Archive for Resources

FOI and diaries – long read

FOIMan’s latest article for PDP’s Freedom of Information Journal explores how requests for diaries of public officials should be handled.

A few weeks ago I wrote a blog post about FOI and diaries in response to an article in the Guardian. Coincidentally I had just written a piece for PDP on the same subject and I promised to publish it here when it was published.

As promised then, here is my latest piece for PDP’s Freedom of Information Journal, on FOI and diaries.

Copyright and FOIA

FOIMan writes about the relationship between copyright and freedom of information.

Practitioners and others often get confused about the way that copyright interacts with FOI. In this piece for the Freedom of Information Journal, I attempt to provide some clarity. In summary, whilst public authorities retain copyright in much of the information that they disclose, it will often be difficult for them to prevent requesters and others from re-using disclosed data.

Back to the FOIA: FOI, historical records and archives

FOIMan writes about the relationship between FOI and the past.

Way back before I got involved with FOI, I started my career as an archivist. In my latest article for the Freedom of Information Journal, I’ve written about the complex relationship between FOI, historical records and archives. Both archives and FOI provide means to hold public authorities to account. So how do they interact – and is FOI damaging archives?

You can find out by reading the article here.

The Freedom of Information Officer’s Handbook

FOIMan unveils a forthcoming book seeking to define the role of the FOI Officer and provide help to anyone struggling with the management of their organisation’s FOI obligations.

The Freedom of Information Officer's Handbook, Facet PublishingIf you are employed as a FOI Officer, or even just do a job that involves dealing with a lot of FOI requests, one of the problems has always been that there is no manual. Until now. Later this year, Facet Publishing will be bringing you The Freedom of Information Officer’s Handbook, a new book about FOI by…well, me.

Yes, I referred recently to my relative silence online in recent months, explaining that this was partly down to the demand for GDPR training over the last few months (which continues), but also hinted at another mystery time-consuming commitment. I can now reveal that the latter has been (and continues to be), the writing of this book. This will be my first book (and perhaps my last!), which is obviously exciting for me, but hopefully also an interesting development for those of you who have followed this blog over the last few years.

There are plenty of places to find guidance on FOI, and even other books that explore FOI from a legal perspective, focussing on the application of exemptions for example. However, there isn’t anything (to my knowledge at least) that provides a comprehensive guide to how FOI should be managed by public authorities. So whilst you will find useful summaries of the law and how exemptions should be applied in this book, you will also find guidance on best practice when it comes to administering FOI. A chapter on embedding FOI in your organisation will include the development of policies and procedures, and how to assess and address training needs. Another on managing FOI will look at the IT systems that can be used to log requests, and how to improve performance, amongst other things. Some of you will have been lucky enough to receive FOI requests from me over the last year,* and the answers to those requests, together with my own experiences over the last 15 years, and other published research on FOI, will bring a fresh perspective on how FOI should be managed.

A really important thing for me in proposing and writing this book has been to explore the role of the FOI Officer. FOI is still relatively new, and whilst I often refer to FOI Officers in this blog and elsewhere, there aren’t actually that many people who answer requests that are called ‘FOI Officer’ within their own organisation. They often have to fit FOI work around other responsibilities. The work of those involved in FOI management, and the challenge they face, is often hugely underestimated by both requesters and by their colleagues and managers. In this book I hope to cast some light on their work and help those in these roles to be better appreciated by both others and (perhaps more importantly) by themselves.

The book won’t ignore related legislation either. The Environmental Information Regulations will feature heavily, and a chapter on copyright and re-use will discuss the Re-use of Public Sector Information Regulations and how they interact with FOI. There will also be brief descriptions of how the various FOI laws from around the British Islands (Scotland, Ireland, Isle of Man, States of Jersey) differ from the UK one that is the focus of the book.

Finally, the book offers the opportunity to provide an updated vision of FOI management in the context of the latest developments. In particular, I’ll be looking at what GDPR means for FOI, both in terms of compliance, but also considering what lessons there might be from concepts such as Data Protection Officers and data protection by design. The new s.45 Code of Practice will obviously feature (and I’m hoping the finalised version will be published in time to be referenced!).

The book is obviously aimed primarily at practitioners and others working in public authorities. However, just as this blog has proved to be of interest to a wider audience of journalists, academics, and other users of the Act over the last few years, hopefully the book will also appeal to those outside the public sector curious about how FOI works in practice.

The Freedom of Information Officer’s Handbook will be published by Facet Publishing towards the end of this year. It retails at £59.95, but readers of this blog can pre-order copies direct from the publisher with a 30% discount (resulting in a reduced price of £41.99). To take advantage of the discount, email info(Replace this parenthesis with the @ sign)facetpublishing.co.uk to indicate your interest in ordering a copy and quote the code FOIMAN (do not supply payment card or bank account details by email). The publisher’s distributor will then contact you to arrange payment and discuss despatch instructions. For more details about how your information will be used by Facet, see the privacy policy on their website.

* And more seriously, a very big thank you to everyone who has answered FOI requests from me or helped in any way over the last few months – it is hugely appreciated.

FOI and the General Data Protection Regulation

FOIMan considers how the General Data Protection Regulation (GDPR) affects the Freedom of Information Act (FOI) and its administration.

Happy new year! 2018 is finally here and only a matter of months remain before the GDPR applies to anyone that processes personal data. You may have noticed that I’ve been fairly quiet online of late, and one reason for that is that I’ve been busy travelling the country delivering GDPR training to a range of organisations. Another reason will become clear in due course…

My first love is (when it comes to information rights anyway), of course, FOI. So given that I’ve been giving so much thought to GDPR, it made sense to think about how the new law affects FOI.

A few months ago I blogged briefly about an obscure schedule of the Data Protection Bill (hopefully soon to become the Data Protection Act 2018) that made amendments to FOI in order to ensure that the exemption for personal data will still work effectively with GDPR. It’s important that these changes happen otherwise there would be a conflict between FOI and the new data protection regime. Not making them could lead to personal data being disclosed when it shouldn’t be, or, as I indicated in my blogpost, to less information being disclosed than might have been in the past.

However, GDPR doesn’t just mean changes to other legislation. It means that any organisation processing personal data has to ensure that that processing meets its requirements. That includes public authorities.

What might be forgotten is that the handling of FOI requests invariably involves the processing of personal data. Some of that processing will be expected by applicants and will be easy to justify; some of it won’t be. When I gave a presentation about this to a group of practitioners in December, there were some audible gasps (of recognition primarily) as I listed some of the things that public authorities routinely do with personal data whilst processing FOI requests, but are often done without much thought. It’s not necessarily that those activities are wrong, you understand; but GDPR (if not the current Data Protection Act) requires all public authorities to give some thought to how they are justified. They’ll also need to ensure that they meet the other requirements of GDPR.

In my latest piece for PDP’s Freedom of Information Journal I’ve looked at the FOI amendments in the Data Protection Bill (at least as it stood in October when this piece was written). I’ve also examined how FOI requests are handled and what practitioners will want to be looking at to prepare for GDPR. A lot of the things I discuss will be relevant for other correspondence processes as well.

Have a read. I hope it gives you some food for thought at the start of what will be a very busy and interesting year.