Section 77 of the Freedom of Information Act 2000 (FOI) makes it a criminal offence for a person to do anything with the intention of preventing the disclosure of information pursuant to an FOI request. This offence is often briefly discussed in our FOI workshops. We say “briefly” because nobody has ever been prosecuted and our delegates reliably assure us that “that sort of thing never happens.” However, in March 2020, a town clerk became the subject of the first successful criminal prosecution under section 77 of FOI.
Nicola Young worked for Whitchurch Town Council in Shropshire. After pleading guilty to the charges, she was fined £400 and ordered to pay £1,493 costs and a victim surcharge of £40. The facts of the case are that a person had made an FOI request to Whitchurch Town Council for a copy of an audio recording of a council meeting.
They believed that the written minutes of the meeting had been fabricated and so they wanted to listen to the recording of the meeting. Ms Young deliberately deleted the audio recording a few days later and then advised the requestor that the audio file had been deleted as part of the council’s destruction policy. The Information Commissioner became involved when the requestor complained to her office. Readers may think that the fine is very low but it is important to remember that Ms Young now has a criminal conviction that will almost certainly affect her career prospects.
The Section 77 Offence
The S.77 offence requires three things to be proven:
- The information was requested by an applicant and they would have been entitled to receive the information (subject to the payment of any fee). If the deletion or alteration occurs before the information request is received, then no offence is committed.
- The person charged with the offence did one of the following things to the information; namely altered it, defaced it, blocked it, erased it or destroyed it.
- And the person charged, intended to prevent the public authority from disclosing some or all of the information to the applicant. In other words their actions were deliberate.
Section 77 does not provide any statutory defence. However, a prosecution will fail if the prosecution cannot prove that the defendant had the necessary intent (what lawyers call “mens rea”). Prosecutions are brought by the Information Commissioner or by or with the consent of the Director of Public Prosecutions. Cases can only be tried in the magistrates’ court. The offence can be committed by any public authority and any person who is employed by, is an officer of, or is subject to the direction of a public authority. Regulation 19 of the Environmental Information Regulations 2004 creates an identical offence, albeit with slightly different provisions governing government departments.
Why is this the First Prosecution?
There are two main reasons why we have not seen successful prosecutions under S.77 of FOI before this case.
Firstly, the ICO only has six months to bring a prosecution. This period runs from the date that the offence is committed, not from the date that the ICO becomes aware of it. In practice the ICO will not be called to investigate a complaint until an applicant has exhausted a public authority’s internal review procedures. The Act doesn’t specify how quickly a public authority should complete an internal review, but the S.45 Code of Practice states that this should normally be within 20 working days. This effectively means that the ICO is unlikely to be investigating a complaint until at least a month, or probably two, has elapsed since the request. That assumes that the ICO can investigate as soon as the complaint is received, which is not normally the case.
Secondly, for a successful prosecution under S.77 there must be proof of intent to destroy, conceal, deface etc. Given that this is a criminal offence the proof must be “beyond reasonable doubt.” This may be difficult to do so long after the event and if there is insufficient evidence to prove that the destruction etc was deliberate. During an investigation, the ICO will almost certainly want to see a public authority’s information disposal schedule. Its guidance notes that a disposal schedule will also offer an authority a defence to any suggestion that a S.77 offence has been committed. It will be able to explain that a record containing the requested information was destroyed as part of its routine disposal process.
This is the first prosecution in 15 years under S.77 of FOI which demonstrates the difficulties mentioned above. It does not necessarily mean that offences have not been committed before, but more likely that the ICO’s investigations have not been conclusive within the six-month period.
It is worth noting that the Data Protection Act 2018 introduces a new criminal offence in almost identical terms. Under S.173 DPA a person commits an offence where they, upon receiving a data subject access request, alter, deface, block, erase, destroy or conceal personal data with the intention of preventing disclosure. There are two defences available. Firstly it is a defence if the alteration, defacing, etc would have occurred in the absence of a subject access request. For example, if the information is destroyed as part of an organisation’s data destruction schedule. The second defence is where a person can prove that they acted in the reasonable belief that the person making the request was not entitled to receive the information. To the best of our knowledge there have been no prosecutions under S.173 to date. It remains to be seen whether the Information Commissioner will face the same problems, as under S.77 FOI, in relation to bringing proceedings. However, she has brought a successful prosecution under S.170 DPA 2018 which relates to the unlawful obtaining of personal data.
This and other FOI developments will be discussed in our FOI workshops which are now available as an online option. If you are looking for a qualification in freedom of information, our FOI Practitioner Certificate is ideal.
