the controversy turned on the actions of the Speaker of the House, Sir Lindsay Hoyle, who later apologised.

Section 34 of FOIA creates an absolute exemption (i.e. not subject to a public interest test) if the exemption is required for the purpose of avoiding an infringement of the privileges of either House of Parliament. But section 34(3) goes further, and says that

A certificate signed by the appropriate authority certifying that exemption…is, or at any time was, required for the purpose of avoiding an infringement of the privileges of either House of Parliament shall be conclusive evidence of that fact.

Such a certificate closes things down: it is not open to the ICO (or a court) to say “we disagree – the exemption is not required to avoid informing the privilege of House Houses”.

All very interesting, and the decision notice is still worth reading, to see how it all works.

But, who, you might ask, is the “appropriate authority” who signed this certificate?

Well, dear friends, section 34(4) FOIA says that, when the privilege of the Commons is at issue, the appropriate authority is the Speaker of the House – a certain Sir Lindsay Hoyle MP.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, FOIA, Freedom of Information, Information Commissioner, parliament

Tagged as , ,

September 4, 2024 · 7:57 am

Gender critical beliefs not relevant in determining whether FOI request was vexatious

[reposted from LinkedIn]

The holding and expression of gender critical beliefs was not valid evidence for LNER to take into account in determining that an FOI request was vexatious.

Can a public authority take into account a requester’s public comments elsewhere, when considering whether a request is vexatious under s14 of the Freedom of Information Act 2000, in circumstances where the comments are expressions of a belief, the holding of which is a protected characteristic under the Equality Act 2010? The answer, says the Information Commissioner’s Office, in a well-argued decision notice, is “no” – however much the authority might disagree with the expressions.

The request was to London North East Railway (a company wholly owned by the Department for Transport), and therefore a public authority for the purposes of FOIA), and was for information about the process and costs of decorating a train in Pride colours, the processes for selecting train designs more generally and about plans for future designs.

LNER refused the request as vexatious, and justified this to the ICO on grounds including the content of social media posts by the requester

have demonstrated views that indicate a bias against transgender individuals, [that complying could lead to] harmful discourse and cause distress to our transgender employees and the people that the Pride train represents [and that the requester’s] focused questions on binary sex divisions and the specific targeting of a Pride-themed train…indicates a shift toward a disruptive agenda rather than an informational one.

In response, the requester

accepted that she had a binary view of sex, but…that this was a protected belief [citing Forstater v CGD]

LNER had therefore, in her view,

unlawfully discriminated against her because it had refused to provide information, that she would otherwise have been entitled to receive, due to her beliefs.

The ICO ruled that LNER had been entitled to take “a holistic view of the request” and nothing in principle had prevented it taking account of social media posts. However

the question of vexatiousness does not turn on what the complainant’s beliefs are, or are not. Nor whether she is, or is not, entitled to those beliefs

The question was “whether the request had a serious purpose and value” – here, it did – and whether that was outweighed by factors pointing towards vexatiousness. The ICO found that it was not:

the complainant’s motivation may well have a grounding in her beliefs, but the public authority has not demonstrated that she has made the request just to be disruptive, or just to target individual. Nor has it demonstrated that it would be subject to an unjustified burden if it were to respond to the present request

The right to information under FOIA is a species of the Article 10 ECHR right to receive and impart information. This is an important decision by the ICO on the extent of the right.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Equality Act, FOIA, Freedom of Information, human rights, Information Commissioner

Tagged as , ,

September 3, 2024 · 7:03 am

CCTV and commercial property leases

[reposted from LinkedIn]

There is a minor, but interesting, data protection point in this judgment on a dispute between a landlord and commercial tenant about a lease.

The claimant was a dentist who had become suspended and therefore could not practise as a fully registered dentist in accordance with the terms of the lease. The dispute was about whether she had done so, and, if so, whether the court should grant relief from forfeiture (it did, on the facts).

The claimant also sought and was granted a declaration, in relation to the landlord’s siting of internal CCTV cameras, “that the processing of the claimant’s data by the defendant is unlawful and breached the provisions of the Data Protection Act 2018 and the regulations [sic] relating thereto”. 

The evidence was that “a CCTV camera was installed by the defendant by being affixed to the door frame above the entrance to the toilets in the building, on the same floor as the room let to the claimant, pointing at the stairs and the door to the claimant’s…premises”. Although the defendant landlord claimed that “the CCTV was placed there for the legitimate purpose of monitoring those going to the building’s toilets”(!), the judge did not accept that: “as it was placed, [it] had a distinct view of the entrance to the claimant’s room, and, when it was opened, into the room itself. There is no real reason why it could not have been so positioned to exclude that, or why indeed it could not have been located to point in the opposite direction to monitor those coming out of the toilet area door[!]… it was an attempt to monitor who was attending the claimant’s room and its use.”

Unfortunately, the judge does not appear to have made findings as to what precisely were the infringements of the data protection law (one notes that the declaration was sought only in respect of the claimant’s own data, and not of those attending her premises, but the finding appears to be in respect of both). 

So, as I say, a minor point, but interesting. Landlords, even in commercial property agreements (and disputes arising), should not simply assume they have the right to place CCTV on their property in such a way as it infringes the data protection rights of individuals using the property (whether they be tenants, employees of tenants, or the tenant’s visitors).

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

2 Comments

Filed under CCTV, Data Protection, judgments, property dispute, Uncategorized

Tagged as ,

September 2, 2024 · 3:49 pm

Department for the Economy (Northern Ireland) v Information Commissioner and White (GIA/85/2021)

I wrote recently about the fact that a judgment in the Upper Tribunal, which the Information Commissioner cites in guidance, was not publicly available anywhere. The ICO had refused to disclose it in response to a Freedom of Information Act request and suggested the requester ask for a copy directly from the Tribunal.

I don’t know if the requester did, but I thought it would be helpful to do so, and upload it here. (Kudos to the Tribunal for the swift, helpful reply.)

I’m also going to contact Bailii, and see if they might host a copy as well.

GIA-85-2021.pdfDownload

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Environmental Information Regulations, FOIA, Freedom of Information, Information Commissioner, Open Justice, Upper Tribunal

Tagged as , ,

August 31, 2024 · 7:41 am

JR judgment, and the lack of third party rights under FOIA

[reposted from LinkedIn]

The Freedom of Information Act 2000 (FOIA) confers rights on those requesting information, and obligations on public authorities (it also confers duties and powers on the Information Commissioner). What it does not do is confer any rights on someone whose information is held by a public authority and requested to be disclosed: if someone asks for that third party’s information and the public authority discloses, or is minded to disclose, the third party can do little or nothing to stop it.

That appears to be illustrated by a case in the High Court of Northern Ireland. I say “appears” because there doesn’t seem to be a judgment yet, and so I’ve had to piece together what seems to have been at issue.

FOIA requests were made by three unionist MPs to the Legal Services Agency (LSA) for funding for legal cases brought by victims’ campaigner Raymond McCord. It appears that the LSA proposed to disclose the information, and Mr McCord (because he has no rights as a third party under the FOIA regime itself) brought judicial review proceedings to prevent disclosure.

According to the media reports, those proceedings have failed, with the judge saying

There is a legitimate public interest in the openness and accountability of the LSA as a public authority responsible for the expenditure of substantial public funds…[Mr McCord’s] contention that he is a private individual sits uneasily with his own description as a ‘peace campaigner’ and his various interviews with the media, including when he challenged the public claims made by Mr Allister about the appropriateness of him being granted legal aid…Self-evidently, the applicant has injected himself into the public discourse on a number of high-profile cases which are of obvious and manifest interest to the public. This is particularly so in relation to Brexit litigation.

It also appears that at some stage the ICO was involved, and indicated its view that disclosure would “likely be unfair and unlawful”. I imagine that this was because Mr McCord made a data protection complaint. In any event, the ICO said that its view was not legally binding (an interesting side note: could the ICO have issued an enforcement notice under section 149 of the Data Protection Act 2018 to prevent a public authority releasing personal data under FOIA?)

This issue of “third party rights” (or lack thereof) under FOIA is a very interesting one. The section 45 Code recommends that public authorities consult with third parties where necessary, and have regard to their representations, but this still doesn’t confer a direct right.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Data Protection, FOIA, Freedom of Information, Information Commissioner, judgments, judicial review, personal data

Tagged as , ,

August 30, 2024 · 6:40 am

FOI performance data – and some suggestions

In the last couple of years the approach by the Information Commissioner’s Office (ICO) to Freedom of Information Act 2000 (FOIA) regulation and enforcement has greatly improved. Kudos to the Commissioner, John Edwards, Warren Seddon, Director of Freedom of Information and Transparency and all the other people who’ve contributed to the improvement.

But what the increased focus on public authorities’ performance is showing is how poor, in many cases, it is: in particular, many public authorities are failing – whether through lack of resource, or lack of concern (or a combination of both) – to comply with statutory and guideline timescales for compliance. It’s evident that more could (and should) be done.

Parts 8.5 and 8.6 of the 2018 Code of Practice, issued by the Cabinet Office under section 45 of FOIA, says that public authorities with over 100 Full Time Equivalent (FTE) employees should, as a matter of best practice, publish on a quarterly basis, details of their FOIA compliance. The information should include:

The number of requests received during the period;

The number of the received requests that have not yet been processed;

The number of the received requests that were processed in full (including numbers for those that were met within the statutory deadline, those where the deadline was extended and those where the processing took longer than the statutory deadline);

The number of requests where the information was granted in full;

The number of requests where the information was refused in full; The number of requests where the information was granted in part and refused in part;

The number of requests received that have been referred for internal review (this needs only reporting annually).

Such statistics were meant to extend to the wider the public sector the performance data reporting by central government.

However, six years on, in my experience and to my knowledge, very few public authorities who are meant to be doing this are in fact doing so – including, as far as I can ascertain, the ICO itself.

I have three suggestions.

  1. The ICO should start to compile and publish this information (if it doesn’t lead by example, it can hardly criticise other public authorities for failing to publish).
  2. The ICO should write an open letter to all public authorities with more than 100 FTE staff, asking them to write to the ICO advising whether they are complying with parts 8.5 and 8.6 of the Code, and if they are not, whether they are taking steps to. (I bear in mind that the ICO will not know which public authorities have not than 100 FTE staff, which is why it might need to be an open letter). In the event of future FOI complaints about performance, the ICO could then have regard to whether or not (or how) a public authority had responded to the open letter.
  3. If – as I suspect – there is, or comes to be, a widely held view that the requirements of parts 8.5 and 8.6 of the Code are too onerous for many public authorities, then consideration should be given by the Cabinet Office, in consultation with the ICO, to issuing a new/revised Code (section 45 empowers the Minister for the Cabinet office to issue, or revise, the Code “from time to time”).

It can be in no one’s interests – not public authorities’, not the ICO’s and not the public’s – to have a Code of recommended good practice which is simply ignored by many. If it’s ignored because its requirements, if followed would impose too great a burden, then get the thing changed. But – also – make sure that any revisions still address the need for better data on performance than currently exists.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

2 Comments

Filed under Cabinet Office, FOIA, Freedom of Information, Information Commissioner, section 45 code

Tagged as ,

August 30, 2024 · 3:48 am

Pseudonymous FOI requests are not valid requests

[reposted from LinkedIn]

For a request for information under the Freedom of Information Act 2000 to be a valid one it must, under section 8, be in writing, describe the information requested and state “the name of the applicant” and an address for correspondence.

Does the name have to be the person’s real name?

“Yes”, says Judge Griffin (uncontroversially) when striking out an appeal to the First Tier Tribunal.

In the case, a person purporting to be “Simon Shannon” had made a (purported) request for information to the Civil Aviation Authority, which was partly refused, on the basis that the specific information was not held. “Simon Shannon” then made a (purported) complaint to the Information Commissioner’s Office who issued a (purported) decision notice upholding the refusal.

“Simon Shannon” then brought a (purported) appeal before the Tribunal. In his application he listed his address as “The Houses of Parliament”. This led the ICO to ask the Tribunal to direct that “Simon Shannon” give his real address. This then led to “Simon Shannon” applying to have the purported appeal struck out and for permission to lodge a new appeal in the name of Thomas Deacon – his real name.

The problem with this was, the judge pointed out, that as s8 FOIA requires that a request state “the” name of the applicant, rather than “a” name, this means that a pseudonym will not suffice, and a request made in the name of a pseudonym, as had been the case with “Simon Shannon”, was not a valid request. And there is a reason this matters:

“When an applicant uses a pseudonym to make a request to a public authority
that authority is deprived of the opportunity to consider whether those parts
of the Act [such as when considering whether requests are vexatious, or whether aggregated costs of two or more requests exceed the appropriate limit] to which the applicant’s identity is relevant apply to the request.”

It followed that, as the request was not a valid request, the ICO “unknown to him, had no power to consider a complaint under section 50 of the Act, nor to issue a decision notice”. And it further followed that the Tribunal had no jurisdiction – it could not simply permit the appeal to be remade in the person’s real name, because there was no ICO decision capable of being appealed.

None of this is especially new to FOI practitioners and lawyers, but the judgment is a clear and helpful explainer of the issues.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, FOIA, Freedom of Information, Information Commissioner, Information Tribunal, pseudonym

Tagged as , ,

August 26, 2024 · 8:00 am

Closed justice and the EIR

[reposted from LinkedIn]

The Upper Tribunal is an appellate court: its judgments create precedent, under the doctrine of stare decisis. For that reason, one might think that all of its judgments would be published – particularly ones that are cited by a regulator in its guidance. But that’s not the case.

The Information Commissioner’s Office (ICO) refers to an Upper Tribunal judgment – Department for the Economy (Northern Ireland) v Information Commissioner and White (GIA/85/2021) – in its guidance on the Environmental Information Regulations, but the judgment has never been openly published online (it’s possible one of the various paid-for online legal libraries has it – I haven’t checked).

The lack of easy access to judgments and other court documents in general (not just those in the Upper Tribunal) is one that has understandably exercised people for a number of years. Things have got much better in recent years, and the work of BAILII (British and Irish Legal Information Institute) and of people like Lucy Reed KC, Judith Townend and Paul Magrath at The Transparency Project has been key in advancing this core constituent of the principle of open justice. But there are still huge amounts of case law which are not readily available to the public.

For this reason I was struck by the ICO’s response to an FOI request for a copy of the judgment that they rely on to justify their own approach to the law. They point out to the requester that the only copy of the judgment they hold is a signed one from the court, and that it was “not intended for publication or wider disclosure”. They refuse to disclose it in reliance on the absolute exemption at section 32 of the Freedom of Information Act 2000 (FOIA) for information created by a court. What they don’t consider is – despite there being an exemption engaged – whether to exercise their discretion not to rely on it. In the circumstances, this would seem an obvious thing to do.

In fact, as the judgment is about the Environmental Information Regulations 2004, and it is used by the ICO to support its guidance on those regulations, it seems clear that the ICO should have dealt with the request also under the regulations. As they do not have an equivalent exemption to section 32 of FOIA, I cannot see the grounds for non-disclosure.

Instead, they suggest the requester asks for a copy from the Tribunal directly. Much better, and public-spirited, I would have thought – if they felt they shouldn’t or couldn’t directly disclose – would have been for the ICO to seek the permission of the Tribunal to disclose (or even better, to nudge the Tribunal to get it uploaded at https://www.gov.uk/administrative-appeals-tribunal-decisions).

The upshot of all this is that – regardless of whether the original requester does so – I’m going to contact the Upper Tribunal to ask for a copy, and when I get it, I’ll upload it to my personal blog. But I’m not convinced that’s really how open justice should operate.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

2 Comments

Filed under access to information, Environmental Information Regulations, FOIA, Freedom of Information, Information Commissioner, Open Justice, Upper Tribunal

Tagged as , , ,

August 25, 2024 · 9:36 am

Countless erroneous FOI decision notices

[reposted from LinkedIn]

Under section 50 of the Freedom of Information Act 2000 (FOIA), the Information Commissioner must – subject to exceptions applying – serve a decision notice on a “public authority” when a requester applies for such a notice to be made. Public authorities are, in the main, listed in Schedule One to the Act (some are also designated by statutory instrument, or are public authorities by virtue of being owned by one or more other public authorities).

Under section 58 of FOIA, upon appeal to the Information Tribunal, the Tribunal must uphold the appeal, or substitute a replacement, if it considers that the decision notice is “not in accordance with the law”.

I’d like to ask this – if the decision notice gets the name of the public authority wrong, is it “not in accordance with the law”?

Because that is what appears to be the case with countless decision notices served on educational institutions.

Someone recently made an FOI request to ask why the Commissioner had changed his terminology, because some decision notices are addressed to, say, the “University of Exeter”, while others are addressed to the “Governing Body of the University of Exeter”. The answer given by the Information Commissioner’s Office is that was not a change of approach, but, rather, that the examples of the former were “due to an error”.

This in itself is pretty extraordinary, but it doesn’t look like it’s just a historic error which has now been corrected, because if one looks, for example, at the decision notices served this year on UCL, four have (presumably correctly) been served on the Council of the University of London, and three have (presumably incorrectly) been served on “University College London”. [UPDATE: Tony Mann, in the comments, draws my attention to what seems to be an error in the “correct” notices – the “Council of the University of London” is a different body to the “Council of University College London”.]

One has to ask two things: 1) are those three notices not in accordance with the law? 2) if the ICO knows that it is an error to serve a notice not using the correct terminology, why on earth is it still doing so?

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

6 Comments

Filed under Environmental Information Regulations, FOIA, Information Commissioner

Tagged as , ,