Tag Archive for Protection of Freedoms Bill

Protection of Freedoms Act – FOI changes

FOI Man summarises the changes to the FOI Act that result from the passing of the Protection of Freedoms Act last week. And finds that not much has changed over the course of the last year.

The Protection of Freedoms Act came into force on 1 May 2012. Amongst its many implications are those for the Freedom of Information Act (though we still await a commencement order in respect of these provisions, so it is not yet clear when they will come into force). I previously wrote about this when the Bill was first published early last year, but now that it has entered the statute books, it is time to see what the approved legislation requires.

Part 6 of the Act covers the freedom of information and data protection changes. Section 102 amends section 11 of FOI to the following effect:

  • where a public authority is asked for information that is in the form of a dataset (defined in the new section 11(5) – or s.102(2)(c) of PoFA), and the requester asks for it in electronic form, as far as is reasonably practicable (explained at s.11(2) of the existing FOI Act), the public authority must disclose the dataset in a re-usable format.

A new section 11A:

  • requires that where the copyright of a disclosed dataset belongs to the public authority, it will be subject to a licence to be specified by the Secretary of State (presumably Justice) in the Section 45 Code of Practice (a new revision of which, we assume, must be forthcoming);
  • allows an authority to charge a fee for re-use in line with section 11B or any other regulations that provide for a fee to be charged for re-use;
  • requires an authority to issue a fees notice to an applicant where it is planning to charge for re-use;
  • removes the obligation to allow re-use until such a fee has been paid.

And section 11B:

  • empowers the Secretary of State (again, presumably Justice), in consultation with the Treasury, to establish fees for re-use of datasets through regulations;
  • these regulations would apply to datasets disclosed in response to FOI requests and listed in a public authority’s publication scheme.

Talking of publication schemes, public authorities will be obliged to publish datasets disclosed in response to FOI requests in their publication schemes unless they are satisfied that it is not appropriate. They will also have to publish updated versions when they change. Section 19 of FOI has been amended to this effect (it now includes a section 19(2A-F)).

Section 45 has been updated to require the Secretary of State to make provision in the Code of Practice for disclosure of datasets.

Section 103 of the Protection of Freedoms Act closes down the loophole in the coverage of FOI for bodies established by two or more public authorities by amending section 6 of FOI.

Section 104 extends certain provisions of FOI that hitherto had not applied to Northern Ireland to that jurisdiction.

Section 105 amends both the Data Protection Act and FOI to extend the Information Commissioner’s term of office from 5 to 7 years, and limit those appointed to the post to one term.

Section 107 amends section 47(4) of FOI allowing the Information Commissioner to charge for “relevant services” – training, multiple copies of published material, and conferences – without consulting the Secretary of State (as he was obliged to do previously).

In summary:

  • public authorities are obliged to make datasets available in a re-usable format on request;
  • re-use will be allowed under the terms of licence(s) to be announced, and charging will probably be allowed in line with existing or new regulations;
  • disclosed datasets will normally have to be published (and kept up-to-date) under an authority’s publication scheme;
  • publicly-owned companies owned by more than one public authority will no longer escape FOI;
  • Information Commissioners will serve only one 7-year term; and
  • expect the Information Commissioner’s Office to start charging for training and conferences.

Not much has changed on this aspect of the Act since the first draft over a year ago. We now need to watch out for the commencement order bringing these changes into force, the revised section 45 Code of Practice, and any regulations on charging for re-use.

FOI, Datasets and the Protection of Freedoms Bill

A little while ago, Ibrahim Hasan of Act Now Training kindly asked me to write a piece for their Information Law Newsletter. It appears in the latest issue which has been published today.

In summary, I talk about the proposed amendments to the UK Freedom of Information Act in the Protection of Freedoms Bill. The piece covers what datasets are (also covered in more depth by Ibrahim in another piece elsewhere in the Newsletter), what practical steps we should be taking, and finally calls for FOI Officers to get more involved in open data projects in their organisations.

There are also pieces in the Newsletter from Emily Goodhand, better known as @CopyrightGirl on Twitter, who wrote a couple of great guest posts here and here a few months ago, and Jonathan Baines, an Information Rights Specialist at Buckinghamshire County Council, who writes about the Environmental Information Regulations.

Open Data – Just Do It?

Central Government has established a datastore for Open Data. But if you’re outside of Central Government, how do you react to calls for more online data? And what is the role of FOI Officers in getting them established? Southampton University’s new datastore may give us some clues.

This week Southampton University launched data.southampton.ac.uk, its open data repository. It is perhaps unsurprising that Southampton should take the lead in the Higher Education sector in this way. Two of its academic staff, Professors Nigel Shadbolt and Sir Tim Berners-Lee (yes, that one), sit on the Government’s Transparency Board and are heavily involved in the data.gov.uk site.

However, this is the lowest tier of the public sector at which I’ve seen this done. The Greater London Authority (GLA) in London has a Datastore, but the GLA has always been a strange beast – a weird hybrid between local government and central government with more flexibility than most public sector bodies. There may well be others doing great things, but I’m not aware of them. The fact that a higher education institution could do this set me thinking. Was this something I should be doing?

I’ve been hearing great things about the power of open data, but it all seems rather distant from me. The language used can be off-putting at times. All this XML, ODF, even the term ‘Repository’ suggests to me something difficult, technical and, most of all, expensive.

A journalist asked me last week if FOI Officers were involved in Open Data initiatives in the public sector. Being honest (like Superman, FOI Man never lies), I explained that from what I had gathered, where open data initiatives were in place (basically Government and the GLA) the two things seemed to be dealt with separately. FOI Officers were busy dealing with FOI requests and required specific knowledge of the application of legislation. Open Data projects tend to be run by techie-types, statisticians and economists. And it rankled with me that I was being left out of this important stage of the openness agenda.

Why shouldn’t we be involved in these projects? Through answering FOI requests we’ve built up a vast knowledge of the information held in our organisations and how feasible it is to extract and make public. Those of us who are records managers as well have an even deeper knowledge of our organisations’ information resources. Some of us even maintain Information Asset Registers so have already identified all the key datasets in our organisations. No, scratch that. Not only should we be involved, we should be initiating and leading on these projects.

A ‘repository’ is no more than the place where the files are put; it doesn’t have to be something new – unless and until the volume of material is massive, it can just be saved to our Content Management System (CMS) and published to the website that way. The format we publish in is probably less important than just getting it out there, but I have a hunch that the Excel spreadsheets we often send out when asked for data under FOI would be sufficient for most people who wanted to re-use our data. Once we start publishing this data routinely, we’ll presumably get feedback which will tell us which formats we should make data available in in future.

The biggest obstacle is perhaps the legal side of things. Here too though, things are simpler than they were. The National Archives’ new Open Government Licence provides a straightforward way to licence re-use of our data. Assuming the Protection of Freedoms Bill is passed, it will become mandatory for public bodies to adopt such a licence, so why not get ahead of the game?

But surely FOI Officers are there to deal with the requests that come in under the general right of access? Well, we’re also supposed to be maintaining Publication Schemes, pointing to the information our organisations make available pro-actively. And we’ve come under increasing pressure to create and keep up-to-date disclosure logs of the responses we’ve made to FOI requests. The Publication Scheme and Disclosure Log could well be used to structure our datastores.

I may be being terribly naive here, but it seems to me that establishing institutional online datastores outside central government is simpler than we may think. And that FOI Officers ought to be leading the way on them. We already have the tools and the justification for doing these things. Much of it won’t even need additional approval (which if you read We Love Local Government’s amusing, if depressingly familiar, post on Friday, you may appreciate).

I’d love to hear from anyone who has been involved in establishing an Open Data store for their organisation, or has expertise in this area. Am I over-simplifying this? Or perhaps I’m being slow on the uptake (not the most unlikely thing in the world) and everybody else is already well aware how to go about this? Whichever, do please comment on this post – I’m particularly interested to hear your views on Open Data and what we should be doing to make it a reality.

FOI Man at Large: the DPO Conference

Earlier this week I was lucky enough to attend the Information Commissioner’s Data Protection Officers Conference in Manchester. Don’t be misled by the name though – there was plenty to entertain us FOI obsessives.

From the keynote speech from Lord McNally, the Lib Dem Minister of State in the Ministry of Justice, through to the Commissioner’s closing remarks, this was a conference that aimed to fully integrate the Commissioner’s Data Protection and FOI duties. So what was there that caught the eye on FOI?

It was clear from Lord McNally that support – and opposition – for FOI and openness issues is cross-party within the Coalition. He spoke of his surprise at finding himself on the same side as Francis Maude and Eric Pickles in meetings.

In questions, it became clear however that there was some dispute within Government over whether FOI should be extended to the private sector when it provides public services. Some in Government are sceptical as they argue that this would deter companies from bidding for Government contracts. From the tone of the Minister’s response it appeared that there is some fierce debate going on in Government on this very issue. Interestingly, Graham Smith of the ICO later argued that the private sector was effectively covered under the existing Act, as FOI continues to cover services provided on behalf of public bodies.

Lord McNally stated that the changes to the Information Commissioner’s role proposed in the Protection of Freedoms Bill were designed to strengthen the independence of the Commissioner. The Commissioner himself welcomed them later in the day, though he did suggest that if the Commissioner is only to serve one term, that term ought to be longer.

The Orders bringing ACPO and UCAS under FOI will be laid at some point from October this year. My guess, based on nothing in particular (other than neatness), would be that the aim would be for the order to come into force on 1 January 2012, but perhaps it will take effect instantly. I know that ACPO have some excellent people helping them prepare for this, and I’m sure it’s the same picture at UCAS.

Lord McNally also spoke about the changes to the 30 year rule for Public Records. He explained that the long lead in time is because the move to a 20 year rule is an expensive exercise.

Post-legislative scrutiny of FOI is seen by the Minister as an important step after 6 years of the Act. The fact that issues will be aired in a public forum will help in developing proposals to amend the Act further.

We also heard from Katie Davis of the Cabinet Office. It was clear from Katie’s presentation, as from the Minister’s speech, that the Government really does attach great importance to opening up public data. The Government’s aim is to be the most open and accountable government in the world. She explained that the Government’s Transparency Board, chaired by Francis Maude, was challenging assumptions across Whitehall. Its membership is certainly impressive – as well as ministers, it includes luminaries such as Professor Nigel Shadbolt (whose Southampton University home launched their open data repository this week) and Sir Tim Berners-Lee (inventor of a little thing called the world wide web). It was good in questions to hear her comment that Local Government is leading the way on transparency.

A question mark still remains over the impact of open data initiatives on the general right of access under FOI. Senior figures within the Information Commissioner’s Office remain as sceptical as many of us FOI Officers as to whether bulk disclosures will lead to reduced numbers of FOI requests.

Graham Smith, Director of FOI at the ICO, struck a cautious note. He commented that FOI was certainly embedded in the public sector; everyone knows they have to comply, but whether they want to is very much another matter. There is a culture of compliance rather than openness at present, in his view. The Government’s transparency agenda is very much welcomed by the ICO. Graham spoke of a lack of political direction on openness in the past which has contributed to lack of progress in changing the culture.

An interesting point raised by Graham was the fact that our FOI legislation was very much designed with paper record-keeping systems in mind. Now that much of the work of Government is carried out electronically, does that affect the effectiveness of the Act? Finally, he observed that the private sector appeared to be ‘waking up’ to FOI. Not just in terms of using it, but in realising the implications of FOI for their dealings with the public sector.

Later in the day, there was the message that public sector bodies shouldn’t be afraid to apply the provisions for vexatious and repetitious requests where necessary. Similarly aggregation of requests when estimating costs. The ICO will be supportive when looking at these cases where it is clear that requesters are making significant numbers of requests or are harassing authorities. It was clear that this attitude was coloured in part by the ICO’s own experience with some requesters! Public bodies should also be careful to protect personal details of their employees – in many cases, these details will still be protected by the Data Protection Act and section 40 ought to be utilised.

The Commissioner raised a laugh at the end of the day when, following his best impression of the former Prime Minister expressing his regret over FOI, he exclaimed, “Tony, it wasn’t about you!”. He reminded FOI Officers that we should be on the side of Dr Samuel Johnson – a famous exponent of openness – and not that of Cardinal Richelieu, who believed that secrecy was the first requirement of Government.

Why not just publish everything?

I’ve been meaning to write this post since I read last week about Harrow Council. Their Head of Law was reported in The Lawyer as saying:

“The default model for most councils is that we won’t give anything away unless we have to…I want to turn the whole edifice on its head. I want us to move away from the defensive position of keeping everything to ­ourselves. I want to say that everything’s public except for a few obvious areas.”

Freedom of Information campaigner and journalist Heather Brooke Tweeted that “Finally a British Council sees sense.” Surely this is exciting news for us all. The walls are falling down. Us FOI Officers can pack our bags and head off into the sunset, secure in the knowledge that our work here is done. Maybe not.

Everybody assumes that information is in handy readable chunks that can readily be published on websites, and it’s only because public authorities are all terribly secretive that they’re not there already. There may well be reports that Harrow could be publishing on its website, and as many authorities are now beginning to do, and the Protection of Freedoms Bill aims to encourage, they can make many of their datasets (ie databases) available on their website. But beyond that, there’s a big fat problem.

Email. Or correspondence in any format, for that matter. A large proportion of FOI requests across the country are for correspondence on particular issues. And much of it won’t be exempt.

But how do you cater for that in Harrow’s model? Do you ask people to tick a box whenever they send an email to indicate if it is likely to be exempt under FOI? Do you then automatically publish any email that hasn’t been ticked? What happens if somebody doesn’t realise that the content of the email is sensitive? What if they accidentally forget to delete an email trail? And do you really want to know that I met Bill from Accounts for lunch at 1 on Friday? And even if you can set up such capabilities on an email system, it is likely to involve the introduction of expensive technology. Staff will begin to argue that time is being wasted working out which box to tick when they send an email. If you avoid the technological route, you still need staff to spend time afterwards working out whether correspondence can be published. And imagine the capacity required on the web server…

My point is that whilst it’s great that public authorities are looking at ways to be more open, it’s important not to oversell what they’re doing. I don’t imagine that Harrow are contemplating publishing all emails for a moment. Yet that’s how most business is carried out in organisations across the country.

What they’re really talking about, I imagine, is publishing reports and policies to their website rather than their intranet as a default. There are already some organisations that take that approach, and I’d agree that it’s a welcome move and could have potential to save money. But don’t expect to see public authorities up and down the country rushing to publish the contents of their email inboxes.