Tag: Section 40

Disclosure Staff Names in FOI Requests  

chuttersnap-jchrnikx0tm-unsplash

One of the most popular search terms on our blog is “disclosure of names under FOI.”
A further question that we were recently asked on a course is whether FOI practitioners should provide their names when they respond to requests.

There have been some important developments since 2013 and our last two blogs on this topic. The provisions of S.40(2) of the Freedom of Information Act  (FOI) 2000 have been amended to take into the provisions of General Data Protection Regulation 2016 (GDPR) and the Data Protection Act 2018 (replacing the Data Protection Act 1998).
In addition we now have the benefit of  two rulings from the Upper Tribunal namely Information Commissioner v Halpin (GIA) [2019] UKUT 29 (AAC) and Cox v Information Commissioner and Home Office [2018] UKUT 119 (AAC). In addition, the Information Commissioner’s Office has issued revised guidance on requests for personal data about public authority employees which take into account the recent developments.

The FOI Section 40(2) Exemption

The names of staff working in public authorities are personal data as defined by Article 4 (1) of GDPR and S. 3 Data Protection Act (DPA) 2018. In addition organisational charts and internal directories that contain staff names are also personal data if they identify individual members of staff. FOI requests may not necessarily be couched as request for staff names. For instance, a requestor may wish to see “ all communications” about a certain subject, but these communications may include the names of those sending and receiving emails. They may wish to find out the names of staff present in specific meetings (which is what happened in the Cox case). The Cox case was the first occasion in which the Upper Tribunal was tasked with considering the principles governing the disclosure of the names of civil servants, but clearly it has wider application to all other public authorities.

When a public authority receives an information request that includes a request for the names of staff, it needs to consider the third-party personal data exemption in S. 40(2) FOI. This is an absolute exemption if:

  • Disclosure of the third-party personal data (in this case staff) would contravene any of the data protection principles; or

  • Disclosure would contravene an objection to processing under GDPR Article 21; or –

  • The personal data would be exempt if the data subject  (member of staff concerned) had made a subject access request.

An almost identical exception operates in EIR regulation 13.

The data protection principles are listed in GDPR Article 5. The first principle is the most relevant in this context. This requires that the processing of personal data must be lawful, fair, and transparent. Disclosing under the FOI constitutes processing.

Before disclosing any staff names the first question is whether the disclosure is lawful. There are six lawful bases for processing in GDPR Article 6, but only consent or legitimate interests are relevant to disclosure under the FOI or EIR. It may be possible to ask staff for their consent to disclose their names. However, given the particularly high threshold for consent to be valid (see GDPR Article 7) and the imbalance of power in an employer/employee relationship, any consent is not necessarily going to be valid.

Legitimate Interests

The alternative lawful basis is that disclosure is “necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interest or fundamental rights and freedoms of the data subject which require protection of personal data…” (GDPR Article 6 (1)(f)). Some readers may be concerned because the GDPR specifically states that public authorities cannot rely on the legitimate interests’ lawful basis when processing in the performance of their tasks. However, this restriction is lifted in relation to disclosure under the FOI or EIR by S.40(8) of FOI and Reg. 13(6) of EIR respectively.

The ICO guidance suggests that public authorities answer three key questions when considering this issue, namely:

Question 1: What is the legitimate interest in disclosure (or what is the purpose)?

This includes the legitimate interest of the public authority or a third party, which is likely to be the requestor.  A wide range of interests may be legitimate interests. The requestor may have  a personal and private reason for wanting to know staff names, but this makes it no less relevant. In the Halpin case, the Upper Tribunal confirmed that a purely private interest was capable of amounting to a legitimate interest. In this case Mr Halpin wanted details of the training undertaken by two social workers because their capacity and skills were relevant in any appeal against a Care Act assessment.

Question 2: Is it necessary to disclose staff names for that purpose?

This requires a public authority to ask whether it is “necessary” to disclose staff names in order to serve the legitimate interests of the requestor. It may be possible to provide the applicant with alternative information, such as the numbers of staff involved in a meeting and information about their roles and levels of seniority without providing names. For example, in McFerran v Information Commissioner EA/2012/0030,the requestor wanted to know the names of the council staff who were present during a police search of a council property. The Tribunal acknowledged that there was a legitimate interest in knowing that the search had been conducted properly but it was not necessary for the requestor to know the names of the council staff involved.

Question 3: Does the legitimate interest outweigh the interest and rights of the staff concerned? 

This involves a balancing exercise. Public authorities need to consider the likely impacts or consequences that disclosure of staff names will have on the staff themselves.
Names should not be disclosed if disclosure will cause unjustified adverse effects on the staff concerned. It is important to remember when making this assessment, that disclosure of names under the FOI is to “the world at large”. Again, the Upper Tribunal in Halpin was at pains to emphasise that even if the requestor indicates they have no intention of publicising the information, the public authority loses control of the information once it is disclosed. Disclosure under the FOI is not subject to any duty of confidence. This becomes a relevant factor in deciding whether the disclosure will cause unwarranted harm to the  named individuals.

The key question when it comes to disclosing names, is what is the harm that will arise from disclosure? There must be a connection between the disclosure and the harm.
Even if disclosure may cause distress to a member of staff  this doesn’t automatically trump the legitimate interests of the requestor; the public authority must undertake a balancing exercise. When a public authority carries out this balancing exercise it should take the reasonable expectations of the staff concerned into account. For example, just asking whether the member of staff concerned would have a reasonable expectation that their names would be disclosed to the world at large provides a useful starting point.
This also enables the public authority to address the question of fairness.
In deciding whether to disclose staff names it is important to think about the public facing nature of the role filled by the individual member of staff ; their seniority in the organisation; whether a public authority has a policy  on the disclosure of staff names that informs their expectations. The staff privacy notice should also provide staff with some understanding of when their names may be disclosed in response to FOI request.

Clearly a Chief Executive of an organisation should expect that their name is released into the public domain. As the ICO guidance advises:

The more senior an employee is and the more responsibility they have for decision making and expenditure of public money, the greater their expectation should be that you disclose their names.

On the other hand somebody with responsibility for cleaning offices will have a real expectation that their name remains confidential. FOI practitioners are familiar with this assessment, which is  based on ICO guidance and an earlier case of Home Office v Information Commissioner EA/2011/0203. This said that the names of junior civil servants are generally protected from disclosure unless they occupy a public-facing role. However the decision in the Cox case makes it clear that each case will depend on its own facts and context. There is no blanket presumption in favour of disclosure of the names of senior officials, each case must be considered carefully and with regard to the legitimate interests of the requestor.

Disclosing Names of FOI practitioners

The question of whether a public authority should disclose the name of a person handling an FOI request raises all of the above considerations. First, what is the legitimate interest in a FOI requestor knowing the name of the person who handled their request?
Second, is it necessary to know that person’s name to serve that legitimate interest? Finally does the legitimate interest of the requestor outweigh any harm that may be caused to the member of staff handling the request. There is no legal obligation to disclose staff names and a public authority could refuse under S 40(3) FOI if all of the above are satisfied.

In the interests of transparency many public authorities disclose the names of the person who has handled their request. Given the public facing role and the work that FOI practitioners do it is arguable that their expectation is that their names may be disclosed. However in some organisations FOI requests are dealt with by many different staff at various levels rather than via a single FOI point of contact. In these circumstances more junior staff who have handled requests may have a greater expectation of privacy.

This and other developments will be discussed in our  FOI and EIR workshops  which are now available as an online option. If you are looking for a qualification in freedom of information,  our  FOI Practitioner Certificate  is ideal. It will soon be available as an online option. Please get in touch to learn more.

online-gdpr-banner

 

What is “information” under FOI?

canstockphoto0925773Section 1 of the Freedom of Information 2000 (FOI) contains the general right of access to information held by public authorities. But what exactly is “information”? Section 84 defines information as “information recorded in any form.” This includes information held on paper, computer, video, audiotapes as well as that contained in manuscript notes. FOI does not give access to information that is known to the public authority but is not available in some recorded form (see Ingle v Information Commissioner (EA/2007/0023) ).

Mere marks made on documents are also information according to an Information Tribunal decision from 2009 (O Connell v the Information Commissioner and Crown Prosecution Service (EA/2009/0010)). Here the Tribunal considered access to manuscript notes made by a defence barrister, during a criminal trial, on his client’s typed police interview record. The Information Commissioner’s view was that some of the notes, which consisted of asterisks and underlining of words on a document, were not information for the purposes of FOI.

The Tribunal rejected this submission. In its view, however tenuous and potentially misleading the material sought may be, it still constituted information; even if it was only information to the effect that certain marks had been made on certain sheets of paper held by the public authority. The Tribunal did however rule that the requested information was sensitive personal data, disclosure of which would breach the Data Protection Principles. Consequently it was exempt under section 40(2) being third party personal data.

It is an oft-repeated phrase that FOI provides a right of access to information rather than documents. However, a request for a copy of a document will generally be a valid request for all of the information contained within that document (including visual format, design, layout etc). In considering whether the public authority has complied with the request, the question is whether all of the information recorded in the document has been provided. It will not be sufficient to rephrase the document or provide an outline or summary of its contents unless the applicant has specifically expressed a preference for a digest or summary under section 11(1)(c).

In April 2013 the First Tier Tribunal (Information Rights), ruled that images of MPs’ expense claim receipts was information to which the FOI applied (IPSA v Information Commissioner (EA/2012/0242)). The background to the request was that, following the MPs’ expenses scandal, the then newly-formed Independent Parliamentary Standards Authority (IPSA), decided that it would not routinely publish images of the receipts submitted to IPSA by MPs in support of their expenses claims.  Only text transcribed from the submitted receipts would be published.

A journalist made an FOI request for the actual receipts submitted by a number of MPs. The question arose as to whether images of those receipts held by IPSA contained “information” within the meaning of section 1 of FOI, which was not captured by the transcription process favoured by IPSA. The Tribunal concluded that the definition of information (in this case) included logos, letterheads, handwriting, manuscript comments, and even the layout and style of the requested documents. These were not disclosed to the requestor as a result of providing a transcription, rather than a copy, of the relevant receipts.

The Upper Tribunal’s appeal decision in this case, has now put the matter beyond doubt. In Independent Parliamentary Standards Authority v IC & Leapman [2014] UKUT 33 (AAC) Judge Williams dismissed the appeal by IPSA. At Paragraph 22 of the judgement he said:

“It is to me also trite to note that the wording on a typical receipt or invoice is only part of what a recipient sees when looking at it. Typically there will be verbal and numerical content to be read and understood, but there will also be visual content to be seen, rather than read, but which may also require to be understood for the recipient to have appreciated the whole of the experience, if I may term it that, communicated by the receipt or invoice.”

In the judge’s view information is more than just the words and figures on a piece of paper. Sometimes the nature of the request will mean that the only way to convey all the information on a document is to disclose the original or at least a copy. He gave the example of Land Registry plans, drawings and photographic evidence of a particular building.

In coming to his decision the judge took note of the Scottish Court of Session decision in Glasgow CC v SIC [2009] CSIH 73 under the Freedom of Information (Scotland) Act 2002 (FOISA). As a general point of principle, the Commissioner and the Tribunal is not bound by Court of Session decisions on FOISA, although they may be considered persuasive where the terms of FOISA mirror the terms of FOI. In the Scottish case the applicant specifically wanted the public authority to provide copies of the documents, although he acknowledged that the same information was available elsewhere. The Court confirmed that FOISA entitles requesters to the information within a document, rather than a copy of the document itself. To the extent that this request was specifically for copies of the documents over and above the information they contained, it was invalid. The Court rejected an argument that the copy documents were “information” distinct from the information contained within them.

The Court stated at paragraph 45 of the judgment:

“Where the request does not describe the information requested… but refers to a document which may contain the relevant information, it may nonetheless be reasonably clear in the circumstances that it is the information recorded in the document that is relevant.”

However paragraph 48 should be noted:

“The difference between the original and a copy… does not consist in any difference between the information recorded in each document: that information, if the copy is true and accurate, will be identical.” (my emphasis)

In the IPSA case, the judge ruled that transcriptions of the requested receipts would not be “true and accurate”, as they would not contain all the same information as on the originals e.g. logos, style, layout etc.

If you want to know more on the Scottish case, read the briefing note published by the Scottish Information Commissioner. The basic principles (and these apply equally to FOI requests) are:

  • The Freedom of Information (Scotland) Act 2002 (FOISA) provides a right of access to information and not a right of access to copies of specific documents.
  • Authorities should not automatically refuse requests for copies of documents, as long as it is reasonably clear from the request that it is the information recorded in the document that the applicant wants.
  • Requesting a document (e.g. a report, a minute or a contract) is a commonplace way to describe information. Where it is reasonably clear that a request is for the information contained in a document, the authority should respond to the request as one properly made under FOISA.
  • If a request is for a document, but it is not reasonably clear what information is being requested, the authority should contact the applicant to seek clarification.

These are interesting decisions especially for those public authorities who often insist, when refusing to supply actual documents (such as minutes of meetings) that FOI is about access to information not documents. Sometimes the requestor is interested in the document, which contains the requested information, as it will give a further insight into its background and the thoughts/observations of the producers/subjects of the document.

Finally to quote one of our FOI trainers (Philip Bradshaw):

“Much will also in practice depend on the wording of the request. Contrast “How much did you spend on pencils?” with “Can I have a copy of your pencil invoices”. You can clearly provide in permanent form all the recorded information within scope of the first request without copies, but not perhaps for the second.”

Ibrahim Hasan will be discussing this and other recent FOI decisions in the FOI Update workshops which are delivered in online sessions as well as face to face.

Freedom of Information Caselaw Roundup

FOI3The Freedom of Information Act 2000 (FOI) applies to information held by a public authority or held on its behalf by another person (Section 3(2)). What of information about people working for a public authority but who are legally employed by a third party?

This question arose recently in an appeal to the First Tier Tribunal (Information Rights) (FTT). In Hackett v Information Commissioner (EA/2012/0265), the  (ULT), an education charity running 21 Academy schools, was asked for, amongst other things, details of senior staff members’ pay, pension contributions, other remuneration and expenses.  The request was refused on the basis that the information was not held by ULT, but by the United Church School Trust (UCST) who employed the staff and who, as a non-publicly funded charity, is not subject to FOI.

The appellant argued that the corporate structure of ULT and UCST was an accounting process set up to avoid disclosure of the requested information which was about the spending of public money. In addition he submitted that both companies were subsidiaries of the United Church Schools Company and as such were, in effect, both part of one company.

The FTT upheld the decision of the Information Commissioner that the information was not held by ULT, but by UCST, and so not subject to FOI.  It took account of the fact that the corporate structure had been urged on ULT by the Department for Education, the two charities had maintained a complete corporate separation and that the service agreement between ULT and UCST expressly referred to the senior staff being employed by UCST. Could this decision mean that more public bodies will adopt innovative structures to avoid public scrutiny of their finances?

The section 40 exemption applies to personal data disclosure of which would breach one of the Data Protection Principles. This usually involves considering whether disclosure would be fair and lawful under Principle 1. Not all personal data will be exempt from disclosure. Sometimes there is a legitimate interest in the public knowing some personal data.

In Innes v Information Commissioner (EA/2013/0044) the FTT ruled that the reasons for a head teacher’s long-term sickness absence from his school did not have to be disclosed as they constituted personal data, but whether the head teacher was being paid a salary during his absence should be disclosed. As head teacher, the individual in question occupied a senior position of responsibility at the school. He was no longer performing an active function at the school and whether or not he was being paid from public funds during the period of absence and inactivity is a legitimate matter of public interest and one which outweighs his right to privacy.

Personal Data under section 40 has the same meaning as in Section 1 of the Data Protection Act i.e. it has to be information, which relates to a living identifiable individual. The requested information does not always have to include a name. Even job title information can be personal data according to the FTT decision in London Borough of Barnet v Information Commissioner and another (EA/2012/0261). Here the requestor wanted the job titles of council employees who had attended a meeting at a solicitor’s firm in respect of a major council outsourcing project. Referring to a Supreme Court decision (South Lanarkshire Council v The Scottish Information Commissioner [2013] UKSC 55), the FTT ruled that disclosing details of a job title held by more than one local authority official could constitute processing personal data if there was a chance of those individuals being identified. The test was whether the subjects could be identified, not just by an ordinary member of the public but, by a “motivated intruder” (including the requestor himself with all the other information at his disposal).

Continuing on the same theme, in Yiannis Voyias v Information Commissioner (EA/2013/0003), the FTT held that the London Borough of Camden was correct to refuse to disclose the number of hours its employees worked and how much overtime they were paid. It was satisfied that disclosure of this information would lead to the identification of individuals and would be unfair. Therefore section 40 applied.

Personal data in Building Regulations applications held by councils is not exempt under section 40 just because it relates to another person’s property. In James Henderson v IC EA/2013/0055), the appellant’s neighbour was carrying out renovations on the other side of their shared wall. This resulted in cracks on his side of the wall, followed by a steel beam coming through the wall. He asked Brentwood Council for details of the works, as a Building Control application had been made to them.

The FTT held that full details of a Building Regulations application was personal data; but disclosing this information would not contravene the First Data Protection Principle. Therefore, the exemption set out in section 40(2) did not apply and the information was ordered to be disclosed. The FTT disagreed with the Commissioner, who held that the data subject would have had a reasonable expectation of privacy in relation to the information. In doing so the FTT took account of the fact that (a) before starting any work the data subject was obliged to make a formal application to the local authority which meant that the property and the work would be subject to inspections by their officers, (b) the property was to be rented out rather than lived in by him; and (c) the work had a direct effect on his neighbour’s property.

The Freedom of Information (Scotland) Act 2002 has a specific exemption to cover a deceased person’s health record. There is no such exemption in the 2000 Act. Sometimes the section 41 exemption (Breach of Confidence) can be claimed.

Two recent Tribunal decisions again emphasise the importance of checking whether the requestor is the deceased’s appointed personal representative. In Webber v IC and Nottinghamshire Healthcare NHS Trust (GIA/4090/2012), the appellant had made an FOI request for information (including hospital records) about the death of her son in 1999. The Commissioner and the FTT upheld the decision to refuse on section 41 grounds. The Upper Tribunal also dismissed the appeal. It ruled that disclosure would entail a Breach of Confidence which was actionable after the patient’s death. The appellant was not the personal representative of the deceased even though she could have applied to become so.

The Upper Tribunal also found that there would not have been a public interest defence to the Breach of Confidence. It gave weight to the fact that some of the information sought would or could come into the public domain or be obtained in another way: a coroners’ inquest, or through an application under the Access to Health Records Act 1990. This allows for requests for access to information to be made by, amongst others, the patients’ personal representative.

When considering disclosure of a deceased person’s information, consideration has to be given to any wishes expressed by the deceased before their death. In Trott and Skinner v Information Commissioner (EA/2012/0195) (March 2013) the appellants requested information relating to the care records of their deceased sister. East Sussex County Council confirmed that it held a relevant care file but refused to disclose it on the basis that it was provided in confidence. The FTT and the Commissioner were satisfied that the section 41 exemption was engaged. The requested information was confidential, disclosure of which would be a Breach of Confidence. Amongst other things it took account of the fact that the deceased was given the opportunity to indicate (in her home care agreement) that she agreed to let the Council “share personal information on care with family members/friends listed below.” She did not sign her agreement or list anybody in the space provided. The Tribunal also heard that on several occasions she was given specific assurances that her information would be kept confidential.

Furthermore the FTT was satisfied that the Breach of Confidence would be actionable. This was despite the fact that the sisters were the next of kin of the deceased. They were not the personal representatives of the deceased though. Neither the council nor the Commissioner had enquired as to who was. On further inquiry by the Tribunal, it was discovered that there was a will and therefore an Executor who has standing to act as the deceased’s personal representative. There was no evidence of consent for disclosure under FOI from this Executor. Therefore section 41 was engaged and there was no public interest defence to the disclosure.

Give your career a boost in 2014 by gaining an internationally recognised qualification in FOI. Keep up to date with all the latest FOI decisions in 2014 by attending our FOI Update workshops.

Disclosure of Staff Names under FOI

Most_Popular_Male_Names

When considering request for information under the Freedom of Information Act 2000(FOI) public authorities often face a dilemma about disclosing names of staff.

Names are generally considered to be personal data, being information relating to living identifiable individuals (as defined by the Data Protection Act 1998 (DPA)). (Although one Information Tribunal (as it was known then) decision, Harcup v Information Commissioner and Yorkshire Forward (EA/2007/0058), ruled they are not. (See episode 11 of my FOI Podcasts for a full discussion of this decision). Therefore the exemption under section 40(2) (third party personal data) will have to be considered.

For this exemption to be engaged a public authority must show that disclosure of the name(s) would breach one of theData Protection Principles. Most cases in this area focus on First Principle and so public authorities have to ask, would disclosure be fair and lawful? They also have to justify the disclosure by reference to one of the conditions in Schedule 2 of the DPA (as well as Schedule 3  in the case of sensitive personal data). In the absence of consent, most authorities end up considering whether disclosure is necessary for the applicant to pursue a legitimate interest and, even if it is, whether the disclosure is unwarranted due to the harm caused to the subject(s) (condition 6 of Schedule 2)?

The seniority of the staff, whose names are being requested, will of course be a key factor in deciding whether disclosure is fair. The first Information Tribunal decision on this issue, back in 2007, (Ministry of Defence v Information Commissioner and Rob Evans (EA/2006/0027)) concerned a request made by a journalist for a staff directory which included the names and contact details of individuals working for the Defence Exports Services Organisation. The MoD refused to disclose the information citing, amongst others, the exemption under section 40(2).

The Tribunal ruled that that the MoD could only withhold names of staff if they are particularly junior (below Civil Service B2 Level), not immediately responsible for the requested information and their name is not already available elsewhere (or would be expected to be through their performing a public-facing duty); or there is a clear and demonstrable threat to that individual’s health and safety if their name is made public.

As is clear from the MoD decision, seniority is just one factor to be taken into account. Public authorities should avoid the blanket non-disclosure of the names of all officers below a certain level of seniority. When it comes to the disclosure of names, what matters is what work the individuals are doing, rather than their seniority or grade. If a person is in a front facing role and his/her name is already in the public domain, then it will be difficult to withhold it.

In 2008 another Tribunal decision (The Department for Business, Enterprise and Regulatory Reform v Information Commissioner and Friend of the Earth (EA/2007/0072) examined whether names of private sector employees attending a meeting should be disclosed as well as those of civil servants. The request was for information about meetings and correspondence between Ministers and senior civil servants in the Department of Business, Enterprise and Regulatory Reform and employees from the Confederation of British Industry. Some of the documents relevant to the request included references to individuals who had attended such meetings as spokespersons or as note takers or bystanders. The Tribunal summarised the position as follows:

a. Senior officials of both the government department and lobbyist attending meetings and communicating with each other can have no expectation of privacy. The officials to whom this principle applies should not be restricted to the senior spokesperson for the organisation. It should also relate to any spokesperson.

b. Recorded comments attributed to such officials at meetings should similarly carry no expectation of privacy.

d. In contrast junior officials, who are not spokespersons for their organisations or merely attend meetings as observers or stand-ins for more senior officials, do have an expectation of privacy. This means that there may be circumstances where junior officials who act as spokespersons for their organisations are unable to rely on an expectation of privacy;

e. The question as to whether a person is acting in a senior or junior capacity or as a spokesperson is one to be determined on the facts of each case.

f. The extent of the disclosure of additional information in relation to a named official will be subject to usual test i.e. is disclosure necessary for the applicant to pursue a legitimate interest, and, even if it is, is the disclosure unwarranted due to the harm caused to the individuals by disclosure? This will largely depend on whether the additional information relates to the person’s business or professional capacity or is of a personal nature unrelated to business.

In January 2011, the First Tier Tribunal (Information Rights) considered disclosure of names in Dun v IC and National Audit Office (EA/2010/0060). The disputed information concerned the NAO’s enquiry into the FCO’s handling of employee grievances of a whistleblowing variety. The Tribunal was clear that no blanket policy should apply, and that fairness depends on the particular responsibilities and information with which the case is concerned. This decision is discussed in detail in episode 21 of my FOI Podcasts.

Where there is a risk to staff safety if their names are disclosed, then the public authority will be right to err on the side of caution. In Wild v IC and Chief Constable of Hampshire Constabulary (EA/2010/0132) the Appellant requested the dates of pre-hunt meetings in the last five years and the names of police officers attending pre-hunt meetings with organisers of the Isle of Wight Hunt. The Police responded, providing dates, but refusing to disclose the names of the officers in attendance.

The Commissioner considered the section 40(2) exemption and concluded that the disclosure would result in a breach of the First Data Protection principle.  He accepted that the disclosure may lead to the harassment of the officers identified and consequently the disclosure would be unfair to those officers. The Tribunal upheld the Commissioner’s decision.

Don’t forget condition 6 of schedule 2 of the DPA. A public authority will have to consider whether disclosure of a name is necessary for the applicant to pursue a legitimate interest, and, even if it is, whether the disclosure is unwarranted due to the harm caused to the individual by the disclosure.

A more recent Tribunal decision (January 2013), McFerran v IC (EA/2012/0030) involved a police search of a property owned by Shropshire County Council. At the police’s request, two junior council officers were present, but they had not been involved in any of the decision-making. The requester wanted the names of the council officers as well as their immediate superior. The council refused, relying on s. 40(2).

The Commissioner ordered disclosure of the name of the more senior officer, but not of the two juniors. The Tribunal agreed with this decision and dismissed the requester’s appeal, observing that:

“although… there is clearly a legitimate public interest in transparency of activity by public authorities, which impinges on the personal freedom of householders, there is insufficient information provided to add significant weight to the general public interest in transparency in public affairs. The Appellant has not satisfied us, either, that his attempts to have the matter investigated are being thwarted by the absence of the names of the individuals in question. If there is sufficient information about the event to interest those responsible for an investigation the absence of names will not deter them.”

This decision illustrates that, when it comes to junior officials, the requestor will have to show that there is legitimate interest in knowing the names of officers where they are junior. A general argument about openness and transparency will not suffice.

In Armit v IC and Home Office (EA/2012/0041) the UKBA redacted the names of the officials in a document entitled ‘Tourist Selection Indicators and Selection Techniques’ which fell within the scope of the request. The Tribunal agreed with this approach, taking account of the requester’s failure to identify a legitimate interest in public disclosure of the names of those officials:

“We do not accept the argument that the officials would not have expected their names within the document to be made public and were not given compelling evidence of this. We were given no information as to their specific grading but they were described in the document as ‘lead contributer’ and ‘lead postholder’. They clearly have some responsibility in relation to the work.  We were given no compelling evidence that disclosing their names would result in victimisation, insult or any form of danger.  However, we do accept that the officials would prefer not to have their names identified and that might in itself represent a certain right and freedom or legitimate interests in itself. In any event, to process personal data, it needs to be necessary to pursue the purposes of legitimate interests pursued by others.  In this case, we do not find that the Appellant has shown any legitimate interest in the names of the officials being disclosed to the public under FOIA. We conclude that the information is therefore exempt from disclosure.”

Another recent Tribunal decision on the disclosure of names is Roberts v IC and Dyfed Powys Police Authority (EA/2012/0032).

The issue of disclosure of names pursuant to an FOI request is a difficult one. As can be seen from this discussion of Tribunal decisions, a number of different factors have to be weighed in the balance. A blanket approach will not work.

Whilst on the subject of names, does an FOI requestor have to give his/her real name? Read the answer here  as well as a really bad joke!

Ibrahim Hasan will be discussing this and other recent FOI decisions in the FOI Update workshop  on 13th March 2013.

Do you want an international recognised qualification in FOI?                           The ISEB Certificate in Freedom of Information  starts in Birmingham on 26th March 2013.

%d