Tag Archives: FOI

FOI – there’s no (jurisdictional) limits

Practitioners tend to have a few mantras about the Freedom of Information Act 2000 (FOIA). Some of those mantras admit of exceptions (“it’s requester and motive blind” may, for instance, fall away where the wider context of the request needs to be considered in “vexatious” cases) but the mantra that “anyone, anywhere can make a request” had never been seriously challenged, until recently.

In conjoined cases, the First tier Tribunal – apparently, one understands, of its own volition – had raised an issue as to whether FOIA did indeed have extra-territorial application – contrary to the standard approach to statutory construction whereby UK legislation applies only to those who are citizens of the UK, or on its territory – such that requests could be made by anyone, anywhere in the world.

If the Tribunal had decided that the standard approach applied, and no extra-territorial effect was in place, there would have been a significant diminution of rights, and a consequent diminution in the accountability of public authorities. More practically, we would have no doubt seen, at least from some public authorities, identity verification measures being directed at requesters.

Thankfully, the Tribunal decided that there was extra-territorial effect, in a decision handed down orally on 27 January (with written reasons to follow).

There are posts about the case(s) on both Cornerstone Barristers’ and Doughty Street’s websites.

Leave a comment

Filed under Freedom of Information, Information Tribunal, transparency

Met – FOI requester’s focus on police misconduct was a “vexatiousness” factor

I regularly criticise the Information Commissioner’s Office on this blog. But credit where it’s due. They have upheld a complaint about the Met Police’s handling of a Freedom of Information Act 2000 (FOIA) request, in which the Met, remarkably, had argued that the request for information about police officers stopping people without cause and asking for their ID was vexatious (per section 14(1) of FOIA).

Clearly, there was some history to the request and the requester, and in line with authority, the Met were entitled to take this into account at arriving at their (now overturned) decision. But, as the decision notice points out, one of the factors which they said pointed towards vexatiousness was this:

Complainant’s focus upon police misconduct and/or related issues

I’ll say that again

Complainant’s focus upon police misconduct and/or related issues

Yes, the Met did indeed argue that a focus by a FOIA requester on police misconduct was a factor which led them to believe there was a pattern of behaviour which made this request (about stopping people without cause and asking for their ID) vexatious.

So well done ICO for dismissing that argument.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Freedom of Information, Information Commissioner, police

Upper Tribunal on enforcement of First-tier Tribunal FOIA decisions

What happens if a public authority does not comply with steps specified in a decision notice issued by the Information Commissioner under the Freedom of Information Act 2000 (FOIA)? Assuming that no appeal is brought by the authority, then section 54 of FOIA provides that, in such circumstances, the Commissioner may (not “must” – this is a power, not a duty) certify in writing to the High Court (or, in Scotland, the Court of Session) that the authority has failed to comply with that notice, and the court may (after inquiring into the matter) deal with the authority as if it had committed a contempt of court.

This much is, relatively, straightforward, but what happens if the Commissioner’s decision notice doesn’t specify steps the public authority should take – for instance (and most normally) where the Commissioner doesn’t uphold a complaint by the requester, and the latter appeals to the First-tier Tribunal (FTT), with the FTT subsequently upholding the appeal,  substituting its own decision for that of the Commissioner, and itself specifying steps to be taken by the public authority? In those circumstances, who is responsible for (or at least has the power of) enforcement of those steps? Is it the Commissioner, or the FTT itself?

This is not a hypothetical question – the FTT will frequently disagree with the Commissioner – sometimes, of course upholding an appeal by the public authority, but at other times upholding a requester’s appeal, and ordering the public authority to take steps which were not originally specified by the Commissioner. 

The answer, says the Upper Tribunal, in Information Commissioner v Moss and the Royal Borough of Kingston upon Thames [2020] UKUT 174 (AAC), is that it is for the FTT to enforce, on the (slightly circular sounding) grounds that it has the power to do so, and the Commissioner doesn’t.

The FTT’s power to enforce emanates from paragraph 61(4) of FOIA, which provides that where a person fails to do something, in relation to proceedings before the FTT on an appeal, and if those proceedings were (instead) proceedings before a court which had a power to commit for contempt, and the failure would constitute contempt (such as failing to comply with steps in a substituted decision) the FTT may certify the offence to the Upper Tribunal (in Moss, which related to matters before section 61 was amended by the Data Protection Act 2018, the power was to certify to the High Court, but nothing turns on this).

By contrast, for the Commissioner to control the enforcement of the FTT’s decision would be to offend the “fundamental constitutional principle” as enunciated by Lord Neuberger (in R (Evans) v Attorney General [2015] AC 1787 – also a FOIA case, of course) that “a decision of a court is binding as between the parties, and cannot be ignored or set aside by anyone” (including, one might add, by the Commissioner, upon exercise of her power (not, remember, her duty) to enforce her own decisions by certifying to the High Court).

In Moss Upper Tribunal Judge Jacobs did not have to decide who is responsible for enforcing a decision notice if the FTT dismisses an appeal against it (i.e. where the Commissioner’s original decision, and any specified and required steps are unchanged). He merely noted that “there is authority that, even if an appeal against a decision is dismissed, it thereafter derives its authority from the tribunal’s decision” (which to me, looks like strong obiter indication that he would have, if required to do so, found that the FTT, and not the Commissioner, would also have the enforcement power in those circumstances).

I can recall (purely anecdotally) occasions where successful appellants to the FTT have bemoaned subsequent failure by public authorities promptly to take the steps specified by the FTT in its decision. The position now seems clear – if those steps need enforcement to make them happen, it is to the FTT that the aggrieved requester should turn.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Freedom of Information, Information Commissioner, Information Tribunal, Upper Tribunal

Open by Design, Closed by Default?

The Information Commissioner’s Office (ICO) have published their new access to information strategy. Something strikes me about their “Goal #2”:

Goal #2: Providing excellent customer service to individuals making requests to us and lead by example in fulfilling our own statutory functions

The thing strikes me is that, bizarrely, they seem to have misunderstood the goal they’ve set themselves (I nearly referred to it as their “own goal”, which has a bit of a ring about it). They say

We have a varied range of individuals who request an independent review from us and a diverse range of public authorities within our jurisdiction from large central government departments to very small parish councils.

What they don’t say is “we are a public authority, subject to the Freedom of Information Act, and have to comply with its timescales, and promote observance of it by example”.

And, unfortunately, there is much evidence recently of a failure to do this.

The views in this post (and indeed all posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Freedom of Information, Information Commissioner, transparency

ICO still breaching law it’s meant to oversee

A month ago I pointed out some rather concerning  failings by the Information Commissioner’s Office (ICO) in its own compliance with Freedom of Information (FOI) law. At the time, the ICO press office told me

We acknowledge that we have fallen short of expectations in these instances but can confirm that the responses to both requests will be issued soon

It’s with some incredulity, therefore, that I see that one of the requests has still not been responded to, despite a further twenty working days having elapsed, and despite the (even greater) incredulity of the requester:

You have missed your own deadline, months after you should have answered this request. Your inability to answer a simple FOI promptly would be a disgrace if you were a local council. The fact that you are the FOI regulator makes your handling of my request a scandal.

I am utterly powerless here – I cannot complain to the regulator about your contempt for FOI because you are supposed to be the organisation I would complain to. Do you have no shame at all? No self respect?

What am I supposed to do now?

The other request I highlighted at the time has had a response, albeit one that was cursory, to say the best, and which is now the subject of a request for internal review.

My own request for the ICO’s compliance figures is now the subject of a formal complaint (with a request for a decision notice under section 50 of the FOI Act), although I am told that there will be, er, a delay in getting to it.

The views in this post (and indeed all posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Freedom of Information, Information Commissioner, transparency

ICO breaching the law it’s meant to oversee

This may be complete coincidence, but on the WhatDoTheyKnow website, there are two Freedom of Information (FOI) requests, on similar themes, which requesters have made to the Information Commissioner’s Office (ICO), to which – at the time of writing – the ICO appears simply to be failing to respond, way beyond the statutory timescale of 20 working days.

Both requests are about procurement of external consultants. In the first, the requester asked

Please disclose all current agreements for provision of legal services by outside bodies such as barristers chambers, law firms etc. This should include the rates of pay agreed.

The request was made on the 19th February and more than three months on, has simply had no response (other than an automated acknowledgment).

In the second the (different) requester asked

how many times the Information Commissioner’s Office has engaged consultants, companies or other specialists to deliver services to the ICO without putting the work out to tender or otherwise advertising the opportunity externally

That request was made on the 26th February and, barring some holding responses, which seem to have dried up, it has had no substantive response.

The failure to respond is concerning, and the failure to communicate inexplicable. One wonders where the reluctance comes from.

My own recent experience of making FOI requests to them indicates a less-than-ideal level of compliance with the laws the ICO is meant to regulate. However, when, some time ago, I asked the ICO for compliance figures, they refused to disclose them, saying they would be published soon. Yet approximately six months on they still haven’t done so (which is not in compliance with the best-practice requirements of the section 45 FOI Code of Practice).

I offered the ICO an invitation to comment on this blogpost, and in response a spokesperson said: “We aim to resolve 95% of information requests within the statutory deadline, unless we have sought an extension. We acknowledge that we have fallen short of expectations in these instances but can confirm that the responses to both requests will be issued soon.” No comment was made on the wider point about compliance, and publication of compliance statistics. (I would also make the observation that it’s rather surprising ICO only aims to respond to 95% of requests within the statutory deadline – surely they would (and should) aim to respond to 100% within the timeframe mandated by the law?)

I’ve previously expressed concern about the ICO’s unwillingness to take enforcement action against recalcitrant, if not contemptuous, public authorities for poor FOI compliance. Elizabeth Denham has recently (and unsuccessfully) called for an extension of FOI law, saying

Part of my job is to make sure that the legislation my office regulates fulfils its objectives and remains relevant. When it does not, I will speak out

Will she also speak out about the fact that her office is not itself complying with the legislation it regulates?

The views in this post (and indeed all posts on this blog, unless they indicate otherwise) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Freedom of Information, Information Commissioner, transparency

ICO – no GDPR fines in the immediate pipeline

FOI request reveals ICO has served no “notices of intent” to serve fines under GDPR. A new piece by me on the Mishcon de Reya website.

Leave a comment

Filed under Data Protection, Freedom of Information, GDPR, Information Commissioner, monetary penalty notice

There’s nothing like transparency…

…and this is nothing like transparency

Those of us with long memories will remember that, back in 2007, in those innocent days when no one quite knew what the Freedom of Information Act 2000 (FOIA) really meant, the Information Commissioner’s Office (ICO), disclosed some of its internal advice (“Lines to Take” or “LTTs”) to its own staff about how to respond to questions and enquiries from members of the public about FOIA. My memory (I hope others might confirm) is that ICO resisted this disclosure for some time. Now, the advice documents reside on the “FOIWiki” pages (where they need, in my opinion, a disclaimer to the effect that some of the them at least are old, and perhaps out-of-date).

Since 2007 a number of further FOIA requests have been made for more recent LTTs – for instance, in 2013, I made a request, and had disclosed to me, a number of LTTs on data protection matters.

It is, therefore, with some astonishment, that I note that a recent FOIA request to ICO for up-to-date LTTs – encompassing recent changes to data protection law – has been refused, on the basis that, apparently, disclosure would, or would be likely to, inhibit the free and frank exchange of views for the purposes of  deliberation, and would otherwise prejudice, or would be likely otherwise to prejudice, the effective conduct of public affairs. This is problematic, and concerning, for a number of reasons.

Firstly, the exemptions claimed, which are at section 36 of FOIA, are the statute’s howitzers – they get brought into play when all else fails, and have the effect of flattening everything around them. For this reason, the public authority invoking them must have the “reasonable opinion” of its “qualified person” that disclosure would, or would be likely to, cause the harm claimed. For the ICO, the “qualified person” is the Information Commissioner (Elizabeth Denham) herself. Yet there is no evidence that she has indeed provided this opinion. For that reason, the refusal notice falls – as a matter of law – at the first hurdle.

Secondly, even if Ms Denham had provided her reasonable opinion, the response fails to say why the exemptions are engaged – it merely asserts that they are, in breach of section 17(1)(c) of FOIA.

Thirdly, it posits frankly bizarre public interest points purportedly militating against disclosure, such as that the LTTs “exist as part of the process by which we create guidance, not as guidance by themselves”, and “that ICO  staff should have a safe space to provide colleagues with advice for them to respond to challenges posed to us in a changing data protection landscape”, and – most bizarre of all – “following a disclosure of  such notes in the past, attempts have been made to utilise similar documents to undermine our regulatory procedures” (heaven forfend someone might cite a regulator’s own documents to advance their case).

There has been such an enormous amount of nonsense spoken about the new data protection regime, and I have praised ICO for confronting some of the myths which have been propagated by the ignorant or the venal. There continues to be great uncertainty and ignorance, and disclosing these LTTs could go a long way towards combatting these. In ICO’s defence, it does identify this as a public interest factor militating in favour of disclosure:

disclosure may help improve knowledge regarding the EIR, FOIA or  the new data protection legislation on which the public desire information as evidenced by our increase in calls and enquiry handling

And as far as I’m concerned, that should be the end of the matter. Whether the requester (a certain “Alan Shearer”) chooses to challenge the refusal is another question.

The views in this post (and indeed all posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Data Protection, Freedom of Information, GDPR, Information Commissioner, transparency

FOIA’s not the only route

News emerges of a potential judicial review attempt to force disclosure of government Brexit papers not under FOI but under common law and human rights to information

More than three years ago the Supreme Court handed down judgment in a long-running piece of litigation under the Freedom of Information Act 2000 (FOIA). Journalist Dominic Kennedy had attempted to get disclosure from the Charity Commission of information relating to inquiries into George Galloway’s “Mariam Appeal”. The Commission said, in effect, that the absolute exemption to disclosure at section 32(2) of FOIA was the end of the story, while Kennedy argued that Article 10 of the European Convention on Human Rights imposed a positive obligation of disclosure on public authorities, particularly when the requester was a “public watchdog” like the press, and that s32(2) should be read down accordingly to require disclosure in the circumstances (I paraphrase). In his leading opinion Lord Mance gave this stirring introduction:

Information is the key to sound decision-making, to accountability and development; it underpins democracy and assists in combatting poverty, oppression, corruption, prejudice and inefficiency. Administrators, judges, arbitrators, and persons conducting inquiries and investigations depend upon it; likewise the press, NGOs and individuals concerned to report on issues of public interest. Unwillingness to disclose information may arise through habits of secrecy or reasons of self-protection. But information can be genuinely private, confidential or sensitive, and these interests merit respect in their own right and, in the case of those who depend on information to fulfil their functions, because this may not otherwise be forthcoming. These competing considerations, and the balance between them, lie behind the issues on this appeal.

What was most interesting about the judgment in Kennedy, and, again, I disrespectfully heavily paraphrase, was that the Supreme Court basically said (as it has been wont to do in recent years) – “why harp on about your rights at European law, don’t you realise that our dear old domestic friend the common law gives you similar rights?”

the route by which [Mr Kennedy] may, after an appropriate balancing exercise, be entitled to disclosure, is not under or by virtue of some process of remodelling of section 32, but is under the Charities Act construed in the light of common law principles and/or in the light of article 10 of the Human Rights Convention, if and so far as that article may be engaged

This greatly excited those in the information rights field at the time, but since then, there has been little of prominence to advance the proposition that FOIA rights are not the only route [Ed. there’s a great/awful pun in there somewhere] but it did get a positive airing in R (Privacy International) v HMRC [2014] EWHC 1475 (Admin) (on which see Panopticon post here).

Yesterday (12 October) barrister Jolyon Maugham announced that his Good Law Project was seeking donors towards a judicial review application if the government refused to publish information and reports comparing the predicted economic harm of Brexit with the predicted economic benefits of alternative free trade agreements. Keen followers of information rights litigation will note that Tim Pitt-Payne  and Robin Hopkins are instructed: the potential respondents should quake in their boots.

Well worth watching this, and well worth – in my opinion – donating towards the cause.

The views in this post (and indeed all posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Brexit, Freedom of Information, human rights, Open Justice

FOI enforcement – if not now, when?

Recent ICO decision notices show the Home Office and MoJ repeatedly simply failing to respond to FOI requests. Surely the time has come for ICO action?

The Information Commissioner’s Office (ICO) recently stated to me that they were not monitoring the Home Office’s and Ministry of Justice’s (MoJ) compliance with the statutory timescales required by section 10 of the Freedom of Information Act 2000 (FOIA)

This was despite the fact that they’d published decision notices about delays by those two government bodies which reported that “The delay in responding to this request will be logged as part of ongoing monitoring of the MoJ’s compliance with the FOIA”. This was not formal monitoring, I was told; rather, it was informal monitoring. Ah. Gotcha.

So what does trigger formal monitoring? Interestingly, the ICO’s own position on this has recently changed, and got a bit stricter. It’s generally meant to be initiated in the following circumstances:

our analysis of complaints received by the ICO suggests that we have received in the region of 4 to 8 or more complaints citing delays within a specific authority within a six month period

(for those authorities which publish data on timeliness) – it appears that less than 90% of requests are receiving a response within the appropriate timescales. [this used to be 85%]

Evidence of a possible problem in the media, other external sources or internal business intelligence.

Despite the apparent increase in robustness of approach, the ICO do not appear to be monitoring any public authorities at the moment. The last monitoring took place between May and July 2016 when Trafford Council were in their sights. Although they are not mentioned in the relevant report, an ICO news item from July last year says that the Metropolitan Police, who have been monitored off and on for a period of years without any real outward signs of improvement, were also still being monitored.

But if they aren’t monitoring the compliance of any authorities at the moment, but particularly the Home Office and the MoJ, one is led to wonder why, when one notes the pattern in recent ICO decision notices involving those two authorities. Because, in 16 out of the last 25 decision notices involving the Home Office, and 6 out of the last 25 involving the MoJ, the ICO has formally issued decision notices finding that the authorities had failed to comply with the FOI request in question, by the time the decision notice was issued.

At this point, it might be helpful to explain the kind of chronology and process that would lead up to the issuing of such decision notices. First, a request must be made, and there will have been a failure by the authority to reply within twenty working days. Then, the requester will normally (before the ICO will consider the case) have had to ask for an internal review by the authority of its handling of the request. Then, the requester will have complained to the ICO. Then, the ICO will have normally made informal enquiries of the authority, effectively “geeing” them up to provide a response. Then, as still no response will have been sent, the ICO will have moved to issuing a formal decision notice. At any point in this process the authority could (and should) still respond to the original request, but no – in all of these cases (again – 16 of the last 25 Home Office decisions, 6 of the last 25 MoJ ones) the authorities have still not responded many months after the original request. Not only does this show apparent contempt for the law, but also for the regulator.

So why does the ICO not do more? I know many FOI officers (and their public authority employers) who work their socks off to make sure they respond to requests in a timely manner. In the absence of formal monitoring of (let alone enforcement action against) those authorities who seem to ignore their legal duties much of the time, those FOI officers would be forgiven for asking why they bother: it is to their credit that bother they still do.

Elizabeth Denham became Information Commissioner in July last year, bringing with her an impressive track record and making strong statements about enforcing better FOI compliance. Her first few months, with GDPR and Brexit to deal with, will not have been easy, and she could be forgiven for not having had the time to focus on FOI, but the pressing question now surely is “if not now, when?”

The views in this post (and indeed all posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

2 Comments

Filed under Freedom of Information, Home Office, Information Commissioner