Category: Transparency

Lessons On Transparency: The ICO Experian Appeal

The Information Commissioner’s Office recently lost its appeal in the Upper Tribunal in relation to an Enforcement Notice issued to Experian.  

The concerned Experian’s marketing arm, Experian Marketing Services (EMS) which provides analytics services for direct mail marketing companies. It obtains personal data from three types of sources; publicly available sources, third parties and Experian’s credit reference agency (CRA) business. The company processes this personal data to build profiles about nearly every UK adult. An individual profile can contain over 400 data points. The company sells access to this data to marketing companies that wish to improve the targeting of their postal direct marketing communications 

On 20th February 2023, the First-Tier (Information Rights) Tribunal (FTT) overturned an ICO Enforcement Notice issued to Experian. The notice alleged several GDPR violations namely; Art. 5(1)(a) (Principle 1, Lawfulness, fairness, and transparency), Art. 6(1) (Lawfulness of processing) and Art. 14 (Information to be provided where personal data have not been obtained from the data subject). For more detail of the FTT judgement read our earlier blog here

On 23rd April 2024, the Upper Tribunal dismissed the ICO’s appeal against the FTT’s judgment. This can be read here along with a useful press summary. The Upper Tribunal backed the FTT’s conclusions while repeatedly criticising its unclear reasoning. 

The broader value of the judgment lies in its guidance, for the first time at this level, of what the transparency requirement under the UK GDPR involves (see paragraph 95). It also sets out its views on the current data protection landscape more generally. 5 Essex Court have a good summary of the judgement on their website.  

The ICO’s has issued a (“Let’s look on the bright side”) statement stating that: 

“The ICO will take stock of today’s judgment and carefully consider our next steps, including whether to appeal.” 

This and other data protection developments will be discussed in detail on our forthcoming  GDPR Update  workshop. 

Transparency in Health and Social Care: New ICO Guidance 

Within the health and social care sector, new technologies that use large amounts of personal data are being used to support both direct care and secondary purposes, such as planning and research. An example is the the use of AI to provide automated diagnoses based on medical imaging data from patients. 

Transparency is a key principle of UK Data Protection legislation. Compliance with the first data protection principle and Article 13 and 14 of the UK GDPR ensures that data subjects are aware of how their personal data is used, allowing them to make informed choices about who they disclose their data to and how to exercise their data rights. 

On Monday the Information Commissioner’s Office (ICO) published new guidance to assist health and social care organisations to comply with their transparency obligations under the UK GDPR. It supplements existing ICO guidance on the principle of transparency and the right to be informed

The guidance is aimed at all organisations, including from the private and third sector, who deliver health and social care services or process health and social care information. This includes local authorities, suppliers to the health and social care sector, universities using health information for research purposes and others (e.g. fire service, police and education) that use health information for their own purposes. The guidance will help them to understand the definition of transparency and assess appropriate levels of transparency, as well as providing practical steps to developing effective transparency information. 

This and other data protection developments will be discussed by Robert Bateman in our forthcoming GDPR Update workshop. We have also just launched our new workshop, Understanding GDPR Accountability and Conducting Data Protection Audits.   

Experian’s GDPR Appeal: Lawfulness, Fairness, and Transparency

On 20th February 2023, the First-Tier (Information Rights) Tribunal (FTT) overturned an Enforcement Notice issued against Experian by the Information Commissioner’s Office (ICO). 

This case relates to Experian’s marketing arm, Experian Marketing Services (EMS) which provides analytics services for direct mail marketing companies. It obtains personal data from three types of sources; publicly available sources, third parties and Experian’s credit reference agency (CRA) business. The company processes this personal data to build profiles about nearly every UK adult. An individual profile can contain over 400 data points. The company sells access to this data to marketing companies that wish to improve the targeting of their postal direct marketing communications. 

The ICO issued an Enforcement Notice against Experian in April 2020, alleging several GDPR violations namely; Art. 5(1)(a) (Principle 1, Lawfulness, fairness, and transparency), Art. 6(1) (Lawfulness of processing) and Art. 14 (Information to be provided where personal data have not been obtained from the data subject). 

Fair and Transparent Processing: Art 5(1)(a) 

The ICO criticised Experian’s privacy notice for being unclear and for not emphasising the “surprising” aspects of Experian’s processing. It ordered Experian to: 

  • Provide an up-front summary of Experian’s direct marketing processing. 
  • Put “surprising” information (e.g. regarding profiling via data from multiple sources) on the first or second layer of the notice. 
  • Use clearer and more concise language. 
  • Disclose each source and use of data and explain how data is shared, providing examples.  

The ICO also ordered Experian to stop using credit reference agency data (CRA data) for any purpose other than those requested by Data Subjects. 

Lawful Processing: Arts. 5(1)(a) and 6(1) 

All processing of personal data under the GDPR requires a legal basis. Experian processed all personal data held for marketing purposes on the basis of its legitimate interests, including personal data that was originally collected on the basis of consent. Before relying on legitimate interests, controllers must conduct a “legitimate interests assessment” to balance the risks of processing the risks. Experian had done this, but the ICO said the company had got the balance wrong. It ordered Experian to: 

  • Delete all personal data that had been collected via consent and was subsequently being processed on the basis of Experian’s legitimate interests. 
  • Stop processing personal data where an “objective” legitimate interests assessment revealed that the risks of the processing outweigh the benefits. 
  • Review the GDPR compliance of all third parties providing Experian with personal data. 
  • Stop processing any personal data that has not been collected in a GDPR-compliant way. 

Transparency: Art. 14 

Art. 14 GDPR requires controllers to provide notice to data subjects when obtaining personal data from a third-party or publicly available source. Experian did not do provide such notices relying on the exceptions in Art 14. 

Where Experian had received personal data from third parties, it said that it did not need to provide a notice because “the data subject already has the information”. It noted that before a third party sent Experian personal data, the third party would provide Data Subjects with its own privacy notice. That privacy notice would contain links to Experian’s privacy notice.
Where Experian had obtained personal data from a publicly available source, such as the electoral register, it claimed that to provide a notice would involve “disproportionate effort”. 

The ICO did not agree that these exceptions applied to Experian, and ordered it to: 

  • Send an Art. 14 notice to all Data Subjects whose personal data had been obtained from a third-party source or (with some exceptions) a publicly available source. 
  • Stop processing personal data about Data Subjects who had not received an Art. 14 notice. 

The FTT Decision  

The FTT found that Experian committed only two GDPR violations: 

  • Failing to provide an Art. 14 notice to people whose data had been obtained from publicly available sources. 
  • Processing personal data on the basis of “legitimate interests” where that personal data had been originally obtained on the basis of “consent” (by the time of the hearing, Experian had stopped doing this). 

The FTT said that the ICO’s Enforcement Notice should have given more weight to:  

  • The costs of complying with the corrective measures. 
  • The benefits of Experian’s processing. 
  • The fact that Data Subjects would (supposedly) not want to receive an Art. 14 notice. 

The FTT overturned most of the ICO’s corrective measures. The only new obligation on Experian is to send Art. 14 notices in future to some people whose data comes from publicly available sources. 

FTT on Transparency 

Experian had improved its privacy notice before the hearing, and the FTT was satisfied that it met the Art. 14 requirements. It agreed that Experian did not need to provide a notice to Data Subjects where it had received their personal data from a third party. The FTT said that “…the reasonable data subject will be familiar with hyperlinks and how to follow them”.
People who wanted to know about Experian’s processing had the opportunity to learn about it via third-party privacy notices. 

However, the FTT did not agree with Experian’s reliance on the “disproportionate effort” exception. In future, Experian will need to provide Art. 14 notices to some Data Subjects whose personal data comes from publicly available sources. 

FTT on Risks of Processing 

An ICO expert witness claimed that Experian’s use of CRA data presented a risk to Data Subjects. The witness later admitted he had misunderstood this risk. The FTT found that Experian’s use of CRA data actually decreased the risk of harm to Data Subjects. For example, Experian used CRA data to “screen out” data subjects with poor credit history from receiving marketing about low-interest credit cards. The FTT found that this helped increase the accuracy of marketing and was therefore beneficial. As such, the FTT found that the ICO had not properly accounted for the benefits of Experian’s processing of CRA data. 

The ICO’s Planned Appeal 

The FTT’s decision focuses heavily on whether Experian’s processing was likely to cause damage or distress to Data Subjects. Because the FTT found that the risk of damage was low, Experian could rely on exceptions that might not have applied to riskier processing.  

The ICO has confirmed that it will appeal the decision. There are no details yet on their arguments but they may claim that the FTT took an excessively narrow interpretation of privacy harms. 

This and other data protection developments will be discussed in detail on our forthcoming  GDPR Update  workshop. There are only 3 places left on our next Advanced Certificate in GDPR Practice.  

New Local Government Transparency Code Consultation

canstockphoto14367173

The Local Government Transparency Code is due to be updated once again to require local authorities to proactively publish even more information. The Department for Communities and Local Government is consulting on proposals to require councils to publish:

  • more information about land and property assets they hold on the Government’s electronic Property Information Management System
  • existing procurement publication in particular forms
  • the costs of “in-house” service contracts above £500k
  • greater detail about parking charges as well as statistics about the enforcement of parking restrictions
  • information about dealings with small and medium-sized enterprises
  • all information under the Code through a single website landing page

The Code is made under Section 3 of the Local Government, Planning and Land Act 1980 which gives the Secretary of State the power to issue a code of practice about the publication of information by local authorities in England (as well as, amongst others, National Park Authorities, Fire and Waste Authorities and Integrated Transport Authorities) relating to the discharge of their functions.

In February 2015 the code was re issued to require local authorities to publish information about their social housing stock.  Smaller councils, including parish councils have to comply with the Transparency Code for Smaller Authorities, which was published in December 2014.

The consultation began on 12th May 2016. All responses should be received by no later than 8th July 2016.

Give your career a boost by gaining an internationally recognised qualification in FOI. No time/budget to attend courses? Keep up to date with all the latest FOI decisions by viewing our live one-hour web seminars

Freedom of Information Commission Report

 

FOI Commission photo

 

The Independent Commission on Freedom of Information was established by the Cabinet Office in July last year to examine the operation of the Freedom of Information Act 2000 (FOI) and whether it required any changes. In October I predicted (and I was not alone) that, bearing in mind the Commission’s restricted terms of reference as well the track record of some of its members, it was likely that sweeping restrictions would be made to the UK’s FOI regime.

Thankfully it seems that the Commission has seen sense. Its recent report says FOI is working well and does not need major changes. It does though make twenty-one recommendations, many of which would enhance the Act:

1. A time limit for public interest extensions

That the government legislates to amend section 10(3) to abolish the public interest test extension to the time limit, and replace it instead with a time limit extension for requests where the public authority reasonably believes that it will be impracticable to respond to the request on time because of the complexity or volume of the requested information, or the need to consult third parties who may be affected by the release of the requested information. This time limit extension will be limited to an additional 20 working days only.

2. A time limit for internal reviews

That the government legislates to impose a statutory time limit for internal reviews of 20 working days.

3. Change to Section 77

That the government legislates to make the offence at section 77 of the Act triable either-way.

4. FOI statistics

That the government legislates to impose a requirement on all public authorities who are subject to the Act and employ 100 or more full time equivalent employees to publish statistics on their compliance under the Act. The publication of these statistics should be co-ordinated by a central body, such as a department or the Information Commissioner (IC).

5. FOI disclosure logs

That the government legislates to impose a requirement on all public authorities who are subject to the Act and employ 100 or more full time equivalent employees to publish all requests and responses where they provide information to a requestor. This should be done as soon as the information is given out wherever practicable.

All the above were also recommended by the Justice Select Committee in its Report into Post-Legislative Scrutiny of the Freedom of Information Act 2000 published in July 2012. All were rejected by the Government in its response to that report.

This time, in the Government’s response to the FOI Commission, Mike Hancock MP has said that the Government will issue a revised S.45 Code of Practice setting out what information public authorities with more than 100 full time employees should publish.

6. Senior employees’ information

Public bodies should be required to publish in their annual statement of accounts a breakdown of the benefits in kind and expenses of senior employees by reference to clear categories.

Local authorities already have these obligations in relation to senior staff earning more than £50,000 by virtue of the Local Government Transparency Code.

7: Information Commissioner responsibilities

The government should give the IC (Information Commissioner) responsibility for monitoring and ensuring public authorities’ compliance with their proactive publication obligations.

8. Section 35(1)(a) – Formulation of government policy

The government should legislate to replace section 35(1)(a) with an exemption which will protect information which would disclose internal communications that relate to government policy.

9. Section 35(1)(b) – Ministerial communications

The government should legislate to expand section 35(1)(b) so that, as well as protecting inter-ministerial communications, it protects any information that relates to collective Cabinet decision-making, and repeal section 36(2)(a).

10. Section 35 – Public interest

The government should legislate to amend section 35 to make clear that, in making a public interest determination under section 35(1)(a), the public interest in maintaining the exemption is not lessened merely because a decision has been taken in the matter.

11. Section 35 – Public interest (2)

The government should legislate to amend section 35 to make clear that, in making a public interest determination under section 35, regard shall be had to the particular public interest in the maintenance of the convention of the collective responsibility of Ministers of the Crown, and the need for the free and frank exchange of views or advice for the purposes of deliberation.

The above 4 recommendations are clearly designed to make it easier for the Government (and the National Assembly for Wales) to withhold information. Other bodies cannot claim this exemption anyway.

12. Section 36 – The Qualified Person’s opinion

The government should legislate to amend section 36 to remove the requirement for the reasonable opinion of a qualified person.

Some of our clients have welcomed this recommendation citing the difficulty of getting access to senior officers to make a decision about complex FOI matters.

13. The ministerial veto

The government should legislate to put beyond doubt that it has the power to exercise a veto over the release of information under the Act.

14. The veto again

The government should legislate to make clear that the power to veto is to be exercised where the accountable person takes a different view of the public interest in disclosure. This should include the ability of the accountable person to form their own opinions as to as to all the facts and circumstances of the case, including the nature and extent of any potential benefits, damage and risks arising out of the communication of the information, and of the requirements of the public interest.

15. And again…

The government should legislate so that the executive veto is available only to overturn a decision of the IC where the accountable person takes a different view of the public interest in disclosure. Where a veto is exercised, appeal rights would fall away and a challenge to the exercise of the veto would be by way of judicial review to the High Court. The government should consider whether the amended veto should make clear that the fact that the government could choose to appeal instead of issuing a veto will not be a relevant factor in determining the lawfulness of an exercise of the veto. Until legislation can be enacted, the government should only exercise the veto to overturn a decision of the IC.

16. Guess what this recommendation is about?

The government should legislate to allow the veto to confirm a decision of the IC where the IC upholds a decision of a pubic authority on the public interest in release. This would mean that the right of appeal would fall away and challenge would be instead by way of judicial review.

Strengthening the ministerial veto under section 53 seemed to be a “dead cert” (in betting parlance). In March 2015, the Guardian’s successful challenge to the application of the veto to the disclosure of Prince Charles’ letters to government departments, was confirmed by the Supreme Court. The Government seems to have accepted the Commission’s recommendations for the time being:

“In line with the Commission’s thinking, the government will in future only deploy the veto after an Information Commissioner decision. On the basis that this approach proves effective, we will not bring forward legislation at this stage.”

17. Appeal rights

That the government legislates to remove the right of appeal to the First-tier Tribunal against decisions of the IC made in respect of the Act. Where someone remained dissatisfied with the IC’s decision, an appeal would still lie to the Upper Tribunal. The Upper Tribunal appeal is not intended to replicate the full-merits appeal that currently exists before the IC and First-tier Tribunal, but is limited to a point of law.

Whilst this recommendation will save public authorities money, some commentators (especially journalists) have expressed concern that it hampers appeal rights and makes the appeal mechanism much less accessible than at present to those who do not have the money to instruct lawyers. They have a point; especially when one considers the very real possibility of the government introducing fees for tribunal appeals.

18. Format of responses

That the government legislates to clarify section 11(1)(a) and (c) of the Act so that it is clear that requestors can request information, or a digest or summary of information, be provided in a hard copy printed form, an electronic form, or orally. Where a requestor specifies a specific electronic document format, that request should be granted if the public authority already holds the information in that format, or if it can readily convert it into that format. Where the information requested is a dataset, the requirements at section 11(1A) will apply. The legislation should make clear that the obligations on public authorities to provide information in a particular format extend no further than this.

In my view this is already clear in the legislation and in ICO guidance.

19. The Section 45 code

That the government reviews section 45 of the Act to ensure that the range of issues on which guidance can be offered to public authorities under the Code is adequate. The government should also review and update the Code to take account of the ten years of operation of the Act’s information access scheme.

20. Vexatious requests

That the government provides guidance, in a revised Code of Practice issued under section 45, encouraging public authorities to use section 14(1) in appropriate cases.

21. More money for the ICO

That the government reviews whether the amount of funding provided to the IC for delivering his functions under the Act is adequate, taking into account the recommendations in this report and the wider circumstances.

Much of the above can be implemented without the need for legislation through a revised/additional Section 45 code of practice and guidance. It’s worth remember that the new EU General Data Protection Regulation (GDPR) will also require changes to FOI when it comes into force in 2018; specifically section 40 which make reference to the Data Protection Act 1998 (which the GDPR will replace).

Labour’s Tom Watson has claimed that the FOI Commission was a waste of time and money and has called on the government to publish its costs. If they don’t he will, no doubt, make an FOI request to the Cabinet Office!

We will be discussing this and other recent FOI decisions in our forthcoming FOI workshops and webinars. For those wanting an internationally recognised qualification the BCS Certificate in Freedom of Information starts on 13th April.

Local Government Transparency Code Re – Issued

  

In February 2015 the Local Government Transparency Code was re issued to require local authorities to publish information about their social housing stock.

The Code was made under Section 3 of the Local Government, Planning and Land Act 1980 which gives the Secretary of State the power to issue a code of practice about the publication of information by local authorities in England (as well as, amongst others, National Park Authorities, Fire and Waste Authorities and Integrated Transport Authorities) relating to the discharge of their functions. In October last year, Eric Pickles (the then Communities and Local Government Secretary) used this power to issue what was then an updated version of the Code.

As with the previous version, the re issued code requires quarterly publication of the same categories information namely:

  • Each individual item of expenditure exceeding £500 e.g. invoices, grant payments, expense payments, rent etc.
  • Government Procurement Card transactions
  • Procurement information

Part 2.2 of the code sets out nine sets of data, which must be published annually. This includes local authority land, grants to voluntary bodies, trade union facility time, parking information and senior salaries. Here a new category of data, about social housing assets, has been added.

Local authorities owning housing must now publish details (set out in paragraph 38 to 44) of the value of social housing stock that is held in their Housing Revenue Account. This information must be published on the first occasion not later than 1 September 2015 (based on the most up to date valuation data available at the time of publishing the information), then in April 2016 and every April thereafter.

The Government believes that local people are interested in how their authority manages the social housing assets they hold. The move will give people the information they need to ask questions of how their council is managing stock to ensure this is put to best use, including considering whether higher value, vacant properties could be used to fund the building of new homes and reduce waiting times.

We could see more developments in this area. As I said in my recent blog post about the future of FOI, the Conservatives are keener on transparency through such codes than through extending FOI. Their election manifesto says:

“Transparency has also been at the heart of our approach to government. Over the last five years, we have been open about government spending, provided access to taxpayer-funded research, pursued open data and helped establish the Open Government Partnership. We will continue to be the most transparent government in the world.”

Smaller councils, including parish councils have to comply with the Transparency Code for Smaller Authorities, which was published in December last year.

Give your career a boost by gaining an internationally recognised qualification in FOI. No time/budget to attend courses? Keep up to date with all the latest FOI decisions by viewing our live one-hour web seminars.

Information, Documents or Both – What is available under FOI?

file0002015332264

It is an oft-repeated phrase that the Freedom of Information Act (FOI) provides a right of access to information but not documents. A recent Court of Appeal decision shows that it is not that straightforward an issue.

Section 1 contains the general right of access and uses the term “request for information.” But what exactly is “information”? Section 84 defines it as “information recorded in any form.” This includes information held on paper, computer, video, audiotapes as well as that contained in manuscript notes. No mention is made of access to the actual documents containing the information. However this does not mean that documents cannot be requested.

A request for a document will generally be a valid request for all of the information contained within that document (including visual format, design, layout etc). In considering whether the public authority has complied with the request, the question is whether all of the information recorded in the document has been provided. It will not be sufficient to rephrase the document or provide an outline or summary of its contents unless the applicant has specifically expressed a preference for a digest or summary under section 11(1)(c).

This matter has now been put beyond doubt by a Court of Appeal decision this week. Judges dismissed an appeal by the Independent Parliamentary Standards Authority (IPSA), the body that oversees MPs’ expenses claims, from a decision of the Upper Tribunal requiring it to release copies of MPs’ invoices and receipts. This is the latest in a serious of appeals by IPSA in an attempt to overturn the original decision of the Information Commissioner.

In April 2013 the First Tier Tribunal (Information Rights), ruled that images of MPs’ expense claim receipts were information to which the FOI applied (IPSA v Information Commissioner (EA/2012/0242)). The background to the request was that, following the MPs’ expenses scandal, the then newly-formed IPSA, decided that it would not routinely publish images of the receipts submitted to IPSA by MPs in support of their expenses claims.  Only text transcribed from the submitted receipts would be published.

A journalist made an FOI request for the actual receipts submitted by a number of MPs. The question arose as to whether images of those receipts held by IPSA contained “information” within the meaning of section 1 of FOI, which was not captured by the transcription process favoured by IPSA. The Tribunal concluded that the definition of information (in this case) included logos, letterheads, handwriting, manuscript comments, and even the layout and style of the requested documents. These were not disclosed to the requestor as a result of providing a transcription, rather than a copy, of the relevant receipts.

Last year the Upper Tribunal’s Judge Williams (in Independent Parliamentary Standards Authority v IC & Leapman [2014] UKUT 33 (AAC)) dismissed the appeal by IPSA. At Paragraph 22 of the judgement he said:

“It is to me also trite to note that the wording on a typical receipt or invoice is only part of what a recipient sees when looking at it. Typically there will be verbal and numerical content to be read and understood, but there will also be visual content to be seen, rather than read, but which may also require to be understood for the recipient to have appreciated the whole of the experience, if I may term it that, communicated by the receipt or invoice.”

In the judge’s view information is more than just the words and figures on a piece of paper. Sometimes the nature of the request will mean that the only way to convey all the information on a document is to disclose the original or at least a copy. He gave the example of Land Registry plans, drawings and photographic evidence of a particular building.

In coming to his decision the judge took note of the Scottish Court of Session decision in Glasgow CC v SIC [2009] CSIH 73 under the Freedom of Information (Scotland) Act 2002 (FOISA). As a general point of principle, the Commissioner and the Tribunal is not bound by Court of Session decisions on FOISA, although they may be considered persuasive where the terms of FOISA mirror the terms of FOI. In the Scottish case the applicant specifically wanted the public authority to provide copies of the documents, although he acknowledged that the same information was available elsewhere. The Court confirmed that FOISA entitles requesters to the information within a document, rather than a copy of the document itself. To the extent that this request was specifically for copies of the documents over and above the information they contained, it was invalid. The Court rejected an argument that the copy documents were “information” distinct from the information contained within them.

Paragraph 45 of the Court of Session judgment states:

“Where the request does not describe the information requested… but refers to a document which may contain the relevant information, it may nonetheless be reasonably clear in the circumstances that it is the information recorded in the document that is relevant.”

However paragraph 48 should be noted:

“The difference between the original and a copy… does not consist in any difference between the information recorded in each document: that information, if the copy is true and accurate, will be identical.” (my emphasis)

To quote one of our FOI trainers (Philip Bradshaw), much will also in practice depend on the wording of the request. Contrast “How much did you spend on pencils?” with “Can I have a copy of your pencil invoices”. You can clearly provide in permanent form all the recorded information within scope of the first request without copies, but not perhaps for the second.

In the IPSA case, the judge ruled that transcriptions of the requested receipts would not be “true and accurate”, as they would not contain all the same information as on the originals e.g. logos, style, layout etc.

This is an interesting decision especially for those public authorities who often insist, when refusing to supply actual documents (such as minutes of meetings) that FOI is about access to information not documents. Sometimes the requestor is interested in the document, which contains the requested information, as it will give a further insight into its background and the thoughts/observations of the producers/subjects of the document.

IPSA has been given time to consider taking the case to the Supreme Court.

Ibrahim Hasan will be discussing this and other recent FOI decisions in the FOI Update workshops which are delivered in one hour online sessions as well as full day face to face sessions.

New Transparency Code for Smaller Authorities

file0001686927828In October 2014 the Department for Communities and Local Government (DCLG), published an updated version of the Local Government Transparency Code . This applies in England only and replaces the previous version. The code requires councils (as well as, amongst others, National Park Authorities, Fire and Waste Authorities and Integrated Transport Authorities) to proactively publish certain categories information (in Part 2 of the code) whilst also recommending that they go beyond the minimum (in part 3 of the code). Read more about the code here.

But what of smaller public authorities and parish councils? On 10th March 2014 the Government launched a consultation on a draft transparency code for such organisations, which will act as a substitute for routine external audit.

On 17th December 2014 the DCLG finally published the Transparency Code for Smaller Authorities. This code applies to the following types of authorities with an annual turnover not exceeding £25,000:

  • parish councils
  • internal drainage boards
  • charter trustees
  • port health authorities

This code is issued to meet “the government’s desire to place more power into citizens’ hands to increase democratic accountability.” However it is published initially as recommended practice, although the Secretary of State told Parliament on 17th December that he intends to make the code mandatory by the start of the 2015 financial year.

The Local Audit and Accountability Act 2014 sets out a new audit framework for public authorities which are currently covered by the Audit Commission regime. Under this new framework smaller authorities will be exempt from routine external audit. In place of routine audit, they will be subject to the new transparency requirements laid out in this code. This will enable local electors and ratepayers to access relevant information about the authorities’ accounts and governance.

Part 2 of the code sets out the information to be published:

  1. all items of expenditure above £100 (see paragraphs 13 – 15);
  2. end of year accounts (see paragraphs 16 and 17),
  3. annual governance statement (see paragraphs 18and 19),
  4. internal audit report (see paragraphs 20 – 22),
  5. list of councillor or member responsibilities (see paragraph 23)
  6. the details of public land and building assets (see paragraphs 24 – 27)
  7. Minutes, agendas and meeting papers of formal meetings (see paragraphs 29 and 30)

The code states that the information specified must be published on a website which is publicly accessible and free of charge. This could be on the authority’s own website or that of the billing authority in its area (district or London borough or unitary council).

Ibrahim Hasan will be discussing both transparency codes in his forthcoming live and interactive one-hour web seminar.

Yet Another Local Government Transparency Code – A Gift for Armchair Auditors?

SwordThe Coalition Government likes “armchair auditors”.

Within weeks of coming to power in 2010, it released all items of local authority expenditure over £500. The Secretary of State for Communities and Local Government, Eric Pickles, said at the time that the move would “unleash an army of armchair auditors and quite rightly make those charged with doling out the pennies stop and think twice about whether they are getting value for money”.

Section 3 of the Local Government, Planning and Land Act 1980 gives the Secretary of State the power to issue a code of practice about the publication of information by local authorities relating to the discharge of their functions. Back in May, Eric Pickles used this power to issue (what was then) a new Local Government Transparency Code. (See my earlier blog post.)

Now, an updated version of the Code , dated October 2014, has been issued. It applies in England only and replaces the previous version. The code requires councils (as well as, amongst others, National Park Authorities, Fire and Waste Authorities and Integrated Transport Authorities) to proactively publish certain categories information (in Part 2 of the code) whilst also recommending that they go beyond the minimum (in part 3 of the code). It follows last year’s consultation on Improving Local Government Transparency: “Making ‘The Code of Recommended Practice for Local Authorities on Data Transparency ’ enforceable by regulations.”

Ministers will imminently make and lay regulations (The Local Government (Transparency Requirements) (England) Regulations 2014)) to make it a legal requirement for local authorities to publish the data specified in Part 2 of the code. Subject to Parliamentary processes, Part 2 should become mandatory by 7 November 2014.

Part 2.1 of the code sets out information, which must be published at least quarterly. This includes:

  • Each individual item of expenditure exceeding £500 e.g. invoices, grant payments, expense payments, rent etc.
  • Government Procurement Card transactions
  • Procurement information which includes details of every invitation to tender for contracts to provide goods and/or services with a value that exceeds £5,000, together with any contract, commissioned activity, purchase order, framework agreement and any other legally enforceable agreement, also with a value that exceeds £5,000.

Part 2.2 of the code sets out nine sets of data which must be published annually. This includes local authority land, grants to voluntary bodies , trade union facility time, parking information and senior salaries. In relation to trade union facility time, authorities should publish the amount spent on providing support and facilities to trade unions within their workforces, and specify which unions. In relation to parking charges, categories include the number of off-street parking places and the revenue raised from them; the number of on-street parking places and the revenue they raise; as well as the revenue from parking fines and the number of free parking spaces available.

The main difference between the May and October codes is that the latter has added three datasets to the list of information which must be published: namely information about how the authority delivers waste services, uses the parking revenue it collects and tackles fraud.

On salaries the code requires publication of more information than is currently required under the Accounts and Audit (England) Regulations 2011. Local authorities must now place a link on their website to these published data or place the data itself on its website, together with a list of responsibilities (for example, the services and functions they are responsible for, budget held and number of staff) and details of bonuses and ‘benefits in kind’, for all employees whose salary exceeds £50,000. The key differences between the requirements under this new code and the Regulations referred to above is the addition of a list of responsibilities, the inclusion of bonus details for all senior employees whose salary exceeds £50,000 and publication of the data on the authority’s website. What effect will this have on FOI requests for salary information? Certainly senior figures will find it hard to claim that they have an expectation of privacy when it comes to FOI requests for similar information. (More on salaries here.)

Part 3 of the new code sets out the information, which is recommended to be published, but there is no requirement to do so. This is about providing more detail to information already published under the required category in Part 2, e.g. more details about expenditure, procurement, grants etc. For example instead of just publishing details of expenditure over £500 on a quarterly basis, local authorities are encouraged to publish expenditure over £250 on a monthly basis or better still in real time.

Existing restrictions on disclosing information still apply though. Paragraph 14 of the code states:

“Where information would otherwise fall within one of the exemptions from disclosure under the Freedom of Information Act 2000, the Environmental Information Regulations 2004, the Infrastructure for Spatial Information in the European Community Regulations 2009 or falls within Schedule 12A to the Local Government Act 1972 then it is in the discretion of the local authority whether or not to rely on that exemption or publish the data.”

However where a qualified exemption under FOI applies, the appearance of the requested information in one of the categories set out in the code will have a big impact on the public interest in support of disclosure.

How should data under the new code be published? The code states that it should be in a format and under a licence that allows open re-use, including for commercial and research activities, in order to maximise value to the public. The Open Government Licence, published by the National Archives, should be used as the recommended standard. Where any copyright or data ownership concerns exist with public data these should be made clear. Data covered by Part 2 of the code must be published in open and machine-readable formats.

The DCLG has also published an accompanying FAQ Guide which gives further guidance on how to practically apply the new code.

Despite Part 2 of the code being legally enforceable soon (see above), does the code have any teeth? The code does not have an enforcer like the Information Commissioner under FOI. Indeed the DCLG has pointed out in the FAQs that it is not the Commissioner’s role to enforce the code. It does though suggest that complainants can issue a judicial review claim in the High Court (unlikely with public funding of such cases being virtually ceased) or complain to the Local Government Ombudsmen. It also suggests they make an FOI request for the same information!

It will also be interesting to see how this new code works with the new dataset obligations under the FOI, which came into force on 1st September 2013 via the Protection of Freedoms Act.

On 10 March 2014 the Government launched the consultation on a draft transparency code for parish councils with a turnover not exceeding £25,000, which will act as a substitute from routine external audit. The Government published its response to the consultation on 6th August and intends to lay regulations to make the code mandatory later on this year. (More for those advising Parish Councils here.)

The Government believes that transparency about how local authorities spend money and deliver services, and how decisions are made within authorities, gives local people the information they need to hold their local authority to account and participate in local democratic processes. It claims that the availability of data can also help secure more efficient and effective local services and open new markets for local business, the voluntary and community sectors, and social enterprises to run services or manage public assets.

Will armchair auditors make use of this new information? Time will tell but readers would be right to be sceptical.

Give your career a boost by gaining an internationally recognised qualification in FOI. No time/budget to attend courses? Keep up to date with all the latest FOI decisions by viewing our live one-hour web seminars.

The New Local Government Transparency Code

Glasgow_Council_marble_staircase_1

Section 3 of the Local Government, Planning and Land Act 1980 gives the Secretary of State the power to issue a code of practice about the publication of information by local authorities relating to the discharge of their functions. The Secretary of State for Communities and Local Government has just issued a new Local Government Transparency Code . It applies in England only and replaces the previous version.

The code requires councils (as well as, amongst others, National Park Authorities, Fire and Waste Authorities and Integrated Transport Authorities) to proactively publish certain categories information whilst also recommending that they go beyond the minimum. It follows last year’s consultation on Improving Local Government Transparency: “Making ‘The Code of Recommended Practice for Local Authorities on Data Transparency ’ enforceable by regulations”. In that consultation, Eric Pickles, the Communities Secretary, wanted the power to enforce the Code through regulations. This would have given him the power to seek an order from the courts that an authority is in breach of its obligations, and/or an order that it must comply with its duties. It seems that this idea has been quietly dropped but the code does say:

“In principle all data held and managed by local authorities should be made available to local people unless there are specific sensitivities (e.g. protecting vulnerable people or commercial and operational considerations) to doing so.”

Part 2.1 of the code sets out information, which must be published at least quarterly. This includes:

  • Each individual item of expenditure exceeding £500 e.g. invoices, grant payments, expense payments, rent etc.
  • Government Procurement Card transactions
  • Procurement information which includes details of every invitation to tender for contracts to provide goods and/or services with a value that exceeds £5,000, together with any contract, commissioned activity, purchase order, framework agreement and any other legally enforceable agreement, also with a value that exceeds £5,000.

Part 2.2 of the code sets out nine sets of data which must be published annually. This includes local authority land, grants to voluntary bodies , trade union facility time, parking information and senior salaries. In relation to trade union facility time, authorities should publish the amount spent on providing support and facilities to trade unions within their workforces, and specify which unions. In relation to parking charges, categories include the number of off-street parking places and the revenue raised from them; the number of on-street parking places and the revenue they raise; as well as the revenue from parking fines and the number of free parking spaces available.

On salaries the code requires publication of more information than is currently required under the Accounts and Audit (England) Regulations 2011. Local authorities must now place a link on their website to these published data or place the data itself on its website, together with a list of responsibilities (for example, the services and functions they are responsible for, budget held and number of staff) and details of bonuses and ‘benefits in kind’, for all employees whose salary exceeds £50,000. The key differences between the requirements under this new code and the Regulations referred to above is the addition of a list of responsibilities, the inclusion of bonus details for all senior employees whose salary exceeds £50,000 and publication of the data on the authority’s website. What effect will this have on FOI requests for salary information? Certainly senior figures will find it hard to claim that they have an expectation of privacy when it comes to FOI requests for similar information. More on salaries here.

Part 3 of the new code sets out the information, which is recommended to be published, but there is no requirement to do so. This is about providing more detail to information already published under the required category e.g. more details about expenditure, procurement, grants etc. For example instead of just publishing details of expenditure over £500 on a quarterly basis, local authorities are encouraged to publish expenditure over £250 on a monthly basis or better still in real time.

Existing restrictions on disclosing information still apply though. Paragraph 14 of the Code states:

“Where information would otherwise fall within one of the exemptions from disclosure under the Freedom of Information Act 2000, the Environmental Information Regulations 2004, the Infrastructure for Spatial Information in the European Community Regulations 2009 or falls within Schedule 12A to the Local Government Act 1972 then it is in the discretion of the local authority whether or not to rely on that exemption or publish the data.”

However where a qualified exemption under FOI applies, the appearance of the requested information in one of the categories set out in the code will have a big impact on the public interest in support of disclosure.

How should data under the new code be published? The code states that it should be in a format and under a licence that allows open re-use, including for commercial and research activities, in order to maximise value to the public. The Open Government Licence published by the National Archives should be used as the recommended standard. Where any copyright or data ownership concerns exist with public data these should be made clear. Data covered by Part 2 of the code must be published in open and machine-readable formats.

It will be interesting to see how this new code works with the new dataset obligations under the FOI, which came into force on 1st September last year via the Protection of Freedoms Act.

How far will local authorities go in publishing information under the code? Will they just do the bare minimum? (Answers on a postcard or in the comment field below.)

Give your career a boost in 2014 by gaining an internationally recognised qualification in FOI. Keep up to date with all the latest FOI decisions in 2014 by attending our FOI Update workshops.