Tag Archive for Definition of held

Practically Speaking Part V: Holding Your Own

FOIMan brings you the fifth in his series of articles for PDP’s Freedom of Information Journal.

Before Christmas, I started publishing a series of articles that were published in last year’s Freedom of Information Journal. This week I bring you the fifth in the series which looks at the difficulties in establishing whether information is held by public authorities. I’ll be returning to this subject at both the Information & Records Management Society Conference and PDP’s Freedom of Information Conference later this year.

In the sixth and final of the series – for now – I take a look at the issues surrounding approval of FOI responses by senior colleagues and the involvement of Press Officers in this process. Watch out for that next week.

Records Management, FOI and Email – a podcast

FOIMan brings you a recent podcast from the Information & Records Management Society on private email accounts, FOI and records management.

As indicated in my last post, my usual long, considered (possibly verbose) blog posts will continue to be infrequent for a month or so. In their absence, I’m going to provide links over the next few weeks to a number of publications and other resources that I’ve contributed to this year, and that you might find interesting and/or useful.

First up, at the end of September, records management consultant James Lappin came to meet me for a chat about FOI, private email accounts and the implications of all of that for records management. You can hear the result in the second installment of the IRMS podcast series.

James and his fellow consultant, Heather Jack, have also interviewed Canadian records management expert Chris Walker about auto-classification of records, and Hugh Hagan of the National Records of Scotland on the Public Records (Scotland) Act.

Incidentally, I wrote recently on Act Now Training’s blog (Blog Now) about records management and the importance of just getting on with it. I run the Records Management A-Z training course for Act Now and will also be developing a Records Management and the PR(S)A course which will run for the first time in Edinburgh next May. More details can be found on the Act Now Training website.

Mr Graham, you’re pointing the wrong way

FOI Man comments on a war of words between a national newspaper and the Information Commissioner and suggests that Chris Graham is firing in the wrong direction.

I’m generally a tolerant chap. I try to see both sides of any argument, and if people criticise what I write here, it’s usually to say that I sit on the fence too much. If you want (entertaining and informative) bile, I suggest you read Tim Turner’s post about the Information Commissioner from yesterday. Tim REALLY doesn’t like the Information Commissioner’s Office and thinks it does a bad job.

Unlike Tim (just bear with me while I straddle this fence a moment – there), I do believe that there are people in the Information Commissioner’s Office who are doing a good job. Some of them even read this nonsense (Hi!). I recognise that they have a tough job to do, with increasingly limited resources. They produce some very useful guidance, and the enforcement of data protection – especially through the use of civil monetary penalties – has sent a powerful message to organisations in both public and private sectors about the importance of improving the way that personal data is handled. Handling of FOI complaints has sped up vastly since Chris Graham took over as Commissioner.

But as the Financial Times wrote in an editorial earlier this week, there have been important limits. Some central government departments have shown open contempt for FOI, and arguably for the Information Commissioner.  Even when they comply with his rulings, they can’t resist a swipe back. It is well known that the Secretary of State for Education used his wife’s email account to send emails to advisers – and it has been suggested that this was done deliberately to avoid FOI. Chris Cook has subsequently used FOI in an attempt to find out if similar practices were going on in Downing Street and the Cabinet Office. These attempts have almost without exception resulted in him having to appeal to the Information Commissioner, who has in the main ruled that his requests were valid. But each appeal has required Chris to make the request, send some friendly (and less so) reminders, ask for an internal review (but only possible if the Cabinet Office actually answer him in the first place), and involve the Commissioner. It is not surprising that Chris and his employer are pretty frustrated with this process.

It isn’t just Chris that has a hard time getting information (or indeed responses) out of the Cabinet Office. Even the Information Commissioner has noted their lack of cooperation on a number of occasions, as Tim Turner documented last year (and I have a feeling will be documenting further).

What could the Information Commissioner do? If he “is satisfied that a public authority has failed to comply with any of the requirements of Part I” of the Act, he can issue an enforcement notice requiring the authority to take the necessary action. He can do this if it is obvious, for instance, that a public authority has taken longer than it should to answer a request. Or he can simply make it very clear publicly that he disapproves of the way a specific public authority is acting. Imagine if he publicly criticised the Cabinet Office for delaying tactics – I suspect it would have a very big impact.

Instead Mr Graham has chosen to attack the FT. He describes Chris’s requests as “probing areas that are very much at the boundaries of FOI”, as “legal grey areas that the parliamentary draftsmen did not envisage”. I find that hard to understand. If there is evidence that Ministers or others may have tried to avoid FOI, I can understand completely why a journalist would want to find out how widely that practice is followed. In fact I’d have thought the Information Commissioner would have wanted to find that out himself. And decisions as to whether information is held will shape the future boundaries of FOI – that’s an important issue for all users of the legislation.

Earlier this year I attended an event at City University at which Mr Graham was a panellist. Chris Cook raised the same issue with him then. Why wasn’t the Commissioner doing more about the Cabinet Office’s tactics? I have to say that I was disappointed by the response. I expected a reasoned explanation as to the difficulties of using enforcement powers – which I’d have listened to. Instead Mr Graham attacked the questioner in the same bombastic and dismissive tone that is evident in today’s letter.

I understand that journalists and persistent requesters can be frustrating. But as the Commissioner would tell FOI Officers at conferences he has attended, we still have a duty to comply with FOI. We must rise above it.

And the problem, surely here, is with the Cabinet Office. If other organisations can see the central offices of Government getting away with delaying tactics and poor compliance, it is going to make the jobs of FOI Officers encouraging compliance much harder. If Mr Graham is seen to be pointing his gun at the journalists and requesters instead of a Government department that appears to have little respect for FOI, then senior officials elsewhere will take an obvious message from that.


Cabinet Office issues new guidance on private email accounts

FOI Man looks at new guidance issued by the Cabinet Office which appears to directly contradict the Information Commissioner.

Email is a fraught subject for information managers. Take this recent (and rather excellent) blog post from records management consultant James Lappin. As James makes clear, few – if any – organisations have really got a handle on how the valuable information held in email should be retained and managed.

And that’s just the email held in corporate accounts. If staff or others use their own private email accounts to conduct organisational business that creates a whole new complication. Especially if you’re a public authority and that business might be subject to the requirements of the Freedom of Information Act.

Now unless you have a very short memory, you will recall that the Coalition Government has had its fingers burnt in this area before. Through clever use of both FOI and the Data Protection Act (and useful leaks), Financial Times journalist Chris Cook established that Education Secretary Michael Gove and some of his special advisers (or Spads) had been using private email accounts to conduct business which appeared to many (eventually including the Information Commissioner) to be Government business. It was suggested that this had been done to avoid potential disclosure of the emails through FOI.

Following this controversy, the Information Commissioner issued guidance to public bodies which confirmed that email held within private email accounts could indeed be subject to FOI, and what his approach to this tricky issue was.

If I were a Government that had been accused of trying to avoid proper and lawful scrutiny through the use of private email accounts to conduct government business, I think I might want to take a “whiter than white” approach to these matters in future. I’d want to make sure that I followed the Information Commissioner’s line on the issue to the letter, so that nobody could put so much as a hair between my approach and that of the regulator. That seems sensible doesn’t it?

So imagine my surprise as I read the Cabinet Office’s new Guidance to Departments on the Use of Private Email, published perhaps less surprisingly late last Friday afternoon. The guidance starts off by pointing out that it should be read in conjunction with the Information Commissioner’s guidance. So, obedient to the last, I’ve done just that. Let’s see what they say, shall we?

Information Commissioner:

“There is a need to have a clear demarcation between political and departmental work.”

Cabinet Office:

“The originator or recipient of a communication should consider whether the information contained in it is substantive discussions or decisions generated in the course of conducting Government business…”

Information Commissioner:

“In order to avoid the complications of requesting searches of private email accounts, and other private media, records management policies should make clear that information on authority-related business should be recorded on the authority’s record keeping systems in so far as reasonably practicable.”

Cabinet Office:

“Civil servants and Ministers are generally provided with access to Government email systems. Other forms of electronic communication may be used in the course of conducting Government business.”

Information Commissioner:

“When a request is received, public authorities should consider all locations where relevant information may be held. This may include private email accounts.”

Cabinet Office:

“As set out above, it is expected that Government business should be recorded on government record systems. It will generally be reasonable to search only within those systems when a request has been received.” [so presumably, any FOI Officer asking a Minister if they have emails relating to Government business in their private email account will be considered unreasonable]

Information Commissioner:

“Public authorities should also remind staff that deleting or concealing information with the intention of preventing its disclosure following receipt of a request is a criminal offence under section 77 of FOIA.”

Cabinet Office:

[Silence falls. Tumbleweed rolls down Whitehall.]

Now to be fair to the Cabinet Office (no, come on), some may see these differences as subtle and perhaps it is only my world-weary cynicism that leads me to see conflict. But the final section of the Cabinet Office guidance dealing with The Freedom of Information Act and searches for information sees the Cabinet Office take a running jump away not just from the Information Commissioner’s guidance, but also from any reasonable interpretation of the legislation itself.

“The FOI Act allows people to request information; it does not give the requester any power to dictate where the department should search for that information. It is for the department to consider where the information might be and to take reasonable steps to find it.”

I’m sure that it’s just a coincidence that Chris Cook has made a spate of requests to the Cabinet Office and Department for Education asking for information sent by individuals on Government business using private email accounts. Surely the Cabinet Office couldn’t be so touchy as to write a policy just to thwart the efforts of a single journalist?

But the point is that FOI doesn’t place any limitations on the way that requesters should ask for information. They merely have to describe “the information requested” (FOI, s.8). If that description happens to include the location that they believe the information can be found in, the only reasons why a public authority would not be obliged to provide that information is if an exemption applies to it, if the request is considered to be vexatious, or if to provide the information in that location would exceed the appropriate cost limit.

But you don’t have to take my word for it. The Information Commissioner’s Office issued a decision notice (not yet available on the ICO website) to the Cabinet Office the week before this guidance was published making exactly the same point.

Chris Cook had made a request for “copies of emails relating to the government’s education reforms, sent between the Prime Minister and a special adviser, using non-GSI email accounts”. Given the events described above in relation to the Secretary of State for Education, it can perhaps be understood why such a request might be made. The Cabinet Office argued (as in their guidance) that FOI did not allow requests for information by reference to a particular location or medium, and that Chris’s request was therefore not a valid request. The Information Commissioner concluded that Chris’s request was indeed valid for the reasons I’ve suggested above.

So the week after the Information Commissioner has explicitly stated to them that a request for information held in a specific location is a perfectly valid request, the Cabinet Office have published official guidance to Government departments contradicting the Commissioner’s view. Not for the first time, this Government appears to be interpreting the law to suit itself in the face of all the facts, and raising a single finger in the direction of the Information Commissioner.

Is Michael Gove’s email held by DfE?

FOI Man considers whether an email from the Secretary of State for Education to several colleagues is held by the DfE for the purposes of FOI.

In the Autumn of last year, Chris Cook, the Education correspondent of the Financial Times, broke a story which is of interest to FOI watchers everywhere. He had uncovered evidence suggesting that the Education Secretary, Michael Gove, and special advisers in the department, had been using private email accounts to conduct Government business. The suggestion was that this was being done to avoid the emails coming to light through FOI.

The story has led to an investigation by the Information Commissioner, new guidance from the Commissioner, and questions in Parliament. And Chris himself has proved tenacious in pursuing this story.

For their part, the Department for Education and Mr Gove himself have argued that they had been following Cabinet Office guidance (though Cabinet Office responses to FOI requests have suggested that if such guidance existed, it was not written down), and that the emails themselves related to party political business, and were therefore not held by DfE.

Chris has been at an advantage in this matter. He already had the emails before he made his FOI request, so knew what he thought he should have received. When they weren’t all received, he complained to the Information Commissioner. That investigation is ongoing.

Today, Chris has published one of the emails that DfE insist is “party political” on his FT blog. I’ve studied this email.

There are certainly aspects of the email that are party political. It talks about Labour’s record in negative and explicit terms. You wouldn’t expect a Minister to write to a civil servant in that way.

But here’s the rub. One of the recipients was a civil servant. If civil servants are supposed to be politically neutral, why would you copy one in on a party political email? I’ve never worked in a Ministerial Office or even a government department, so I can’t be sure, but it seems odd.

And there are aspects of the email that sound rather more like departmental business. It discusses communications planning, apparently for the Department rather than the Conservative Party. It asks for information about his Ministerial diary.

It seems to me that parts of the email at least relate to departmental business.

What does the Information Commissioner’s guidance say about this issue? It lists the factors to consider when deciding whether email in a private account relates to Government business:

  • the focus of the request, indicated by the words used by the requester;
  • the subject matter of the information which falls within the scope of the request;
  • how the issues to which the request relates have been handled within the public authority;
  • by whom and to whom was the information sent and in what capacity (e.g. public servant or political party member); and
  • whether a private communication channel was used because no official channel was available at the time.

There doesn’t appear to be any dispute over the focus of the request – if the email is departmental business, it’s covered by the request. We have little knowledge of how such business would normally be carried out, but surely communications planning for DfE is normally a departmental matter. We do know that the information was sent by the Secretary of State for Education, and the recipients were his Special Advisers (who admittedly have an ambiguous role, but are based in the Department), and a civil servant (to their private email address presumably, but nonetheless significant). We can’t know for sure why this channel was used.

A Tribunal decision last year looked in detail at whether information was held by a university, and I think that some of their observations in that case are relevant here:

“The effect of this subsection [s. 3(2) FOIA] is to confirm the inclusion of information within the scope of FOIA s1 which might otherwise have been arguably outside it. The effect of paragraph (a) is that information held by the authority on behalf of another is outside s.1 only if it is held solely on behalf of the other: if the information is held to any extent on behalf of the authority itself, the authority ‘holds’ it within the meaning of the Act. The effect of paragraph (b) is that the authority ‘holds’ information in the relevant sense even when physically someone else holds it on the authority’s behalf.”

The judge who reviewed the case when it was appealed to the Upper Tribunal was very clear that in his view “held” had its normal English meaning. It shouldn’t be over-analysed:

“A key feature of the FOIA regime is the need to balance the interests of the requester and the public interest in the free flow of information with the legitimate interests of public authorities and third parties.  Moreover, that balance is struck not by over-complicating the simple factual concept of whether information is “held” by a public authority – rather, it is achieved by the matrix of absolute and qualified exemptions and the application, where appropriate, of the public interest test.”

(for a fuller analysis of this case, read what barrister Robin Hopkins of 11KBW had to say about it).

My reading of this is that if in doubt, the information should be considered to be held by the public authority. It might still be withheld using exemptions, but it has to be considered. I believe there is enough doubt in the case of the email the FT has published to suggest that it should have been dealt with as though held by the DfE. And the lawyers that Chris has consulted all agree.

Of course, that doesn’t mean that the Secretary of State was deliberately attempting to avoid FOI. But it does raise more questions about the DfE’s interpretation of the Act.