BCS you’re worth it… (sorry)

FOIMan reflects on going from student to master in a very short period.

As regular readers will know, this year has seen a big change in my career. Up until last Christmas I was an FOI Officer who did the odd bit of training in his spare time. In January I left that all behind to become a full-time freelance trainer and consultant.

One of the things that I was most nervous of as I looked down my list of bookings from Act Now Training at the start of the year (who still provide me with the vast majority of my work, and are a pleasure to work with) was delivering Act Now’s course for the British Computing Society’s formal qualification in Data Protection earlier in the summer. It was only a couple of years ago that I undertook the course as a student and it was a challenge then. I’ve written a piece for Act Now Training’s blog on making the transition from student to tutor.

As it happened I ended up delivering both the Data Protection and Freedom of Information courses, and in the end I thoroughly enjoyed tutoring it. I’m still learning – about training, as well as about my supposed areas of expertise – but that’s part of the fun, and working with students to get to grips with some of the more complicated and controversial aspects of information rights has certainly helped me. I’ll find out if it helped them when the exam results come out next month! But the feedback at the end of each course was thankfully really positive and most people seemed to enjoy it, even if they were nervous about the exam.

Next month I get back from my holidays, stepping out of the resort swimming pool and plunging straight back into a new set of BCS courses – this time in Belfast. So Northern Ireland readers contemplating a qualification in FOI or DP, please do consider joining me! If you’re not in Northern Ireland or can’t afford it this time, do take a look at Act Now Training’s course schedule and it would be great to see you on a future course. I’m also running a BCS course in-house for one of their clients, so if there are enough of you interested in your organisation, you may want to explore that.

I hope you’ll excuse the odd post like this one updating you on progress with my new business and – of course – plugging some of my courses. After all, they help keep me fed and watered so that I can provide other useful stuff here on the blog. And if you know anyone who is looking for training or help with data protection, freedom of information or records management, please do point them in my direction!

The Exemption Index: Section 42 – the exemption for legal professional privilege

Exemption Index logoFOIMan examines the exemption protecting legal advice.

Summary

If you’re being sued, you will no doubt want to seek legal advice. Even if you’re not, but you want to make sure your activities are compliant with legal requirements, you would want to seek such advice.

There is an established convention that such advice is confidential, with good reason. If you ask for advice, and the advice comes back saying that your case is weak, you don’t want those who might litigate against you to get access to it. It’s up to their lawyers to make the case against you. If you thought that adverse advice might be disclosed, you probably wouldn’t ask for it in the first place, as it could leave you in a weaker position.

That’s why there is an exemption to cover this. But perhaps surprisingly, it is subject to a public interest test. So in some cases, it might be disclosed.

Information affected

Advice (and requests for advice) from solicitors, barristers or legal executives.

Things that FOI Officers need to know

  • there are 2 types of information covered by legal professional privilege – litigation advice and legal advice
  • be clear who the client is, and who is giving the legal advice
  • keep it to yourselves – if the advice is shared beyond those it is given to, there is a risk that it could be said that the advice is no longer confidential (and therefore no longer protected by privilege)
  • information that already existed before the advice was sought (to give an FOI-world example – a document that has been requested under FOI that you have sent to an in-house lawyer for their opinion on whether an exemption might apply) will not be protected by legal professional privilege, but if the information (perhaps in the form of an attachment or enclosure) has been prepared specifically to support the legal advice then it would attract protection.
  • if it is legal advice that has been kept confidential there is a very good chance that it will be exempt – whilst there is a public interest test, both the Commissioner and Tribunals agree that there is a substantial public interest in maintaining legal professional privilege
  • That said – there are factors that might weigh in favour of disclosure – see below.

Things that requesters need to know

  • whilst it is recognised that there is a substantial public interest in maintaining privilege, the very fact that s42 is qualified means that in some circumstances legal advice will be disclosed
  • as always, timing is a factor – if the risk of litigation has lessened, then there will be less of a public interest in maintaining the exemption
  • if the advice is not on an issue affecting individuals, it has been argued that the public interest in withholding it will be lessened
  • if the substance of the advice has previously been disclosed in an unrestricted manner, it may be that firstly legal professional privilege may not apply; but that even if it did, the public interest in withholding it is reduced.

Essential case law

Recommended reading

FOIMan News to 11 August 2014

NEWS1FOIMan highlights the latest news stories around freedom of information and information rights.

Requesters can specify file format says Court of Appeal

Section 11 of FOI requires public authorities to make information available in a form specified by the requester if “reasonably practicable”. Up to now, the accepted view of the Information Commissioner and public authorities has been that this merely allows a requester to specify whether the information should be supplied in paper or electronic form. This latest decision – which sets a precedent that the Commissioner and future Tribunal hearings will have to follow – rejects this. Lord Justice Underhill took the view that format is “an aspect of the “form” of the information.” So in future public authorities will need very good reasons not to provide information in a particular format (e.g. Microsoft Excel) if it is requested in that format. A more detailed analysis is provided by Christopher Knight on the Panopticon Blog.

Social media publication does not automatically trump data protection

In a controversial decision in 2012, the First-Tier Tribunal ruled that the names of members of a “Youth Council” set up by Surrey Heath Borough Council should be disclosed if their names appeared on a Facebook page that had been set up for the Youth Council. The view was that because the names had been made public, this meant that the council members had no right to protection of their identity. The Upper Tribunal’s decision in Surrey Heath Borough Council v IC & Morley (this copy of the judgment is available via the Panopticon Blog) overturned this view. Judge Jacobs argued that the FTT had been too simplistic. For example, he pointed out that there was no evidence that the individuals had agreed to their names being published on Facebook. In most circumstances where public authorities are considering the disclosure of personal data, they have to assess whether there is a legitimate interest in making it available and whether disclosure would cause the individuals concerned unwarranted prejudice. Judge Jacobs concluded that there was no legitimate interest in the publication of the names. Although he ruled that the information should be withheld in this case, he did make clear that this was based on the facts in this particular case; he also set out a useful test for future decisions involving the personal data of young people.

New regulations attempt to enhance local authority openness

The Openness of Local Government Bodies Regulations 2014 are the latest attempt by Eric Pickles, Communities Secretary, to further open up local government. Councils have to allow filming of council meetings and “reporting and providing commentary on proceedings at a meeting, orally or in writing, so that the report or commentary is available as the meeting takes place or later to persons not present” (or more succinctly, they have to allow people to live-Tweet from meetings). In addition, local authorities have to record certain decisions and make them available. The regulations make it a criminal offence to obstruct or refuse a request for such a record of a decision.

Blogpost of the Week

Giles Peaker writes on the Nearly Legal housing law blog about the possible implications of the Openness of Local Government Bodies Regulations 2014.

 

FOIMan can deliver training in Freedom of Information, Data Protection and other information rights issues in your own premises. Get in touch for further details.

Upcoming event

FOIMan to chair FOI and information rights event for Understanding Modern Government.

UMG bannerIn September I will be chairing a one-day event for Understanding Modern Government. Speaking at Understanding Freedom of Information Requests and Rights will be: Lynn Wyeth (@lynnfoi) of Leicester City Council; Dr Ben Worthy, Birkbeck College academic and expert on FOI and open data; Lisa Adshead from the Information Commissioner’s Office; and Heather Savory, Chair of the Open Data User Group. I’ll finish the day with a workshop looking at how to deal with some of the trickier aspects of request handling.

This event proved popular when it was run in February, so don’t miss out.

How do we stop Home Office files from going missing?

FOIMan considers what can be done to improve records management in government (and beyond).

recordsThe Home Office lost 114 files (well, actually 30,000, but let’s not go there). A couple of weeks ago I wrote about this in the context of a Home Affairs Select Committee hearing on this. This morning the Public Administration Select Committee heard from National Archives and Parliamentary Archives officials about records management and disposal across government.

As always, the hearing was somewhat dispiriting, with MPs veering wildly from giddy excitement at the thought that an archive holds 500 years of records (and perhaps moreso at the thought that they too will one day have their words of wisdom captured there) to being unreasonably rude to people trying their best to answer their badly construed questions. One day I’ll stop being surprised by their antics.

It led me to consider once again though – what is the answer?

Well, I can’t claim to be able to resolve all the problems of record keeping with one blog post, but here are some suggestions that would help prevent problems in the future. I do think fundamental change is necessary.

Senior management support. PASC was told that senior management support was crucial for improved records management – but most chief executives and other senior officers want little to do with records management – it is a menial task in their view. I was often told at the start of my career that good records management should be invisible. I always thought that was nonsense and I still do. Good records management requires active attention from everyone, and especially those at the top.

Records management must be properly resourced. As a records manager I was constantly told that we didn’t need “Rolls Royce (or gold-plated) records management” – in other words, the organisation concerned wanted “quick and dirty”. Think about the fact that most IT departments have significant budgets and staffing, can purchase solutions costing thousands on a whim (it often seems), and often their head is a senior director. All those systems will be used to create records, yet if there even is a records manager, they will be fairly junior, and probably alone, and in my experience will have no budget (the only budget I ever had was £2000 to buy boxes). How on earth do they change the culture of their organisation from that position? They don’t is the answer.

Records management needs to be built in. IT companies provide lots of solutions to public bodies and companies, but rarely do those solutions help organisations to retain the records they need and comply with organisational policies. Your organisation probably has a retention schedule specifying how long records should be kept for. But I bet if you asked your HR department whether their IT system deleted records in line with that schedule, they would look sheepish. They’re routinely breaching the Data Protection Act because IT companies don’t provide functionality that everyone needs if they’re going to comply. Similarly, we routinely use email to discuss our work, and important decisions are taken via that medium. Yet any attempt to select and preserve email remains cumbersome and a barrier to compliance with corporate policies. Why? Because of the way that the email system is built.

Improving the quality of staff leading on records management. (Sorry fellow records managers). I’m not convinced that records managers – even those who have actually completed a qualification – are suitably prepared for the realities of the workplace. Certainly I wasn’t. Perhaps it is less important for someone to be a professional records manager (whatever that means now) than to be someone who can get things done, to be a leader. And for that person to have sufficient support and credibility within the organisation.

A statutory basis for records management. Bernard Jenkin asked if destroying records inappropriately was an offence. It isn’t (unless someone has asked for it under FOI, but nobody has ever been prosecuted under that provision). I’m not sure a change in the law in that way would have the effect he hopes for, but certainly if we want records management to improve, the law needs to change. This has happened in Scotland, and whilst I don’t think it is a panacea, I do think it could help. And, as was also highlighted in the PASC hearing, it would be helpful to have record-keeping laws that extend beyond central government. At the moment, the Public Records Act, passed in 1958, only covers Whitehall and Quangos. Records management needs teeth if it is to be effective.

Realistic expectations. Information is being created constantly. It is impossible to keep on top of all of it. Organisations need to identify what is important and focus their attention on those areas. Good – no excellent – records management is possible but only if resources are sufficient and are focussed on key processes. Too many records management professionals consider themselves failures because their organisation doesn’t look like the picture painted in the international standard on records management (ISO15489 – the value of which I am personally sceptical of).

Society’s attitudes need to change. No, really. “Records management is everyone’s job” is a mantra of records managers the world over, but it really is – and not just at work. It’s not just there that we’re being bombarded with information, we get it at home too. It’s time that records management professionals stopped talking amongst themselves about the challenges and started talking to everyone else. The problems we’ve got in the Home Office and in our workplaces start at home. My tongue isn’t entirely in my cheek when I say that we need something akin to Who do you think you are? for records management. How full is your dresser drawer? perhaps.

What do you think?