Tag: FOI

20 Years of FOI: An Interview with Maurice Frankel  

It is more than 20 years since the Freedom of Information Act came into force. Now more than ever transparency is an important aspect of public life and indeed a democratic necessity.  

In Episode 3of the Guardians of Data podcast we discussed these issues with our guest was Maurice Frankel OBE, director of the Campaign for Freedom of Information .  

The following is an abridged version of the podcast focusing on Jon’s advice to IG professionals.   

Question: What was life like before the Freedom of Information Act? How easy was it to obtain information from the public sector? 

Answer: It was extremely difficult in most cases; unless the information you were asking for, was helpful for the public authorities position, in which case the authority would be prepared to release it. But if you asked for information which might question its position, then it was very difficult to get the information and officials, council leaders and ministers would treat the information as if it was their own personal information, and they’d sometimes be affronted that you would even ask and expect that information to be disclosed. 

What were the other challenges in terms of getting the FOI Act onto the statute books? 

Well, the fact is, the government realized and Tony Blair realised, once the legislation was going through Parliament that, this was something that would cause them problems. And, it came to the point at which, the government privately threatened to pull the FOI Bill from Parliament if further improvements to the bill were made during its parliamentary progress.  

Jack straw, who was the Home Secretary and the Justice Minister, confirmed this in his memoirs; that the government actively considered dropping the FOI Bill, for fear that it had gone too far, that it was providing too much openness; that explains why they put it off for so long. 

You mentioned the cost limit. There was a story recently about an author who had a number of FOI requests about Andrew Mountbatten Windsor refused on costs grounds. Do you think there’s a case here for the cost limit rules to be changed so FOI requests cannot be refused on the grounds of costs if there’s a strong public interest in disclosing the information? 

Well, I think there’s a good case for that. We argued for that when the FOI Bill was going through Parliament because, it was obvious that you had an absolute limit on what could be disclosed based on the time needed to find it, essentially. And there was no way through that. And that limit applied in the same way to a request about the purchase of government stationery and to information the government held about a life threatening disease or potential pandemic. And, the case for treating those differently and recognising the public interest in serious cases, I think is very strong. Now the government will argue that everybody will make a public interest case for disclosure. But everybody does make a public interest case for disclosure of information about commercial interests, law enforcement matters and so on. And the exemption does not, collapse in every case simply because somebody makes that argument. Tt gives way when there is genuine evidence which justifies a disclosure of otherwise exempt information. I think the same could take place if there was a public interest test applying to the cost limit. 

You mentioned previously with regards to inquiries and their power to seek information from government. The Covid inquiries are ongoing. We’ve about the use of unofficial communications such as WhatsApp, Signal and Google Chat by ministers and advisers and in some cases, them using disappearing messages. What does that say to you about attitudes to transparency when it comes to the major decisions, particularly around Covid? 

Well, a chunk of the history will have been lost forever. It may be that there’s enough been recorded, to make up for that in the main areas. But I think the use of auto deletion, or messaging software, is a very unhealthy development. And if it’s possible to prevent officials using it, even where they need to use messaging software for efficiency purposes, they should not be able to use software, which automatically deletes messages once they’ve been read. I think that is inimical to proper record keeping practices, to accountability and to the operation of the Freedom of Information Act. 

Do you think that the fallout from the Epstein Scandal and the Covid Inquiry so far, is going to lead to improvements in government transparency, or is it going to lead to more unrecorded decisions? 

Well, I think the surprising thing is that very embarrassing material has come out of the Post Office Inquiry. For example, about the real reasons for continuing with various practices, despite the fact that it was well known that the Post Office was subject to the Freedom of Information Act and was receiving Freedom of Information requests. So I think what is perhaps more surprising is how much of that information has survived, despite the existence of FOI. I mean, when the Act was being discussed in the early days, the government would argue that people would use post-it notes to record sensitive information so that these could be pulled off the documents when an FOI request was received. And so they believed that the threat of disclosure would prevent anything significant, which could be embarrassing being recorded in a permanent form at all, and that’s not proved to be the case. And I think that is probably because, first of all, the chances, I think officials will recognise that they’re dealing with vast volumes of documents, and very few of those were ever requested under FOI. And that means the ordinary incentive to carry on, recording information in the ordinary way or sending recorded information to colleagues, in the ordinary way, carries on, despite what in practice, maybe a hypothetical possibility of an FOI request being received at some later stage. So the information is, is not that vulnerable, to pre-emptive destruction, to prevent disclosure. I think that is perhaps a reassuring, result of these inquiries. 

I agree with you, Maurice, that having had over twenty years of FOI, we are seeing the government disclosing more information, sometimes embarrassing as well and certainly the inquiry system is disclosing more information perhaps, than the Freedom of Information Act would have allowed. So together, I think I agree we have made progress. But do you think there is still room for improvement? Do you think certain public authorities need to improve more than others? 

Well, I think there’s room for improvement across the board. I think there’s a number of things. I think the first thing is, authorities are sometimes too keen to impute bad motive to a requester, just as requesters are sometimes too keen to impute bad motive to a public authority for withholding information.  

I think a second problem is that, public authorities are not making proper use of Boolean searches,. That is, they’re not searching for search term A combined with search term B, but excluding search term C. They are simply looking for hits under particular search terms and not intelligently, using the ability that their systems in many cases, must have to narrow the request by proper use of the of search language. So I think that needs to be looked at.  

And I also think that the Act itself needs to be amended, to address some of the shortcomings that it creates. And, chief of those is, the reasonable extension to consider the public interest test. So the twenty working days is extendable by an unspecified reasonable period to consider the public interest test. I think that extension should be got rid of, just as the Environmental Information Regulations have got rid of it (and Scotland’s Freedom of Information Act, has never adopted that approach). 

Where do you think FOI is going? If we get a change of government, do you think you’ll be back on the campaign trail trying to save FOI? 

Well, we are always aware of the fact that the Act could come under threat at any time. The number of times we have had to come in and try and defend the Act against attempts by, initially the Blair Administration, then the Coalition Government, Conservative Government, to stop attacks on FOI is remarkable.  

I mean, we had attempts to remove Parliament itself from the scope of the act in the early days. There was an attempt to expand the cost limit so that the cost limit of effectively 18 hours or 24 hours of time spent looking for information would apply not to a single request, or to all similar requests within a sixty working day period, but to all requests by a requester to the same public authority, whether they were related or not. And that would mean that, and not just from the same individual requester, but from the same organisation. So it would mean that major news organisations would be limited to one or two requests to the Home Office in a in a three month period, spread amongst all of their journalists. This was seriously put forward by the Blair Administration in the early days. And so, I don’t underestimate the threat to FOI.  

The most recent serious threat we had was, the government setting up the Independent Commission on Freedom of Information, in the mid-nineties, where the unspoken aim was to remove information about policy making from the scope of FOI altogether. We did a very detailed analysis of all Tribunal decisions over, I think, a sixteen month period, relying on section 35, and showed that in very many cases, the exemption worked as it the government had intended it to work. That is, it protected sensitive discussions, from disclosure even after the decision had been taken. But that in a number of cases where the public interest justified it, that information was disclosed and the Tribunal accepted that that was the exemption and the public interest test working as it was supposed to, and that there should be no change to that that position. And so I think that was a very important milestone in the Act, because that resulted in the government before the final report was published, announcing that it hoped the Independent Commission would not require any weakening of the Freedom of Information Act, whereas a weakening of the Act had been the whole purpose of setting up the Commission 

And just finally, some words of inspiration for our new professionals please Maurice. 

Try and understand what the rationale for bringing FOI in actually was, and that was that openness serves the public interest. It serves the interest of accountability. It deters bad practice and it exposes unacceptable conduct. Those are all things which authorities, should be endorsing. And the FOI officers in particular, should see that as the benefit of freedom of information. And in my own experience where I’ve been provided information in the right spirit, it does change your view of the authority you’re dealing with. It does make you more willing to accept what they tell you, and more willing to have confidence in their decisions. It increases public trust in the organisation which can only be a good thing.  

You can listen to the full Episode 3 podcast with Maurice here. 

The Information Commissioner Steps Aside (Temporarily)  

Five days ago, the Information Commissioner, John Edwards, posted on LinkedIn: 

“Colleagues and friends!👋🏻 I wanted to let you know that for the last few weeks I have voluntarily stepped aside from my duties at the ICO while an independent investigation into HR matters is undertaken. I am fully cooperating and engaged with the investigation and will report progress in due course.” 

Paul Arnold, CEO of the new (but not yet functioning) Information Commission, has assumed the role of Acting Information Commissioner.   

Edwards announcement has come as a surprise to ICO watchers. It was only issued after a POLITICO journalist made enquiries to the ICO regarding Edwards’ work absence. Until then there was silence; not what you would expect from a statutory regulator in the area of, amongst other things, openness and transparency.  

Listen to the Guardians of Data Podcast for the latest news and views on data protection, cyber security, AI and freedom of information. 

How to Succeed in Information Governance

Seasoned IG professionals offer invaluable advice, having tackled data protection hurdles and shaped best practices over years in the field. By listening to their journeys, new IG professionals can better prepare themselves to face tomorrow’s IG challenges with confidence. 

In Episode 1 of the Guardians of Data podcast our guest was Jon Baines who is a senior data protection specialist at Mishcon de Reya LLP, a law firm where he advises on complex data protection and freedom of information matters. Jon isn’t a lawyer in the traditional sense, yet he has been listed in Legal 500 as a rising star in the data protection, privacy and cybersecurity category. Jon is also the long standing chair of the National Association of Data Protection and Freedom of Information Officers.  

In the podcast, our conversation ranges widely and goes into Jon’s route to the law, what sort of work a non-lawyer like gets involved in at a law firm, whether young professionals need to or should qualify as solicitors in order to develop a career in information law, some of the specialisms and the history of Mishcon de Reya LLP; and developments of data protection in the age of AI. 

The following is an abridged version of the podcast focusing on Jon’s advice to IG professionals.  

Question: You’ve proved that you don’t need to be a lawyer to work at the cutting edge of information law. What skills or perspectives can non-lawyers bring that make them particularly valuable in this field? 

Answer: Critical thinking. I’m a big advocate for seeing both sides. I nearly always, when I approach a task or an instruction, think “if I were advising the other side, what would I be doing?” Because I think it’s really important that you don’t just see the positives on your side; that ability to see across the issue and be able to challenge yourself is important. And that’s part of critical thinking.  

In a lot of data protection matters, it’s important to remember that a data subject is all of us effectively; we are all data subjects. Data protection is about a fundamental right, let’s call it the right to respect for our personal information and a limited right to control that information. So a certain amount of empathy is important.  

It’s also important to understand how commerce works; data protection law doesn’t exist in a vacuum. As I say, it’s about us; it’s about our information. It’s also about how that information, operates and can be used within a commercial world, a business world, a public service world. We don’t have a complete right to privacy, let alone privacy of our information. It’s a qualified right. So I think an understanding of business and understanding that business needs data in order to operate is important. 

What is your advice for those who are new to the IG profession? 

I think one of the biggest skills you need is being able to be across the whole organisation that you work for. So don’t work in a silo. Your role might be part of Legal etc. but make sure that you get out and learn about your organisation. Make sure that people know who you are. It’s old fashioned internal networking, I guess. 

How should IG professionals, position themselves, to add value to AI projects? 

Well, it kind of makes me think of the old Data Protection Impact Assessment or prior to GDPR, when we called them privacy impact assessments. It’s not much use being part of that sort of project if you’re only brought in at the last moment. The whole idea of risk assessment is to assess in advance. So it’s important for IG professionals to remind those setting up AI projects that their input is needed from the start; indeed, even before a decision is taken to initiate a project. There are going to be few AI projects that will not involve data protection, in some way or another, or that don’t have the potential to do so in the future. So I think it’s as simple as that really. Try and make sure you’ve got your foot in the door at the start, because it’s going to be very difficult to do your job if you’re brought in at the last moment. 

If you could go back and give your younger self one piece of career advice, what would it be? 

I would probably tell myself that, just in the years after graduation, time goes quite quickly. And whilst I wouldn’t ever want to put pressure on my younger self, I think I would want to tell my younger self to “pull your socks up” a bit and start doing this sort of thing earlier. I think I drifted for a number of years and, as I get older, I increasingly find myself in this role of elder sage and telling young people, don’t waste time; it goes so quickly. 

How useful is NADPO in terms of professional development? 

NADPO is a venerable institution. It’s been going since 1993. We’re an association of information law professionals and by that I mean there are DPOs, there are FOI officers, there are lawyers, there are some journalist members, academics etc. So everyone is welcome. We exist to support the profession by providing an opportunity to learn from experts (whilst we don’t do direct training). So for a payment of, what’s rather an eccentric, membership fee of £130 for two years, you get to attend our in-person events, which includes our annual conference where we have seven or eight expert speakers talking on various areas of information law. We also have monthly webinars and a range of other member benefits. I’m very keen that NADPO is for its members. So I love it when members come to me with ideas for speakers or offers. Like I say, it’s open to anyone who’s working in or really interested in the area of data protection, FOI and IG.  

You can listen to the full Episode 1 podcast with Jon here.  

More valuable careers advice in Episode 5 where our guest is Raz Edwards, Head of Data Security and Protection at Wolverhampton NHS Trust. In our conversation, Raz shares her journey into Information Governance, the challenges she’s faced and overcome as an IG leader, her advice for both new starters and seasoned professionals and her perspective on the future of the profession.  She also reflects on what she’s learned through her tribunal role and what it takes to succeed as an IG leader. 

New Podcast: How to Succeed as an IG Leader 

Act Now is pleased to bring you episode 5 of the Guardians of Data podcast.  

In information governance, there is no substitute for learning from those who have walked the path before us. Experienced IG leaders bring a wealth of knowledge from years at the frontline of data protection and information rights – navigating challenges, overcoming obstacles and shaping best practice along the way.
By sharing their stories, lessons learned and practical advice, they help both new starters and seasoned professionals grow in confidence, strengthen their practice and prepare for the challenges of tomorrow. 

In this episode we are joined by Raz Edwards, Head of Data Security and Protection at Wolverhampton NHS Trust. Raz has over 17 years of experience as a Data Protection Officer, including more than a decade in the NHS. She is also Chair of the National Strategic Information Governance Network and serves as a member of the Upper Tribunal and First-Tier Tribunal in the Information Rights Jurisdiction. 

In our conversation, Raz shares her journey into Information Governance, the challenges she’s faced and overcome as an IG leader, her advice for both new starters and seasoned professionals and her perspective on the future of the profession.
She also reflects on what she’s learned through her tribunal role and what it takes to succeed as an IG leader. 

 Download and listen here, or on your preferred podcast app. Available on Apple Podcasts, Spotify, and all major podcast platforms. 

Previous episodes of the Guardians of Data podcast have featured Jon Baines, reflecting on his career as a Data Protection Specialist and the hot issues in information governance, Lynn Wyeth discussing the recent controversy around Grok AI, Maurice Frenkel looking back at 20 years of the Freedom of Information Act and Olu Odeniyi analysing recent cyber breaches and discussing the lessons to learn.

Join Our Team – Become an Act Now Trainer! 

We are Hiring – Become an Act Now Trainer! 

Are you an information governance expert with a passion for sharing your knowledge? Do you have experience delivering engaging training on GDPR, FOI, AI or Cyber Security? Do you want to help build a privacy-conscious world? If so, we want to hear from you! 

Why Act Now Training? 

Act Now Training is Europe’s leading provider of information governance training. For the past 24 years, we have been working with government organisations, multinational corporations, financial institutions, and corporate law firms. Our team of expert trainers delivers high-quality, practical courses that make complex topics easy to understand. 

With a comprehensive programme ranging from short webinars and one-day workshops to advanced practitioner certificate courses, we equip professionals with the knowledge and skills they need to navigate the evolving landscape of data protection and privacy. 

Our Mission 

At Act Now, we believe in building a privacy-conscious world. Our goal is to promote trust and respect for privacy, ensuring organisations embed data protection into their operations by default. We break down complex legal concepts, making education accessible and empowering professionals to become leaders in their field. By fostering a culture of responsible data usage, we help build public trust and drive positive change. 

Why Join Us? 

Due to increasing demand, we are expanding our team of expert trainers. With new courses launched in 2026, we are looking for talented trainers to deliver engaging, practical and jargon-free training. 

We offer opportunities for both full-time trainers and those looking to complement their existing roles. We are looking for passionate professionals who bring energy and innovation to their training sessions. 

What We Are Looking For: 

  • Experience of delivering GDPR, FOI, AI or Cyber Security training 
  • A passion for teaching and the ability to simplify complex concepts. 
  • A commitment to delivering interactive, engaging training (no “death by PowerPoint”!). 
  • Availability for two to ten training days per month  

We have opportunities to deliver a variety of courses, including our flagship GDPR Practitioner Certificate and our AI Governance Practitioner Certificate as well as customised in house training. 

Apply Now 

If you are ready to take the next step in your career and join a team dedicated to shaping the future of information governance, we’d love to hear from you! 

Email info@actnow.org.uk your CV, detailing your training and consultancy experience in GDPR, FOI, or Cyber Security. Closing date for applications is 5th May 2026. A full privacy policy is available on our website. 

Transparency and FOI: 20 Years On

Act Now is pleased to bring you episode 3 of the Guardians of Data podcast. This is a show where we explore the world of information law and information governance – from privacy and AI to cybersecurity and freedom of information.  

In the past few weeks, we have had a stark reminder of why transparency in public life is a democratic necessity. The US Government’s release of millions of documents linked to the Jeffrey Epstein investigation has triggered, amongst other things, the arrest of the King’s brother, the sacking and subsequent arrest of a former Government minister, political jeopardy for the Prime Minister and questions about the future of the British monarchy.  

In Episode 3, our guest is Maurice Frankel OBE, Director of the Campaign for Freedom of Information. We discuss the remarkable story behind the UK’s Freedom of Information Act. From his early work with the campaigner Des Wilson in the 1980s, to the later attacks launched to weaken FOI’s impact, Maurice shares insights on:

• Life before the Act and how public authorities’ culture has evolved

• The key battles to see the law passed and fully implemented

• Lessons from major disclosures, inquiries and data releases

• FOI shortcomings, from excessive public interest extensions to the need for proactive publication

• Emerging threats to transparency

Hear what still inspires one of the UK’s foremost transparency advocates and why FOI remains a vital tool for public accountability.

Listen via this link, or on your preferred podcast app. Available on Apple Podcasts, Spotify, and all major podcast platforms. 

Previous episodes of the Guardians of Data podcast have featured Jon Baines, talking about his career as a Data Protection specialist and the hot issues in information governance, and Lynn Wyeth discussing the recent controversy around Grok AI.  

Act Now Nominated for IRMS Supplier of the Year Award 

Act Now Training is pleased to announce that it has been nominated for the 2026 Information and Records Management Society (IRMS) awards. 

Each year the IRMS recognises excellence in the field of information management with their prestigious industry awards. These highly sought-after awards are presented at a glittering ceremony at the annual Conference following the Gala Dinner.  

Act Now has been nominated for the Supplier of the Year award which it previously won in 2021, 2022 and 2024. 

Voting is open to IRMS members until Wednesday 18th March 2026. 

If you are an IRMS member, you can login to your account and vote for Act Now here

Thank you for your support!

Listen to the Guardians of Data Podcast for the latest news and views on developments in GDPR, AI, cyber security and FOI

Survey of FOI Officers 

Dr Ben Worthy, an academic at Birkbeck College, is looking for Local Government FOI officers to complete another survey. 

The survey is part of a joint US/UK research project, funded by Democracy Fund, which started last year looking at FOI request burdens.  They want to follow up on the use of AI to help make FOI requests. 

The survey should take around 5-10 minutes to complete.  An anonymised summary of the findings will be sent to anyone who wishes to see it.  

You can read more about the project here. The survey can be accessed here.

Listen to the Guardians of Data Podcast for the latest news and views on data protection, cyber security, AI and freedom of information. 

Former Council Chief Executive Prosecuted under Section 77 FOI 

Section 77 of the Freedom of Information Act 2000 (FOI) makes it a criminal offence for a person to do anything with the intention of preventing the disclosure of information pursuant to an FOI request. The offence can be committed by any public authority and any person who is employed by, is an officer of, or is subject to the direction of a public authority. Regulation 19 of the Environmental Information Regulations 2004 creates an identical offence, albeit with slightly different provisions governing government departments. 

Last week the trial begun of the former Chief Executive of Mid and East Antrim Borough Council who has been charged with three offences relating to records kept by the council. Anne Donaghy faces three charges under section 77 FOI namely; altering a record to prevent disclosure, attempting to alter records, aiding and abetting the alteration of a record. Ms Donaghy denies the allegations and is contesting the charges. 

A BBC Spotlight programme previously reported that the charges were connected to alleged attempts to delete correspondence relating to the decision to withdraw council staff operating under the post-Brexit trade conditions known as the Northern Ireland Protocol. The staff, who were carrying out checks on goods arriving from Great Britain, were removed because of apparent threats from loyalist paramilitaries. 
It later emerged Ms Donaghy, who was chief executive at the time, had written to the Cabinet Office before the decision to remove staff was taken. She told the UK government graffiti had been directly targeting council staff working on checks. 
The then Agriculture Minister, Edwin Poots, subsequently withdrew inspectors performing the checks at ports in Northern Ireland. However, shortly after, all staff had returned to duties. The Police Service of Northern Ireland (PSNI) issued a threat assessment stating it had no information to support claims of loyalist paramilitaries threatening staff safety. 

Prosecutions under section 77 are extremely rare. The main reason for this is that there must be proof (‘beyond reasonable doubt’) of intent to destroy, conceal, deface etc. This may be difficult to do after the event.   

The only other section 77 prosecution was in March 2020. Nicola Young, a town clerk at Whitchurch Town Council, was fined £400 and ordered to pay £1,493 costs following a guilty plea. The facts of the case are that a person had made an FOI request to the Council for a copy of an audio recording of a council meeting. 
They believed that the written minutes of the meeting had been fabricated and so they wanted to listen to the recording of the meeting. Ms Young deliberately deleted the audio recording a few days later and then advised the requestor that the audio file had been deleted as part of the council’s destruction policy. 

This and other FOI developments will be discussed in our forthcoming FOI workshops . If you are looking for a qualification in freedom of information, our FOI Practitioner Certificate is ideal. 

FOI Practitioner Certificate: Final Two Courses for 2025 

There are only two FOI Practitioner Certificate courses left till Christmas!  

This foundation course is designed for those wishing to acquire detailed knowledge of the FOI and develop the practical skills to enable them to become a more effective FOI Officer.  The syllabus has been developed by FOI experts after analysing all the skills, knowledge and competencies required for the FOI Officer role. By the end of the course, you will be able to practically handle FOI requests, apply the exemptions and draft Refusal Notices. You will also be able to differentiate between FOI requests and requests under the Environmental Information Regulations. 

The course takes place over four days followed by an assessment. Our teaching style is based on practical and engaging workshops covering the theory alongside hands-on application using real life case studies and exercises. Personal tutor support throughout the course, detailed course materials and a comprehensive online resource lab, ensure the best opportunity for success. 

The FOI Learning Pathway  

The updated FOI Practitioner Certificate is part of our learning pathway for FOI Officers. Once completed they can move on to the Intermediate FOI Certificate. This strengthens the foundations established by the FOI Practitioner Certificate. Topics include interpreting information requests, navigating data repositories for relevant information, handling vexatious requests and applying the exemptions. Time will also be spent discussing the historical development and transformative impact of FOI on transparency, accountability and citizen empowerment. International comparisons with the FOI Act will broaden delegates’ perspectives, while critically evaluating its impact and effectiveness will assist them to appreciate the importance of transparency and accountability. By the end of the course, delegates will gain skills in, amongst other things, effectively interpreting information requests, assessing their scope, retrieving relevant information, overcoming challenges in organisational compliance, applying exemptions and crafting clear Refusal Notices.   
 
If you would like a chat to discuss your suitability for any of our certificate courses, please get in touch.