Tag Archives: FOI

August 25, 2024 · 9:36 am

Countless erroneous FOI decision notices

[reposted from LinkedIn]

Under section 50 of the Freedom of Information Act 2000 (FOIA), the Information Commissioner must – subject to exceptions applying – serve a decision notice on a “public authority” when a requester applies for such a notice to be made. Public authorities are, in the main, listed in Schedule One to the Act (some are also designated by statutory instrument, or are public authorities by virtue of being owned by one or more other public authorities).

Under section 58 of FOIA, upon appeal to the Information Tribunal, the Tribunal must uphold the appeal, or substitute a replacement, if it considers that the decision notice is “not in accordance with the law”.

I’d like to ask this – if the decision notice gets the name of the public authority wrong, is it “not in accordance with the law”?

Because that is what appears to be the case with countless decision notices served on educational institutions.

Someone recently made an FOI request to ask why the Commissioner had changed his terminology, because some decision notices are addressed to, say, the “University of Exeter”, while others are addressed to the “Governing Body of the University of Exeter”. The answer given by the Information Commissioner’s Office is that was not a change of approach, but, rather, that the examples of the former were “due to an error”.

This in itself is pretty extraordinary, but it doesn’t look like it’s just a historic error which has now been corrected, because if one looks, for example, at the decision notices served this year on UCL, four have (presumably correctly) been served on the Council of the University of London, and three have (presumably incorrectly) been served on “University College London”. [UPDATE: Tony Mann, in the comments, draws my attention to what seems to be an error in the “correct” notices – the “Council of the University of London” is a different body to the “Council of University College London”.]

One has to ask two things: 1) are those three notices not in accordance with the law? 2) if the ICO knows that it is an error to serve a notice not using the correct terminology, why on earth is it still doing so?

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

6 Comments

Filed under Environmental Information Regulations, FOIA, Information Commissioner

Tagged as , ,

August 25, 2024 · 8:47 am

Manifestly EIR

[reposted from LinkedIn]

I’m dumbfounded how a public authority, all of the staff at the Information Commissioner’s Office – including its litigation lawyers – and the three people hearing the appeal in the Information Tribunal, failed to identify that this request clearly should have been handled under the Environmental Information Regulations 2004 and not the Freedom of Information Act 2000 – it’s about land use, a boundary dispute and planning. The ICO decision notice even states that “it relates to the status of the Council’s land adjacent to the complainant’s property”.

It may be that, on analysis, the request – which was refused on the grounds that it was vexatious – a decision with which both the ICO and Tribunal agreed – would have been considered manifestly unreasonable under the EIR, but that is no excuse. The refusal was wrong as a matter of law, the ICO decision notice is wrong as a matter of law, and the Tribunal judgment is wrong as a matter of law.

I have raised this issue before of public authorities, ICO and the Tribunal failing to deal with requests under the correct regime. I’m now minded to raise the issue formally with, at least, the ICO.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Environmental Information Regulations, FOIA, Information Commissioner, Information Tribunal

Tagged as , , ,

August 8, 2024 · 5:09 am

Blistering criticism for Home Office and ICO

[From a LinkedIn post]

A blistering judgment of the Information Tribunal upholding an FOI appeal by Bail for Immigration Detainees (BID) against the decision by the Information Commissioner’s Office (ICO) to uphold the Home Office’s refusal to disclose info about the process for deportation to Eritrea and Somalia (and by extension, the likelihood of deportees being either detained, or bailed, pending removal).

The request, about how many Emergency Travel Documents were requested, how many issued, how many people were then removed and how long this took, was refused by the HO on grounds that disclosure would be likely to harm international relations and would prejudice the operation of immigration controls.

The HO failed to reply to the ICO’s enquiries until served with a formal Information Notice. But the ICO then agreed that the exemptions were engaged.

The Tribunal did not agree.

The judgment notes the HO “made no effort to engage” with the appeals, and its evidence consisted of “thinly reasoned assertions, with no evidential support”, and

…we hope that the reasons were not meant to be comprehensive. It would betray a rather dim view by the Home Office of other countries’ governments to think that “many if not most” only care about money, and whether their citizens commit crimes or migrate unlawfully – as humans from all countries do.

To the extent the FOIA exemptions were engaged, the public interest test fell heavily in favour of disclosure. In the face of evidence from BID about levels of unlawful detention (in the form of the number of cases in which it had successfully appealed refusals of bail for detainees) the Tribunal observed that

For hundreds of years, the common law has demanded that administrative detention must be justified and be capable of proper challenge…The work done by BID, both on behalf of individuals and more broadly, supports that public interest. Disclosure…would help it to achieve those ends and avoid injustice.

There were minimal factors in favour of disclosure. In fact “it is difficult to conceive of a case concerning this exemption where the scales could be less weighted in favour of exemption”.

And, in closing, the Tribunal had a blast at the ICO, noting

our surprise that [he] thought it appropriate to accept the [HO’s] bare assertions, given the way in which it had responded to the previous requests described above and the compulsion required before it then properly engaged with these. In turn the…Decision Notices disclose no consideration of the various public interest factors carefully put forward by BID. A pattern of conduct has been established on the part of the [HO] that is within neither the spirit nor the letter of FOIA, and which can now be seen as having resulted in considerable delay together with expense of resources both on the part of the Tribunal and BID…We hope that future decisions will be reached after considerably more care and scrutiny.

Let’s see.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, FOIA, Freedom of Information, Home Office, Information Commissioner, Information Tribunal, LinkedIn Post

Tagged as , ,

July 18, 2024 · 4:21 am

FOIA appeals in the UT: when is there an “error of law”?

Here is a good and interesting judgment in the Upper Tribunal from Judge Citron, on a Freedom of Information Act 2000 (FOIA) case arising from defects in the 2019 “11+” exam run by The Buckinghamshire Grammar Schools (TBGS), with test materials designed and supplied by a third party – GL Assessment Limited. TBGS, as a limited company made up of a consortium of state schools, is a public authority under s6(1)(b) FOIA (by way of s6(2)(b)).

The FOI request was, in broad terms, for the analysis that had subsequently been conducted into the defects, and the statistical solution that had been adopted.

TBGS had refused the request on grounds including that disclosure of the requested information would be an actionable breach of confidence. The ICO upheld this, and, on appeal, the First-tier Tribunal agreed, although only by a majority decision (the dissent was on the part of the judge, and it’s worth reading his reasons, at 85-90 of the FTT judgment).

Possibly bolstered by the vehemence of that dissenting view of the FTT judge, the applicant appealed to the Upper Tribunal.

Judge Citron’s judgment is a measured one, addressing how an appellate court should approach an argument to the effect that there was an error of law at first instance, with a run-through, at 35, of the authorities (unfortunately, from that point, the paragraph numbering goes awry, because the judgment, at “67”, follows the numbering of the judgment it has just quoted).

Judge Citron twice notes that a different FTT might have approached the facts and the evidence in a different way, and weighted them differently, but

that is no indicator of the evaluative judgement reached being in error of law…The question is whether the evaluative judgement…was one no reasonable tribunal could have reached on the evidence before it; it whether some material factor was not taken into account. I am not persuaded.

Therefore, the FTT had made no material error in dismissing the appeal.

A final note. This was a judgment on the papers, but – remember – the Information Commissioner will always be a party to FOIA cases, because it is his decision that is at issue. In this instance, the Commissioner chose not to participate. Paragraph 32 records that he was “directed” to make a response to the appeal, but did not. If this correctly records a failure by the Commissioner to comply with a direction of the court, it is surprising there’s no note of disapproval from the judge.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under FOIA, Freedom of Information, Information Commissioner, Information Tribunal, Upper Tribunal

Tagged as , ,

July 12, 2024 · 7:05 am

Unreasonably accessible – ICO and misapplication of s21?

I’ll start with a simple proposition: if a dataset is made publicly available online by a public authority, but some information on it is withheld – by a deliberate decision – from publication, then the total dataset is not reasonably accessible to someone making an FOI request for information from it.

I doubt that any FOI practitioners or lawyers would disagree.

Well, sit back and let me tell you a story.

In November 2023 the Information Commissioner’s Office (ICO) refused to disclose information in response to a Freedom of Information request, on the grounds that the exemption at section 21 of the Freedom of Information Act 2000 (FOIA) applied: the information was “reasonably accessible to the applicant” without his needing to make a FOIA request.

The request was, in essence, for “a list…of the names of all the UK parish councils that have received 20 or more ICO Decision Notices (for FOIA cases only) since 1st January 2014”. The refusal by the ICO was on the basis that

the search function on the decision notice section of the ICO website returned 415 decision notices falling within the scope of the complainant’s request…[therefore] it is possible to place the names of the parish councils into an Excel sheet and then establish quickly how many decision notices relate to each individual parish council.

The ICO noted that, when it comes to the application of section 21

It is reasonable for a public authority to assume that information is reasonably accessible to the applicant as a member of the general public until it becomes aware of any particular circumstances or evidence to the contrary [emphasis added]

On appeal to the Information Tribunal, the ICO maintained reliance on the exemption, saying that all the applicant needed to do was to go to the ICO website and “look at each entry and count-up [sic] the numbers of [Decision Notices] against each parish council”. The Tribunal agreed: the ICO had provided the requester

with a link to the correct page of the ICO website, and instructing him how to use the search function. These instructions have enabled him to identify from the tens of thousands of published decision notices those 415-420 notices which have been issued to parish councils over the past decade or so

All straightforward, if one’s analysis is predicated on an assumption that the ICO’s public Decision Notice database is a complete record of all decision notices.

But it isn’t.

I made an FOI request of my own to the ICO; for how many Decision Notices do not appear on the database. And the answer is 45. A number of possible reasons are given (such as that sensitive information was involved, or that there was agreement by the parties not to publish). But the point is stark: the Decision Notice database is not a complete record of all Decision Notices issued. And I do not see how it is possible for the ICO to rely on section 21 FOIA in circumstances like those in this case. It is plainly the case that the ICO knew (or was likely reckless in not knowing) that there were “particular circumstances or evidence” which showed that the information could not have been reasonably accessible to the applicant.

Of course, it is quite likely (perhaps inevitable) that the 45 unpublished Decision Notices would make no difference at all to a calculation of how many UK parish councils have received 20 or more Decision Notices since 1st January 2014. But that really isn’t the point. The ICO could have come clean – could have done the search itself and added in the 45 unpublished notices. It knew they existed, but for some reason thought it didn’t matter.

The ICO is the regulator of FOIA, as well as being a public authority itself under FOIA. It has to get these things right. Otherwise, why should any other public authority feel the need to comply?

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

4 Comments

Filed under access to information, datasets, Freedom of Information, Information Commissioner, Information Tribunal, section 21

Tagged as , ,

July 6, 2024 · 10:45 am

FOI and government/ministerial WhatsApps

[reposted from LinkedIn]

An important Information Tribunal (T) judgment on a FOIA request, by Times journalist George Greenwood, to DHSC for gov-related correspondence between Matt Hancock (MH) and Gina Coladangelo (GC), grappling with issues regarding modern messaging methods in government and how they fit into the FOIA scheme.

Two requests were made. The first was for government-related correspondence between MH and GC using departmental email accounts, and any private email account MH had used for government business. The second was for all correspondence between them using other methods, such as WhatsApp.

Request 1

DHSC had found four emails and by the time of the hearing had disclosed them. It maintained that no further info was held.

However DHSC argued that emails sent by MH’s private secretaries and not by MH himself were out of scope. Not so, said the T: “even if a private office email account is operated by a private secretary…correspondence with a private office email account ought to be regarded as correspondence with the relevant minister”. Accordingly, they upheld that part of the appeal and ordered further searches.

Request 2

DHSC had initially said, and ICO had agreed(!), that government-related WhatsApp messages sent from MH’s personal device were not “held” for the purposes of FOIA because they were not held “as part of the official record”. By the time of the hearing, all of the parties were agreed that this was an error, and the T ruled that section 3(2)(b) FOIA applied, and that “WhatsApp messages from Mr Hancock’s personal device were held [by MH] on a computer system on [DHSC’s] behalf”.

DHSC then sought to argue that WhatsApp messages in a group were not “correspondence” between MH and GC, saying (in the T’s formulation of DHSC’s argument) “unless correspondence consists of one person corresponding directly with another, it is not ‘true’ correspondence”. The T was dismissive of this: “correspondence in the age of multiple methods of electronic communication can take different forms…the fact that simply because one or other of the relevant parties did not respond or may not have responded to a particular message does not mean that communications within a WhatsApp group cannot be considered to be correspondence”. The T also rejected the related submission that a person posting a message to a WhatsApp group is “broadcasting”, rather than “corresponding”

(I have to say that I think the T probably overstepped here. I would tend to think that whether information in a WhatsApp group is correspondence or not should be determined on the facts, and not as a matter of general principle.)

Finally, the T did not warm to the evidence from an otherwise unidentified “Mr Harris” for the DHSC, to the effect that the request was vexatious on grounds of the burden. They therefore held that it was not. (As the messages were subsequently disclosed into the public domain during the Covid inquiry, not much turns on this.)

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Freedom of Information, Information Commissioner, Information Tribunal, journalism

Tagged as , ,

June 4, 2024 · 6:16 pm

How far can a legal fiction go?

When the Information Commissioner, as a public authority subject to the Freedom of Information Act 2000 (FOIA), is required to consider, as regulator, his own handling of a FOIA request, he enters into a legal fiction, whereby he separates himself into two, along these lines (taken from a decision notice):

This decision notice concerns a complaint made against the Information Commissioner (‘the Commissioner’). The Commissioner is both the regulator of FOIA and a public authority subject to FOIA. He’s therefore under a duty as regulator to make a formal determination of a complaint made against him as a public authority…In this notice the term ‘ICO’ is used to denote the ICO dealing with the request, and the term ‘Commissioner’ denotes the ICO dealing with the complaint.

It’s a legal fiction because the Information Commissioner is a corporation sole: every single function he has vests in him (and he has powers of delegation).

With this in mind, it is interesting to consider section 132(1) of the Data Protection Act 2018. This provides that

A person who is or has been the Commissioner, or a member of the Commissioner’s staff or an agent of the Commissioner, must not disclose information which— (a) has been obtained by, or provided to, the Commissioner in the course of, or for the purposes of, the discharging of the Commissioner’s functions, (b) relates to an identified or identifiable individual or business, and (c) is not available to the public from other sources at the time of the disclosure and has not previously been available to the public from other sources. (Unless the disclosure is made with lawful authority.)

When partaking in the legal fiction described above, can it be said that the Commissioner, or the Commissioner’s staff, have obtained, or been provided with, information, when the Commissioner is the person who holds the information? I think not. And if I’m right, that should mean that the Commissioner cannot rely on the exemption at section 44 of FOIA, on the grounds that there is a statutory bar on disclosure. But that’s what he does in response to this recent FOIA request. It will be interesting if the applicant asks for a decision notice.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Data Protection Act 2018, Freedom of Information, Information Commissioner, Uncategorized

Tagged as , ,

March 9, 2024 · 11:02 am

A sad procedural judgment

In 1973, Pat Campbell, a Catholic factory worker from Banbridge, Northern Ireland, was shot and killed in front of his wife and children, at their family home.

No one was ever convicted of Pat Campbell’s murder, but for many years it has been believed that the killer was senior Ulster Volunteer Force member Robin “The Jackal” Jackson. Jackson – suspected of being responsible for, but never convicted of, at least 50 killings during the Troubles – was also suspected of having links with British military intelligence agencies.

In 2022 Pat Campbell’s widow reached a settlement with the Police Service of Northern Ireland, or PSNI (successor to the Royal Ulster Constabulary, or RUC) of a civil claim for damages, in which she alleged negligence and misfeasance in public office. The BBC reported at the time that “a former RUC officer and two ex-military intelligence officers were set to give evidence about Jackson’s alleged role”.

In the same year as Pat Campbell was murdered, a British intelligence officer wrote a report which is understood to have proposed increasing the RUC’s special branch’s intelligence gathers capabilities.

In 2021 journalist Phil Miller took a case under the Freedom of Information Act 2000 (FOIA) to the Information Tribunal, seeking disclosure by the PSNI of the Morton Report. However, the Tribunal upheld the Information Commissioner’s decision that PSNI were entitled to withhold the report because of the FOIA absolute exemption in relation to information supplied to a public authority by the Security Service.

Mrs Campbell, herself, however, still sought to get hold of the Morton Report. I know this because of a sad procedural judgment from the Information Tribunal.

She is identified as the appellant in case EA/2023/0276, an appeal from ICO decision notice IC-173342-D4D8. But as the judgment explains, she has since died, and the Tribunal has accordingly struck out the proceedings, under rule 8(2) of the procedure Rules, for want of jurisdiction. This is because, although The Law Reform (Miscellaneous Provisions) Act 1934 permits a “cause of action” to proceed after a claimant has died, for the benefit of the deceased’s estate, the Tribunal held, applying the same approach the Upper Tribunal took in a previous case in relation to data protection rights, a FOIA appeal is not a “cause of action” (Letang v Cooper [1965] 1 QB 232 applied). Instead, “‘[the] procedure is no more than a statutory appeal route, a procedural mechanism, for challenging’, in this case, the issue of the decision notice by the Information Commissioner”.

It seems doubtful, in any case, that Mrs Campbell would have succeeded: the exemption at section 23 is effectively insuperable.

But, of course, the PSNI has discretion to disclose information. As the ICO’s decision notice notes, the PSNI previously decided to disclose a redacted version of the 1980 Walker Report on RUC Special Branch informant handling, after the Committee on Administration of Justice took another FOIA case to the Information Tribunal.

There is no reason to suggest the same would happen if another case involving a request for the Morton Report reached the Tribunal again, but someone might consider it worth trying.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Freedom of Information, Information Commissioner, Information Tribunal, police

Tagged as , , ,

February 9, 2024 · 8:39 am

When is a breach of FOIA not a breach of FOIA?

I posted about this originally on LinkedIn, but I found it so nerdily interesting I wanted to preserve it better by putting it on this blog.

In 4 December 2023 the Information Commissioner’s Office (ICO) issued a decision notice under section 50 of the Freedom of Information Act 2000 (FOIA) finding that its own office did not deal with a FOIA request within the statutory time limit. Subsequently, however, as the ICO website has it, “Following a review of this case it has been noted that the Commissioner erred in citing a breach of section 17(1) of FOIA, having omitted to include the Scottish bank holiday of 7 August 2023 in his calculation of the 20 working day deadline. Therefore, the ICO did not breach section 17(1) of FOIA.”

However, merely staring on its website that “the ICO did not breach FOIA” is not sufficient. As a matter of law, the decision notice itself stands, unless it is substituted by another notice made by the Information Tribunal upon appeal. The ICO cannot withdraw/amend a decision notice, in the absence of an appeal (under the doctrine of “functus officio”, but see also IC v Bell [2014] UKUT 0106)).

So merely saying on its website “we didn’t breach the time limits” cannot cancel or overturn the decision notice.

In some analogous circumstances of “wrong” legal decisions by public authorities bound by functus officio, the authority will consent to judicial review proceedings quashing the decision. But here, the only person with any interest in quashing the decision is the ICO itself, and I don’t believe it could apply for judicial review of its own decision (although there have been cases, I believe, where local authorities have judicially reviewed decisions of their own planning committees).

What the ICO could have done though (and I give a nod to Ganesh Sittampalam here) is appeal the decision itself to the Tribunal. It would seem to be the case that the ICO, as the public authority on whom the decision notice was served, would have had a right of appeal to the Tribunal, even though it would be both the appellant and the respondent. This would, obviously, be rather an odd situation, but it’s one that the ICO already faces when it has to rule (as it did here) on its own compliance with the laws it regulates and enforces (for these purposes it effectively creates a fictional divide between “the ICO” and the “Commissioner” – see for example paragraph four in the decision notice linked above).

However, for whatever reason, the right of appeal was not exercised. But, given that that was the statutory route for challenge, why was the purported correction of the error instead subject to an internal, non-binding and unsatisfactory “review” within the ICO?

One wonders how this will be recorded within the ICO’s datasets: will the ICO accept the point that, as a matter of law, the decision is and remains that it breached the time limits? I doubt it.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

6 Comments

Filed under Freedom of Information, Information Commissioner, Information Tribunal

Tagged as ,

November 17, 2023 · 6:35 am

EIR you sure you got that right?

Someone said they’d read this post if I wrote it. That’s miles more encouragement than I normally need, so here goes.

The other day, Tim Turner’s FOIDaily account pointed out how, after twenty-odd years, some public authorities still fail to identify when a request for information should be dealt with under the Environmental Information Regulations 2004 (EIR), rather than the Freedom of Information Act 2000 (FOIA). An example was given of Information Commissioner’s Office (ICO) identifying where a public authority had got this wrong.

As any fule kno, the two laws operate in parallel to create a regime for access to information held by public authorities, and it’s Regime 101 for a public authority to be able to know, and identify, when each applies. But, in short, if requested information is on, for instance, “measures (including administrative measures), such as policies, legislation, plans, programmes, environmental agreements, and activities affecting or likely to affect…the state of the elements of the environment, such as air and atmosphere, water, soil, land, landscape…” then the EIR, and not FOIA, apply.

I pointed out in the comments to the FOIDaily post that I’d seen a case where everyone, from the requester, to the public authority, to the ICO, to the First-tier Tribunal, had failed to deal with a case under the correct scheme.

This was it.

The case was about a request to a district council for information about whether a councillor had (in a private capacity) been required to pay any money to the council in relation to a fly-tipping incident or incidents. The request itself even referred to the Environmental Protection Act 1990, which was a very big hint that environmental information might be at issue.

What appears to have happened is that everyone jumped to the issue of whether disclosure of the requested information would contravene the councillor’s data protection rights. As most similar discussions take place in relation to the provisions of section 40 FOIA, the public authority, the ICO and the Tribunal (and presumably even the requester) all appear to have gravitated towards FOIA, without asking the correct first question: what is the applicable law? The answer to which was, clearly, EIR.

Regulation 13 of the EIR deals with personal data, and is cast in very similar terms to section 40 FOIA. It is, then, strongly arguable that, given that similarity, both the ICO and the Tribunal would have arrived at the same decision whichever regime applied. But Parliament has chosen to have two separate laws, and this is because they have a different genesis (EIR emanate from EU law which in turn emanates from international treaty obligations). Additionally, where all things are otherwise equal, the EIR contain an express presumption in favour of disclosure (something that is not the case in relation to personal data under the FOIA regime – see Lord Hope’s opinion in Common Services Agency v Scottish Information Commissioner).

As Tim implies in his post, the EIR have always been seen as somehow inferior, or subservient, to FOIA. No doubt this is because they are in the form of secondary legislation, rather than statute. This is more an accident of history, rather than of constitutional significance, and is never going to be relevant in most practice. But if the ICO and the courts continue to miss their relevance, it shouldn’t be that surprising that some public authorities will also do so.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Environmental Information Regulations, Freedom of Information, Information Commissioner, Information Tribunal

Tagged as , , ,