Tag Archive for section 45

A new FOI Code for Christmas

FOIMan takes a look at the government’s long-awaited draft FOI section 45 Code of Practice.

A long, long time ago, in a galaxy far, far away, before BREXIT, before the last General Election, you may recall that the Government, which was apparently led by some guy called Cameron, set up a Commission to make recommendations on FOI. If you’ve forgotten that, you almost certainly won’t remember that the government responded to the outcome of the Commission with a promise to update the s45 Code of Practice. The Code is required under (you’ve probably guessed) s.45 of the Act. The existing Code was written in 2004 (some bloke called Blair was in charge then, but nobody remembers him), and is, frankly, about as much use as a chocolate teapot (and rather less satisfying to consume).

Since March 2016, when the government made this promise, there have been wars and rumours of wars. In December 2016, the Information Commissioner reported at an FOI event that she’d heard a draft would be released in the new year. Notably, she didn’t indicate which one.

But now here we are. Last week, the Cabinet Office quietly published a new draft Code and consultation paper. So what does this new Code look like?

I’ve only had chance to quickly peruse it, but some observations. Overall, it is a welcome move to a practical guide for public authorities on fulfilling their FOI obligations. It actually addresses many of the crucial questions that arise for practitioners – it is helpful.

That said, there are a few things that leapt out at me.

The first section deals with the making of requests – what’s a valid request, how to carry out searches, that sort of thing. There is an attempt to define what should be treated as an FOI request which seems a missed opportunity. Apparently it is an FOI request unless it is asking for personal data, environmental information or “information given out as part of routine business”. Given that, as we’ll see, the Code calls for authorities to report on numbers of requests received, it would be useful for it to define more precisely which requests ought to be logged, monitored and reported on. I’m not convinced this definition is precise enough for that.

There is a degree of wish fulfilment on display. Information that has been deleted but remains on back-ups is not held, says the Code, in direct contradiction of multiple Tribunal decisions. Requests made in a foreign language will not be valid requests, it claims, which may be a practical reality for the most part (since it would be impossible to know whether or not it was a request in many circumstances), but it would be interesting to know what legal basis there is for this stark statement. (I may well have missed a relevant decision, so please do let me know if I have).

Sections 4 and 5 make clear (as per the Commission’s recommendations) that public interest extensions and internal reviews should normally be limited to 20 working days. Applicants’ complaints can be ignored if submitted later than 40 working days after the response is sent out. The section on internal reviews is particularly welcome given that the Act, of course, doesn’t require a review, so the Code is really the only way to establish a common approach.

There are some useful chapters on vexatious requests and the cost limit, effectively just articulating the approach taken by the Tribunals over the last few years, but nonetheless welcome.

The really interesting developments are in section 8, on publication schemes (no, really). The Code follows the Commission’s recommendations that public authorities with over 100 FTE employees should publish statistics on FOI compliance – numbers received, numbers answered in 20 days, numbers refused, numbers granted, and numbers of internal reviews. It recommends that these be published quarterly. It also calls for senior pay, expenses and “payments in kind” to be reported on.

The next section deals with the controversial matter of outsourced public services. It makes some sensible recommendations, though I doubt this will silence calls for companies delivering such services to be made subject to FOI.

Finally, the datasets Code, now of limited use since the arrival of the Re-use of Public Sector Information Regulations, is now subsumed within the main s45 Code.

The tone of the language in the Code I think does betray the Cabinet Office’s lack of enthusiasm for FOI. However, the approach taken isn’t entirely a bad thing – a clear no-nonsense guide like this is long overdue. One of the common criticisms of FOI is that it is too vague and unclear – this helps address that.

In any case, if you agree or disagree, now’s your chance to say so. The consultation on this draft is open until 2 February so if you have any views on the draft Code, make sure you submit them before then.

Whose Code is it anyway?

FOIMan tries to find out who is responsible for issuing Codes of Practice and discovers it’s not as simple as he thought.

Cups and a ball

Cup…ball. Ball…cup.

Last year the Government announced a number of changes to how FOI, data protection and records management will be managed within government. At the time a few people muttered about what it showed about government attitudes to information rights, but otherwise there was a collective shrug. We all had other things to worry about with the FOI Commission, demise of Safe Harbor and GDPR on the horizon.

It occurred to me last week though that I didn’t now know who was responsible for issuing FOI Codes of Practice. The government had played a big game of Cups and Balls Tommy Cooper-style and I was no longer sure which of the cups the s.45 and s.46 Codes were sitting under. The FOI Commission recommended a revised s45 Code, but who would now be issuing it?

The government announcement had indicated that the Cabinet Office would be responsible for FOI and for records management, taking over from the Ministry of Justice. Section 45 of the Act requires “the Secretary of State” to issue a Code of Practice on compliance with Part I of the Act. I knew that Matt Hancock was the Minister for the Cabinet Office, but he’s not a “Secretary of State”. A bit of digging on gov.uk established that Oliver Letwin, the Chancellor of the Duchy of Lancaster, is the closest equivalent that the Cabinet Office has.

I thought I had an answer to that question, but what about s.46? That section requires “the Lord Chancellor” to issue a Code of Practice on records management. The Lord Chancellor is Michael Gove, but surely it didn’t make sense for Mr Gove at the Ministry of Justice to be issuing a Code on something that was now Cabinet Office-led?

Thankfully, the Campaign for FOI had followed those metaphorical balls around the table with their usual hawk-like attention to detail. After I made a plea for help on Twitter, the Campaign sent me a link to the Transfer of Functions (Information and Public Records) Order 2015, made in December last year. It confirms that the FOI Act has been amended, and that in particular, responsibility for issuing both Codes of Practice now lies with Oliver Letwin. As the Campaign wryly noted, we had other things on our minds at the time. But isn’t that how the Cups and Balls game always works?


It turns out that the Transfer of Functions Order makes things even less clear than I thought. Thankfully, Malcolm Todd of the National Archives has clarified matters for which I’m grateful. You can read Malcolm’s full response in the comments following this post.

So here’s – hopefully – the definitive statement on who’s responsible for what post-2015. The Chancellor of the Duchy of Lancaster (Oliver Letwin currently) is, as I suggested, responsible for issuing the section 45 Code(s). The Secretary of State for Culture, Media and Sport (John Whittingdale) is responsible for issuing the s.46 Code, but must consult the Chancellor of the Duchy.

Apologies for the confusion, but if you take a look at the Transfer Order, I’m sure you’ll understand the problem. Imagine the fun we’ll have when people refer to “the Chancellor’s Code” in future!