Openness by Design: less fluff please

FOIMan comments on the ICO’s new draft FOI strategy ‘Openness by Design’.

A few weeks ago the ICO published its draft strategy for FOI and access to information over the next three years. It is still open for consultation until 8 March so if you have a view on the strategy, make sure you submit a response.

I’ve been reading it with a view to doing the same, but I thought I’d make some initial comments here.

The strategy focuses on five priorities:

• Work in partnership to improve standards of openness, transparency and participation among public authorities in a digital age.
• Provide excellent customer service to members of the public and public authorities and lead by example in fulfilling our statutory functions.
• Raise awareness of access to information rights and make it even easier for the public to exercise their rights.
• Promote the reform of access to information legislation so it remains fit for purpose.
• Develop and sustain our international collaboration.

It’s hard to disagree with these statements of intent but that’s because they’re pretty bland – with a few tweaks they could have been copied and pasted from pretty much any corporate strategy document (the Scottish Commissioner’s strategic plan for 2016-2020 lists some very similar priorities, but they are worded more specifically). It would be good to see something more meaningful being promised. There are certainly opportunities to do more on FOI so it is not that there is nothing to say.

The more detailed exploration of these strategic goals is more enlightening. There are some hints of changes in approach (such as the collection of ‘systematic feedback’ from applicants and authorities). Strategic priorities are listed. The most striking of these are plans to develop a self-assessment toolkit; assessing the feasibility of transparency impact assessments along the same lines as Data Protection Impact Assessments; promoting digital means to enhance transparency; and building the case for changes to FOI (see my last post for more on that).

Much of this is laudable in principle but is a bit, well, er…fluffy. Do we really need the ICO to develop a ‘service charter’ to improve matters? If money is tight on the FOI side why is so much attention given to international relationships (I appreciate I’m starting to sound like the ERG here, but it’s a fair question)? Given the volume of requests that many authorities are struggling with, should the ICO really be devoting more of its scarce resources to increasing awareness amongst the public of FOI (it is part of the Commissioner’s statutory role to do that, but is it a priority over other things at present?)?

Come to that, why only ‘assess the feasibility’ of impact assessments? The Commissioner has been talking about them for almost a year so shouldn’t they have assessed the concept already? The few concrete ideas mentioned in the strategy seem to involve adding extra red tape to the FOI and openness process – whether it be impact assessments or self-assessment toolkits.

There’s lots of talk of ‘working in partnership’ with stakeholders, ‘using feedback’ and ‘develop engagement channels’. But aren’t the ICO already doing this? Some of the priorities outlined are so vague and amorphous that it is hard to know what they really mean.

One of the things that struck me when I was researching The Freedom of Information Officer’s Handbook was how little support practitioners get in doing their jobs. The ICO rightly points out that FOI’s benefits are not always recognised by public authorities, and that too much energy is spent on complaining about its cost. But my concern is that this strategy in its present form is not going to help win practitioners and their colleagues over, nor help them to improve their performance.

And there are specific and measurable things that the ICO could do to help practitioners and foster a more positive attitude to openness.

For a start, look at the Scottish Commissioner’s Office. I’m sure they’re not perfect, and they don’t have as wide a remit, nor is their constituency as large. However, with the limited resources they have they do a lot. The UK ICO could do worse than to look at the things they do:

• collect and publish FOI stats– at the very least I’d like to see some solid commitments to enforcing the new code of practice requirements on authorities to publish these (the Commissioner talked about looking at the publication of statistics in the same speech a year ago in which she discussed impact assessments, so shouldn’t they have some meaty ideas by now?)
• publish more guidance on the practicalities of FOI compliance (there is a mention of this in the strategy to be fair to the ICO)
• highlight the learning from recent decisions in accessible ways, such as the Scottish ICO’s weekly round-ups and associated tweets
• be seen to take on even the most powerful public authorities if they are not cooperating. I don’t need to bang on about certain government departments as plenty of others better placed than me to comment (as here and here) have done that. I understand that sometimes there may be more effective means than formal action to move things on, but it would be good if this strategy gave some indication of a new approach and what the ICO is prepared to do in the face of intransigence.

In short, practitioners need more concise and usable guidance; they need practical assistance; they need to be able to compare their performance to others; they need to know that if they tell their colleagues that they should comply, that they won’t look silly when government departments are let off the hook.

The ICO claim that one of their values is to be ambitious. I think they should put more emphasis on being ‘service focussed’ and in particular provide some more quality support for practitioners. Without educated and empowered practitioners, everything else in FOI falls apart. At the same time, where an authority is not playing ball, there needs to be less partnership and more confrontation. Get the basics right and everything else will follow.

The above comments may be unfair criticism of what is intended to be a high level declaration of intent. However, whether it be here or elsewhere, the ICO need to demonstrate that they are going to promote and enforce FOI compliance in a more practical and active way.