The Exemption Index: Section 42 – the exemption for legal professional privilege

Exemption Index logoFOIMan examines the exemption protecting legal advice.


If you’re being sued, you will no doubt want to seek legal advice. Even if you’re not, but you want to make sure your activities are compliant with legal requirements, you would want to seek such advice.

There is an established convention that such advice is confidential, with good reason. If you ask for advice, and the advice comes back saying that your case is weak, you don’t want those who might litigate against you to get access to it. It’s up to their lawyers to make the case against you. If you thought that adverse advice might be disclosed, you probably wouldn’t ask for it in the first place, as it could leave you in a weaker position.

That’s why there is an exemption to cover this. But perhaps surprisingly, it is subject to a public interest test. So in some cases, it might be disclosed.

Information affected

Advice (and requests for advice) from solicitors, barristers or legal executives.

Things that FOI Officers need to know

  • there are 2 types of information covered by legal professional privilege – litigation advice and legal advice
  • be clear who the client is, and who is giving the legal advice
  • keep it to yourselves – if the advice is shared beyond those it is given to, there is a risk that it could be said that the advice is no longer confidential (and therefore no longer protected by privilege)
  • information that already existed before the advice was sought (to give an FOI-world example – a document that has been requested under FOI that you have sent to an in-house lawyer for their opinion on whether an exemption might apply) will not be protected by legal professional privilege, but if the information (perhaps in the form of an attachment or enclosure) has been prepared specifically to support the legal advice then it would attract protection.
  • if it is legal advice that has been kept confidential there is a very good chance that it will be exempt – whilst there is a public interest test, both the Commissioner and Tribunals agree that there is a substantial public interest in maintaining legal professional privilege
  • That said – there are factors that might weigh in favour of disclosure – see below.

Things that requesters need to know

  • whilst it is recognised that there is a substantial public interest in maintaining privilege, the very fact that s42 is qualified means that in some circumstances legal advice will be disclosed
  • as always, timing is a factor – if the risk of litigation has lessened, then there will be less of a public interest in maintaining the exemption
  • if the advice is not on an issue affecting individuals, it has been argued that the public interest in withholding it will be lessened
  • if the substance of the advice has previously been disclosed in an unrestricted manner, it may be that firstly legal professional privilege may not apply; but that even if it did, the public interest in withholding it is reduced.

Essential case law

Recommended reading

FOIMan News to 11 August 2014

NEWS1FOIMan highlights the latest news stories around freedom of information and information rights.

Requesters can specify file format says Court of Appeal

Section 11 of FOI requires public authorities to make information available in a form specified by the requester if “reasonably practicable”. Up to now, the accepted view of the Information Commissioner and public authorities has been that this merely allows a requester to specify whether the information should be supplied in paper or electronic form. This latest decision – which sets a precedent that the Commissioner and future Tribunal hearings will have to follow – rejects this. Lord Justice Underhill took the view that format is “an aspect of the “form” of the information.” So in future public authorities will need very good reasons not to provide information in a particular format (e.g. Microsoft Excel) if it is requested in that format. A more detailed analysis is provided by Christopher Knight on the Panopticon Blog.

Social media publication does not automatically trump data protection

In a controversial decision in 2012, the First-Tier Tribunal ruled that the names of members of a “Youth Council” set up by Surrey Heath Borough Council should be disclosed if their names appeared on a Facebook page that had been set up for the Youth Council. The view was that because the names had been made public, this meant that the council members had no right to protection of their identity. The Upper Tribunal’s decision in Surrey Heath Borough Council v IC & Morley (this copy of the judgment is available via the Panopticon Blog) overturned this view. Judge Jacobs argued that the FTT had been too simplistic. For example, he pointed out that there was no evidence that the individuals had agreed to their names being published on Facebook. In most circumstances where public authorities are considering the disclosure of personal data, they have to assess whether there is a legitimate interest in making it available and whether disclosure would cause the individuals concerned unwarranted prejudice. Judge Jacobs concluded that there was no legitimate interest in the publication of the names. Although he ruled that the information should be withheld in this case, he did make clear that this was based on the facts in this particular case; he also set out a useful test for future decisions involving the personal data of young people.

New regulations attempt to enhance local authority openness

The Openness of Local Government Bodies Regulations 2014 are the latest attempt by Eric Pickles, Communities Secretary, to further open up local government. Councils have to allow filming of council meetings and “reporting and providing commentary on proceedings at a meeting, orally or in writing, so that the report or commentary is available as the meeting takes place or later to persons not present” (or more succinctly, they have to allow people to live-Tweet from meetings). In addition, local authorities have to record certain decisions and make them available. The regulations make it a criminal offence to obstruct or refuse a request for such a record of a decision.

Blogpost of the Week

Giles Peaker writes on the Nearly Legal housing law blog about the possible implications of the Openness of Local Government Bodies Regulations 2014.


FOIMan can deliver training in Freedom of Information, Data Protection and other information rights issues in your own premises. Get in touch for further details.

Upcoming event

FOIMan to chair FOI and information rights event for Understanding Modern Government.

UMG bannerIn September I will be chairing a one-day event for Understanding Modern Government. Speaking at Understanding Freedom of Information Requests and Rights will be: Lynn Wyeth (@lynnfoi) of Leicester City Council; Dr Ben Worthy, Birkbeck College academic and expert on FOI and open data; Lisa Adshead from the Information Commissioner’s Office; and Heather Savory, Chair of the Open Data User Group. I’ll finish the day with a workshop looking at how to deal with some of the trickier aspects of request handling.

This event proved popular when it was run in February, so don’t miss out.

How do we stop Home Office files from going missing?

FOIMan considers what can be done to improve records management in government (and beyond).

recordsThe Home Office lost 114 files (well, actually 30,000, but let’s not go there). A couple of weeks ago I wrote about this in the context of a Home Affairs Select Committee hearing on this. This morning the Public Administration Select Committee heard from National Archives and Parliamentary Archives officials about records management and disposal across government.

As always, the hearing was somewhat dispiriting, with MPs veering wildly from giddy excitement at the thought that an archive holds 500 years of records (and perhaps moreso at the thought that they too will one day have their words of wisdom captured there) to being unreasonably rude to people trying their best to answer their badly construed questions. One day I’ll stop being surprised by their antics.

It led me to consider once again though – what is the answer?

Well, I can’t claim to be able to resolve all the problems of record keeping with one blog post, but here are some suggestions that would help prevent problems in the future. I do think fundamental change is necessary.

Senior management support. PASC was told that senior management support was crucial for improved records management – but most chief executives and other senior officers want little to do with records management – it is a menial task in their view. I was often told at the start of my career that good records management should be invisible. I always thought that was nonsense and I still do. Good records management requires active attention from everyone, and especially those at the top.

Records management must be properly resourced. As a records manager I was constantly told that we didn’t need “Rolls Royce (or gold-plated) records management” – in other words, the organisation concerned wanted “quick and dirty”. Think about the fact that most IT departments have significant budgets and staffing, can purchase solutions costing thousands on a whim (it often seems), and often their head is a senior director. All those systems will be used to create records, yet if there even is a records manager, they will be fairly junior, and probably alone, and in my experience will have no budget (the only budget I ever had was £2000 to buy boxes). How on earth do they change the culture of their organisation from that position? They don’t is the answer.

Records management needs to be built in. IT companies provide lots of solutions to public bodies and companies, but rarely do those solutions help organisations to retain the records they need and comply with organisational policies. Your organisation probably has a retention schedule specifying how long records should be kept for. But I bet if you asked your HR department whether their IT system deleted records in line with that schedule, they would look sheepish. They’re routinely breaching the Data Protection Act because IT companies don’t provide functionality that everyone needs if they’re going to comply. Similarly, we routinely use email to discuss our work, and important decisions are taken via that medium. Yet any attempt to select and preserve email remains cumbersome and a barrier to compliance with corporate policies. Why? Because of the way that the email system is built.

Improving the quality of staff leading on records management. (Sorry fellow records managers). I’m not convinced that records managers – even those who have actually completed a qualification – are suitably prepared for the realities of the workplace. Certainly I wasn’t. Perhaps it is less important for someone to be a professional records manager (whatever that means now) than to be someone who can get things done, to be a leader. And for that person to have sufficient support and credibility within the organisation.

A statutory basis for records management. Bernard Jenkin asked if destroying records inappropriately was an offence. It isn’t (unless someone has asked for it under FOI, but nobody has ever been prosecuted under that provision). I’m not sure a change in the law in that way would have the effect he hopes for, but certainly if we want records management to improve, the law needs to change. This has happened in Scotland, and whilst I don’t think it is a panacea, I do think it could help. And, as was also highlighted in the PASC hearing, it would be helpful to have record-keeping laws that extend beyond central government. At the moment, the Public Records Act, passed in 1958, only covers Whitehall and Quangos. Records management needs teeth if it is to be effective.

Realistic expectations. Information is being created constantly. It is impossible to keep on top of all of it. Organisations need to identify what is important and focus their attention on those areas. Good – no excellent – records management is possible but only if resources are sufficient and are focussed on key processes. Too many records management professionals consider themselves failures because their organisation doesn’t look like the picture painted in the international standard on records management (ISO15489 – the value of which I am personally sceptical of).

Society’s attitudes need to change. No, really. “Records management is everyone’s job” is a mantra of records managers the world over, but it really is – and not just at work. It’s not just there that we’re being bombarded with information, we get it at home too. It’s time that records management professionals stopped talking amongst themselves about the challenges and started talking to everyone else. The problems we’ve got in the Home Office and in our workplaces start at home. My tongue isn’t entirely in my cheek when I say that we need something akin to Who do you think you are? for records management. How full is your dresser drawer? perhaps.

What do you think?

FOIMan News to 18 July 2014

FOIMan reports on the latest FOI and information rights news stories.

The Information Commissioner's Annual Report was published this week.

The Information Commissioner’s Annual Report was published this week.

Information Commissioner uses launch of Annual Report to call for more resources and powers


The Information Commissioner, Christopher Graham, launched his office’s Annual Report for 2013/14 on Tuesday 15 July. Following on from his reported comments at an internal meeting earlier this year, Mr Graham highlighted the state of funding of his office, saying:

…to do our job properly, to represent people properly, we need stronger powers, more sustainable funding and a clearer guarantee of independence.

Law Commission advises Government to set up a comprehensive review of data sharing law

Last year the Law Commission opened a consultation on data sharing with a view to identifying perceived hurdles to data sharing in the UK. Last week (11 July) the Commission published its report on the consultation. It recommends a “full law reform project”:

…to create a principled and clear legal structure for data sharing, which will meet the needs of society.

It suggests that the project should map, clarify and modernise statutory provisions around data sharing, as well as looking at “soft law” such as guidance, Codes of Practice and sharing of best practice. The report was made to the Secretary of State for Justice, Chris Grayling.

Schools Trust holds information says Tribunal – eventually

In a week when the Education Secretary was removed from office, scrutiny fell on the complicated arrangements behind many academies, and the implications for FOI. Geraldine Hackett, a journalist, wanted to see the employment arrangements of the Chief Executive of the United Learning Trust, a Trust behind a number of academy schools. The Trust argued that they did not hold the information as the Chief Executive was employed by the Trust’s parent body, the United Church Schools Foundation Ltd. This argument had been upheld by the Information Commissioner and the First-Tier Information Tribunal. The Upper Tribunal overturned the FTT decision on a technicality and asked for a new First-Tier Tribunal to reconsider the case.

This time, the FTT found that because the information was held in filing cabinets that the Trust’s staff had access to, the information was held. The decision is in line with the important University of Newcastle Upper Tribunal decision which stated that “[h]old…is an ordinary English word and is not used in some technical sense…”. It also confirms the overall trend of decisions around the definition of “held” since then which suggests that if there is any doubt, the public authority probably holds the information in question. Robin Hopkins has analysed the case in more depth on 11KBW’s Panopticon Blog.

Data retention emergency legislation DRIPs through Parliament

The controversial emergency Bill requiring communications providers to retain data on telephone and internet use received Royal Assent in the same week that it was introduced to Parliament. It followed the European Court of Justice’s decision in April that the existing European Directive was unlawful as it represented a disproportionate intrusion into individuals’ privacy. At the time, the court said that the Directive:

entails an interference with the fundamental rights of practically the entire European population.

DPA without the Lawyer

DPA without the Lawyer

Publication of the Week

In a slight departure, this week I’m going to highlight a new book from The Centre for Investigative Journalism called DPA without the Lawyer. This is the latest in the series of books (including FOIA without the Lawyer and EIRs without the Lawyer) put together by the team at Request Initiative. DPA without the Lawyer is written by Jenna Corderoy and Brendan Montague and explains how journalists can take advantage of the subject access requirements of the Data Protection Act in their investigations.


FOIMan can deliver training in Freedom of Information, Data Protection and other information rights issues in your own premises. Get in touch for further details.