ICO

Twenty Years of FOI: A User’s Perspective (My presentation to the ICO)

An edited version of a presentation I gave last month for staff at the Information Commissioner’s Office about my perspective on FOI and the ICO. Many thanks to the ICO for asking me to address them.

Thank you very much for inviting me. It’s a pleasure to have this opportunity to share my thoughts on freedom of information from the user’s perspective.

That perspective goes back about 20 years or so, because I’ve been making FOI requests since the law came into force in 2005, primarily as a journalist. Before that I made requests under the previous system, the Code of Practice on Access to Government Information, a much weaker system than the FOI law we have today.

During my time at the BBC, I specialised in using FOI, both submitting requests myself and advising and training other journalists on how to use the law effectively. I left the BBC around four years ago, and since then I’ve written a practical guidebook for FOI requesters.

So over the past two decades I’ve seen a lot of FOI in practice, and when people ask me for an overall verdict on FOI – is it working well, or not? – I have sometimes described it as a ‘tale of two giraffes’.

Of the two giraffes photographed in this slide, one is in London Zoo, and the other is in Whipsnade Zoo in Central Bedfordshire. Three years ago I was doing some research into zoos, and I asked for the latest inspection reports on these two zoos, which should be a very simple FOI request.

Central Bedfordshire Council sent me the latest inspection report on Whipsnade within an hour. It was absolutely the way FOI should work.

Westminster Council, the council responsible for London Zoo in Regent’s Park, didn’t reply. After 20 working days. I sent them a chasing email. They didn’t reply to that. I had to complain to the ICO, and the ICO – thank you very much – did the usual thing of sending an email saying you must reply within 10 working days, and eventually five months after my request I got the report from Westminster.

So what one public authority had been able to do within less than an hour, it took another public authority over five months and the intervention of the regulator.

In other words, sometimes FOI works very well in practice, sometimes it works very badly. And obviously there’s also a lot of circumstances in between those two extremes. But the key point is that the experience of FOI as a requester is that it’s very varied. There’s both a positive side and a negative side.

The positive

Taking the positive side first, and looking back over the last 20 years, one of the very good things is the way that FOI has become well established as a tool that a lot of people use successfully.

This is a chart which I’ve compiled from government statistics. I don’t think anybody else, by the way, is analysing these annual statistics in the same way that I do, keeping track of them over every year going back to 2005. This shows how in terms of central government departments, for the first few years the number of requests increased quite steadily until about 2013. Since then the numbers have been fairly steady over the past 10 to 12 years or so, maybe 35,000 FOI requests annually to government departments.

As you know we’ve only got statistics for central government bodies. So this is only a very small sample of FOI requests. Yet even so it’s one way of showing that FOI has become well established.

However, that fact obviously hasn’t gone down well with some people. For example, Tony Blair, who said that introducing FOI was like giving people a mallet to hit him over the head with, and that it was one of his two biggest mistakes. He famously wrote these words in his memoirs about the introduction of FOI by his own government: “Freedom of Information. Three harmless words … You idiot. You naïve, foolish, irresponsible nincompoop … I quake at the imbecility of it.”

He’s not the only prime minister who disliked FOI. David Cameron complained about it. Theresa May was more measured in her memoirs, but also had criticisms. And Liz Truss said in her memoirs: “Constant questions about who you’ve met and why … innocent meetings are privy to the press and often deliberately misconstrued.” She does, however, from her point of view, get the chance to blame Tony Blair for it.

What I think about these remarks is that actually they show in a way that FOI is working, at least in some cases. FOI should sometimes be uncomfortable to people who hold positions of power. That’s part of the point of it. If people in power were always very happy about the way that FOI worked, then it wouldn’t really be doing its job. So these quotes from former prime ministers don’t put me off FOI, to my mind they strengthen the case for it.

It’s really quite striking how FOI has reached the level of use and acceptance where it would be pretty politically impossible for a government to seek to weaken the law significantly.

We can see what happened when sometimes they have tried to take certain steps in that direction. For example, the Cameron government set up a review, a Commission on Freedom of Information, which included people like Jack Straw and Michael Howard, former politicians who were thought to be very sceptical about FOI. I think the government at the time was probably hoping that this review would report and pave the way for some restrictions on FOI to be introduced.

But actually when the review looked at how FOI was working in practice (and I’ve got to say full credit to people like Jack Straw, who I know from my own conversations with him had had doubts about FOI), it concluded that the law was generally working well, that it enhanced openness and transparency, and there was no evidence that it needed to be altered. It came down against the suggestion that was around some time ago of introducing charges for FOI requests. In fact, the review even said that in some cases the right of access should be increased.

FOI has become well established, it’s difficult to change in principle, and it works well in practice for many people.

So what is the point of FOI? It’s not to hit Tony Blair on the head with a mallet. As far as I’m concerned, primarily as a journalistic user, its purposes are to find out the truth, to hold power to account, to expose wrongdoing, and to give the public useful information.

There are journalists who’ve made a lot of use of FOI, and others who do so more occasionally, who are trying to achieve these kinds of aims. If we look at a recent list from a website that aggregates news stories, which I searched for freedom of information stories, the selection here is about London’s dirtiest streets, Thames Water (that must be an environmental information request), banks and fraud reports, stories about universities, others about councils, a wide range of themes.

When I was at the BBC we did go to some lengths at some times to collate together on the website a lot of FOI stories that had been done across the organisation, and again what this illustrates is the range of different issues covered, a lot of them very local – health stories, stories about a particular NHS trust, often very much of use to people in the local community, police stories, home affairs, politics stories about what councils are doing, transport stories. One could go on, but it shows the tremendous wealth of topics that FOI enables journalists to find information about in the public interest.

So to give some context about journalistic use of FOI, what do journalists get from FOI requests?

First of all, FOI might directly get the news story – the FOI disclosure in itself is the story, the headline.

But that’s not always the case. Sometimes for us FOI is a piece in a jigsaw, it’s an element in the story. That’s sometimes because you have a case study and FOI gives you overall statistics or context. Sometimes it’s the reverse, you might have some overall context already, but with the use of FOI you can get information about particular examples that help to fill out the story.

Sometimes FOI obtains background information. It doesn’t end up getting reported directly, but it points you in certain directions. It enables you to decide what you’re going to research, it informs questions to put to people in interviews, it helps with how to find out stuff from contacts, and so on.

And of course sometimes you get nothing useful whatsoever. All of us who’ve put in a number of FOI requests have sometimes found that the outcome was nothing of any use.

To give some examples of all of this, here is a story I did some time ago when I was at the BBC about Prince Charles, as he was then, urging Tony Blair to meet campaigners against genetically modified food. Charles doesn’t like GM food and he was lobbying Blair as prime minister about the issue. This fits into the example of the disclosure as the news story.

I have to say on this example that it took me two years to get this information out of the Cabinet Office, and it took four rulings from the ICO at different points in that process. I’m grateful to the ICO for that, but it also shows the kind of attitude sometimes of the Cabinet Office. For example, first of all neither confirming nor denying that they held the information, then trying to insist it was not environmental information, and so on.

To give a different kind of example, here’s a story where the BBC had some case studies about people who were scammed into paying money to get COVID vaccines. It was the kind of thing that a lot of scammers piled into, trying to get money out of people by sending them bogus messages. But is it a big problem? Well, FOI enabled the BBC to get some kind of national overall context and say there’s over a thousand reports, people have lost nearly £400,000 to scammers through this scam, so it is a significant thing. That’s an example where FOI is a piece in the jigsaw, you’ve got the case studies and then you’ve also got overall statistics.

Next is a different kind of example of a story I did once, and this is one of my favourite examples of the success of FOI, for reasons which I’ll explain.

This is about which makes and models of cars are most likely to fail MOT tests. When I first requested this data from a Department for Transport agency, I was told that this information would not be released to me under the commercial Interests exemption, presumably because it would be damaging to the commercial interests of people who sold cars that didn’t do well. Again, I appealed to the ICO, and the ICO again ruled in my favour, forcing the Department for Transport agency to release this information, which I regard very much as in the public interest, as useful to potential car purchasers, knowing which cars are most likely to do well in MOTs and which aren’t.

This information is now released annually routinely as open data. In other words, what for 18 months the Department for Transport told me was so confidential it could not be disclosed is now released routinely and proactively. It’s a very good example of the benefits of FOI, transforming information that was previously secret into something which is released as a matter of routine.

Another instance of this is food hygiene reports, where again we had councils refusing to release food hygiene reports, and where again the ICO stepped in and ruled that it’s in the public interest for the public to know which food outlets have good food hygiene and which don’t. And this has now become information which the Food Standards Agency releases routinely as a matter of course. We have ‘scores on the doors’, so you can see on the outside of a restaurant how it’s doing.

That transformation has enabled journalists to do this kind of story – how do restaurant chains compare? To give the quick summary, if you want to go to a place with good food hygiene consistently across the country, when we did this study Nando’s had a satisfactory score everywhere. So you can’t say you don’t get useful information out of this kind of talk.

Another example I want to share illustrates the kind of information I think of as practically useful. This was a graphic I generated based on data from individual hospitals, showing A&E waiting times by hour of day and day of week. Each line represents a different hospital. The pattern is clear: if you turn up at midnight, any day of the week, you’re likely to wait much longer than if you arrive around eight o’clock in the morning.

That’s useful information, and yet it wasn’t being published at that level of detail by NHS England, even though it was collecting the data. I had to request it through FOI. Without the law, I wouldn’t have been able to obtain it.

The negative

So that’s some of what I see as the positive potential of FOI, and what I and others have achieved with it, but on the other hand FOI doesn’t always work well. Journalists frequently complain about delays and obstruction. Here’s a headline from the Press Gazette, the news trade website: ‘Freedom of Information in the UK sinks to new low’. This story is from 2024, last year, but you could probably find a version of that story in the Press Gazette every year. Because FOI still all too often doesn’t function as it should.

I first want to make a general point. Part of the problem is a broader shift in official attitudes. In the past there were more people in positions of power, contrary to the views of Tony Blair, stressing the benefits of openness and transparency. In the early years after the law came into force in 2005, there was rhetorical support from government for openness. Lord Falconer, the minister responsible for FOI at the time, attacked the ‘culture of secrecy’ – you don’t hear government ministers now saying that kind of thing.

Then under the Cameron government, the Cabinet Office minister Francis Maude was very keen on open data – which is not the same as FOI, but is part of a wider transparency agenda.

Again we don’t hear that from ministers today, that rhetoric about the benefits of transparency and openness. And this climate does have an impact on how public authorities behave, and in some respects they are more resistant to releasing information.

Here’s an example. Early on in the FOI period I obtained documents showing how the Metropolitan Police Special Branch had monitored the Anti-Apartheid Movement in the UK over 25 years. They were released in 2005. There is absolutely no way the Metropolitan Police would release that information today. In the early years of FOI they were generally more committed to transparency, and it’s an example of how things have deteriorated.

Sometimes I’m accused of being too cynical, so let’s take a look at what the chief executive of the Environment Agency, Philip Duffy, said at a conference last year: “I see these letters and these FOI requests and I’ve got great volumes of them, and I see local officers going through contorted processes not to answer when they know the answer and it’s embarrassing.”

This is a clear statement from the chief executive of the Environment Agency about how his officials behave, trying to avoid releasing embarrassing information. This is obviously a completely unsatisfactory state of affairs. It’s not only the Environment Agency, in some ways what we have here is Philip Duffy being more honest about how FOI sometimes operates than other public authorities often are.

Another example: a slide from internal Cabinet Office training on FOI. It says: “If you don’t want to appear in tomorrow’s newspapers, consider carefully what you send out.” That’s basically telling people don’t release stuff which is embarrassing, and it’s not what the law says. There’s no FOI exemption in the Act for “Stuff you don’t want to appear in tomorrow’s newspapers”. That should be a totally irrelevant consideration, yet here we have it appearing in the Cabinet Office guidance to staff on how to handle FOI requests.

I do think journalists in particular often have a problem with how their FOI requests are handled. To give just one example of the sort of processes that come into play, the Financial Conduct Authority guidance to staff on FOI explicitly states that approval for journalists’ requests must be “obtained from press office”. It’s very far from being the only body where this is the case, very far indeed, and I see two problems with this. First of all, it inevitably increases delay, because the reply has to be checked by the press office. But secondly, for people who work in the press office, their job is to protect the reputation of the organisation where they’re working. That is entirely separate from FOI considerations and they should not be involved in approving the answers to FOI requests.

This is another statistical analysis I’ve done, of how often internal reviews change initial refusals. Again, as far as I’m aware, I’m the only person who is analysing the statistics issued about central government FOI requests to this extent. This chart shows how often internal reviews overturn, partly or entirely, an initial refusal from a government department that information should be withheld.

It’s only because we have statistics for central government that we can do this. We don’t know what the position is for all sorts of other public authorities. But what we can see here is that maybe 20 to 25 percent, and perhaps increasing, of internal reviews overturn an initial refusal, partly or entirely.

You can look at this in two ways. One is to say that internal reviews are actually doing their job, scrutinising the initial decision. But I also think that this rate is surprisingly high, suggesting that very often at the initial stage people are refusing FOI requests in ways that they should not be. This isn’t even the ICO getting involved. This is just somebody else in the same organisation saying you should have released it, and I think it points towards an initial level of obstruction in some cases.

Now let’s look at how often the ICO overturns decisions made by public authorities. This is an analysis I did based on a dataset going back to 2005 which the ICO released last year. I don’t know to what extent this kind of analysis is done internally within the ICO or not.1

What I find really striking about this is how for some of these exemptions, the ICO overturns them so often. Taking the ones at the top, the economy and relations within the UK are not so often used, but commercial interests is a very frequent exemption used by public authorities to turn down requests. Yet of the cases that have been appealed to the ICO, basically in half of them the ICO has overturned it.

And there are other exemptions – future publication, policy formation and so on – where the ICO is very frequently overturning their use. What that really points to is a systemic issue that these exemptions are being overused by public authorities. And what the ICO in my view needs to do is draw attention to that and say there is a widespread problem of the overuse of certain exemptions.

I’m aware that the ICO has issues about resources and its level of casework. So if authorities could be stopped from overusing those exemptions, then that will be a way of reducing the level of casework that the ICO gets, and this is another reason why the ICO should be vocal in flagging the systematic overuse of certain exemptions.

The ICO

As I’m talking to the ICO, I should tell you my view of the ICO. This is what I wrote in my book: “Despite problems of resource constraints and significant delay (and the fact that I sometimes disagree with its decisions)” – we’ll come onto that later – “its existence is one of the strengths of the UK’s FOI system”.

When I’ve done training for journalists, this is one of the points that I make, that it’s a strength of the UK system to have an independent body which can overrule public authorities. That’s not the case in some other countries, and the ICO’s role is very valuable.

Let’s take some aspects of its FOI work in more detail. On delay, I very much welcome what the ICO has done over the past couple of years or so to speed up its consideration of complaints about FOI.

In contrast there was an extreme example back in 2009, when the ICO ruled in my favour on releasing the minutes of a Thatcher cabinet meeting about the Westland crisis, where it took the ICO four years to reach that decision. That’s ridiculous. It’s an extreme case, but when the ICO takes that sort of time, then public authorities have tremendous incentives to boot issues into the long grass, turning down requests for information on the basis that by the time the ICO rules, no one will care about it. A lot of progress has been made in speeding up the ICO’s procedures, and it’s vital that it doesn’t deteriorate again.

The fact that the ICO now prioritises certain FOI complaints with significant public interest is also a welcome and valuable step which enables the most important cases to be dealt with most quickly. Maybe the threshold for prioritisation is a bit too high and probably more cases should be prioritised, but in general it’s absolutely right to have done this.

I’m also very pleased by the way that the ICO is now taking serious regulatory action against recalcitrant public authorities. For example, the enforcement notices and practice recommendations served on numerous police forces recently and rightly, because the performance of the police in FOI terms has often been very bad, as has also been the case for various government departments, certain NHS bodies and so on.

It’s much more effective for the ICO to take this kind of regulatory action, issuing enforcement notices, than the kind of situation that we used to see beforehand.

Take this example that I wrote about the Cabinet Office. You would have this flow of decision notices from the ICO referring to Cabinet Office delays as being unacceptable, unhelpful, extreme, protracted, considerable, unsatisfactory, excessive, prolonged, severe. One decision notice after another would say this, but nothing ever changed by just issuing decision notices where it says in passing that delays are unacceptable.2

In contrast taking proper regulatory action and issuing enforcement notices is the best way to achieve change from the most recalcitrant public authorities, and I’m very glad to see that the ICO has been doing that.

However, I’m not going to say that everything about the ICO is completely marvellous. I’m pleased about reducing delays, I’m pleased about the prioritisation, I’m pleased about the enforcement action. But I do think there is an issue about the quality of certain ICO decisions, and there are decisions where the ICO does not really address properly the balance of the public interest.

This includes recent cases where I’ve been successful in appealing ICO decisions to the First-tier Tribunal.

One example involves the House of Lords Appointments Commission and the citations provided for some of Boris Johnson’s appointments to the Lords. In my opinion it’s overwhelmingly in the public interest that the public knows what are the official reasons given for why people are put in a legislative assembly. The tribunal agreed with me on that point3 that the citations should be public. So the House of Lords Appointments Commission was forced to reveal them.

I was disappointed, however, that I needed to appeal to the tribunal in order to achieve this. This is a case where the ICO should absolutely have said it’s in the public interest for this to be out in the open, and people could then assess for themselves the reasons that Boris Johnson gave as to why people should be members of the House of Lords with the right to decide on laws everyone else has to abide by.

That’s one example, and another occurred just last month when the First-tier Tribunal ruled that I should be given information in a Cabinet Office case where the ICO had ruled against me on a public interest test.

The tribunal said: “The tribunal shares the appellant’s view that there is a strong public interest in upholding standards of good decision-making, transparency and integrity in public administration … In the tribunal’s assessment, the withheld material is relatively benign and does not contain candid or controversial exchanges. The tribunal finds that the Cabinet Office’s concern over inhibiting future frank advice is overstated and not supported by the content of the material in question.”4

Here we have another example of the ICO in my view not taking a strong enough stance on where the balance of the public interest lies, and then the tribunal has to step in. That means extra work for me as the requester to appeal to the tribunal, but it’s also extra work for the ICO, which then ends up trying to defend an untenable position at the tribunal, costing a lot of time and money, as well as being against the public interest.

I know there are other cases where the ICO has taken a position which has annoyed the Cabinet Office. But I think it doesn’t do that often enough, and the ICO should be more prepared to stand up to the Cabinet Office on cases like these.

Finally, I wanted to make one other point, and this goes back to what I was saying earlier about the public debate about open government. I’d like to see the ICO now speaking out more about the broad advantages of transparency. We need to be hearing the voice of the ICO more often in public discussion.

To give one specific example, a government policy document issued last year states that it’s going to extend the FOI Act to private companies that hold public contracts, and that the government will take this forward “in due course”. So it’s publicly committed, but we’ve no idea when it will actually do this, or even if it will really happen. It’s not in the current legislation.

This is the kind of thing that in my view the ICO should be talking about now. It should be stepping into this discussion and saying this is an important and valuable change that is needed, because so many services are contracted out in the way that our public sector now operates.5

I’ve left time for questions. Thank you very much indeed.

——————————————————-

1 During the Q&A session afterwards I was told that the ICO does do this analysis itself.

2 On the day after I delivered this talk, the ICO announced it was issuing a practice recommendation against the Cabinet Office due to its FOI delays.

3 ICO staff are keen to point out that the tribunal did not agree with me on everything and upheld some other parts of their decision.

4 The material in question can now be found here, if you want to decide for yourself whether its release will damage free and frank discussion in the civil service in future.

5 In the Q&A I was reminded that the ICO has issued a report on this topic, but the point I made was that this was done back in 2019.

Twenty Years of FOI: A User’s Perspective (My presentation to the ICO) Read More »

FOI: Which complaints are upheld by the ICO?

Freedom of information requests can be rejected for a range of reasons, but some are much more likely to be overturned by the Information Commissioner’s Office than others.

The details of this are made clear by my analysis of a dataset recently released by the ICO covering nearly 22,000 decisions issued by the information rights regulator since FOI came into force.

For example, the ICO has upheld nearly half the complaints received from information requesters against FOI refusals linked to protecting commercial interests. But it has upheld only one in six objections to refusals based on international relations.

This table shows, for each of the legal grounds for dismissing FOI requests, the number of complaints about that reason which the ICO has ruled on and the percentage which it has upheld (ie backing the requester and overriding the public authority).

Subject matter
(section of FOI Act)
Number of
complaints
Percentage
upheld
The economy (29)2756
Relations within UK (28)1753
Commercial interests (43)101047
Future publication or research (22/22A)21344
Health and safety (38)11942
Policy formation (35)62238
Already accessible (21)33236
Effective conduct of public affairs (36)96735
Audits (33)3834
Confidential information (41)60534
Law enforcement (31)86030
Vexatious or repeated (14)149823
Investigations (30)31821
Personal data (40)309718
Monarchy and honours (37)18118
Defence (26)4117
National security (24)29917
International relations (27)29216
Legal privilege (42)50716
Otherwise prohibited (44)40614
Cost (12)149112
Court records (32)1088
Security bodies (23)3047
Parliamentary privilege (34)120
Source: Martin Rosenbaum, based on ICO data

Or in chart form:

So during FOI’s two decades of operation, the ICO has been much happier to overrule public authorities on matters like commercial interests and policy formation than on topics like defence, security and international affairs.

My analysis uses three spreadsheets with details of ICO rulings which were recently disclosed via the What Do They Know website, in response to a request from Alison Benson. The spreadsheets list the ICO’s formal decision notices from the first one in 2005 until last month.

The ICO maintains that it provided this material voluntarily ‘on a discretionary basis’, arguing that the information would be already available through its routine publication of decision notices.

However the supply of these three files makes the statistical analysis of ICO rulings much more practical than by trying to process all the individually published decisions. The ICO’s release of this dataset is therefore a positive and welcome step in terms of its own transparency.

Environmental information

Note that my analysis excludes environmental information, which falls under a different law, the Environmental Information Regulations. The EIR exceptions do not exactly correspond to the FOI exemptions, so the data cannot be combined.

The numbers of EIR cases are fewer than for FOI, but a similar pattern emerges. Thus the ICO has more frequently overruled public authorities when they base an EIR refusal on commercial confidentiality or the internal nature of communications, rather than when authorities rely say on protecting the course of justice.

Delay

It is also possible to analyse aspects of the dataset in more detailed ways. Here is one example.

This table shows the 15 public authorities against whom the ICO has most often upheld complaints about delay in processing FOI requests (under section 10 of the FOI Act), and how many times this has happened since 2005.

Public authorityUpheld complaints
about FOI delay
Home Office303
Ministry of Justice173
NHS England162
Cabinet Office161
Dept of Health and Social Care84
Metropolitan Police82
Dept for Work and Pensions79
Foreign Office74
Sussex Police74
BBC60
Ministry of Defence58
Dept for Education54
Wirral Council43
Croydon Council39
Information Commissioner’s Office35
Source: Martin Rosenbaum, based on ICO data

On this measure the public authorities with the biggest record of delay since FOI was implemented are the Home Office, the Ministry of Justice, NHS England and the Cabinet Office.

Ironically the authority which comes 15th on this list of shame is the ICO itself! This is clearly a very bad record for an organisation which should be setting a good example of prompt compliance with the law, but at least as a regulator it has been willing to point out its own failings.

Notes: 1) My analysis amalgamates bodies which at some point since 2005 had some change of name or scope but remained essentially the same organisation (eg NHS England with NHS Commissioning Board; Department of Health and Social Care with Department of Health). 2) The ICO is thoroughly and annoyingly inconsistent when naming authorities (eg sometimes using ‘Metropolitan Police Service’ and sometimes using ‘Commissioner of the Metropolitan Police Service’. I hope I have spotted all such instances and combined the figures accordingly, but it is possible I have missed some.

FOI: Which complaints are upheld by the ICO? Read More »

The ICO’s tougher FOI enforcement policy 

This article was originally published on the website of Act Now Training, which provides training and consultancy on information law and governance.

Last month the Information Commissioner’s Office announced it was issuing another two Enforcement Notices against public authorities with extreme backlogs of FOI and EIR requests; the Ministry of Defence and the Environment Agency. From the published notices it is clear that both authorities had consistently failed to tackle their excessive delays, despite extensive discussions over many months with the ICO.

The ICO also issued Practice Recommendations, a lower level of sanction, to three authorities with a poor track record on FOI; Liverpool Council, Tower Hamlets Council and the Medicines and Healthcare Products Regulatory Agency. This brings the total of Enforcement Notices in the past year or so to six, and the number of Practice Recommendations to 12.

As Warren Seddon, the ICO’s Director of FOI, proclaimed in his blog on the subject, both these figures exceed the numbers previously issued by the ICO in the entire 17 years since the FOI Act came into force.

From my point of view, as a frequent requestor, this is good news. For requestors, the ICO’s current activity represents a welcome tougher stance on FOI regulation adopted by Seddon and also the Commissioner, John Edwards, since the latter took over at the start of last year.

Under the previous Commissioner Elizabeth Denham, any strategic enforcement regarding FOI and failing authorities had dwindled to nothing. The experience of requestors was that the FOI system was beset by persistent lengthy delays, both from many authorities and also at the level of ICO complaints.

The ICO’s Decision Notices would frequently comment on obstruction and incompetence from certain public bodies, as I reported when I was a BBC journalist, but without the regulator then making any serious systematic attempt to change the culture and operations of these authorities.

Under Denham the ICO had also ceased its previous policy of regularly and publicly revealing a list of authorities it was ‘monitoring’ due to their inadequate processing of FOI requests. Although this was in any case a weaker step than issuing formal enforcement notices and practice recommendations, in some cases it did have a positive effect.

Working at the BBC at the time I saw how, when the BBC was put into monitoring by the ICO, it greatly annoyed the information rights section, who brought in extra resources and made sure the BBC was released from it at the first opportunity.

On the other hand, other public authorities with long-lasting deficiencies, such as the Home Office and the Metropolitan Police, were kept in ICO monitoring repeatedly, without improving significantly and without further, more effective action being taken against them.

The ICO’s FOI team has also made important progress in the past year in rectifying its own defects in processing complaints, speeding things up and tackling its backlog. This led to a rapid rush of decision notices.

One result is that delay has been shifted further up the system, as the First-tier Tribunal has been struggling to cope with a concomitant increase in the number of decisions appealed. I understand that the proportion of decisions appealed did not change, although I don’t know if the balance between requestor appeals and authority appeals has altered.

Another consequence has been that decision notices now tend to be shorter than they used to be, especially those which support the stance of the public authority and thus require less interventionist argument from the ICO. Requestors may need to be reassured that the pressure on ICO staff for speedier decisions does not mean that finely balanced cases end up predominantly being decided on the side of the authority.

More generally I gather there is some concern within the ICO about its decisions under sections 35 and 36 of FOI, to do with policy formulation and free and frank advice, that some staff have got into a pattern of dismissing requestors’ arguments without properly considering the specific circumstances which may favour disclosure.

As part of its internal operational changes, a few months ago the ICO introduced a procedure for prioritisation amongst appeals and expediting selected ones. I have seen the evidence of this myself. A complaint I made in April was prioritised and allocated to a case worker within six weeks and then a decision notice served within another six weeks (although sadly my case was rejected). All done within three months.

On the other hand a much older appeal that I submitted to the ICO in May 2022 has extraordinarily still not even been allocated to a case worker 15 months later, from what I have been told. This is partly because it relates to the Cabinet Office, which accounts for a large proportion of the ICO’s oldest casework and has been allowed a longer period of time to work through old cases.

It is interesting to note that the ICO does not proactively tell complainants that their case has been prioritised, even when they have specifically argued it should be at the time of submitting their complaint.

The ICO wants to avoid its staff getting sucked in to disputes about which appeals merit prioritisation. If you want to know whether your case has been prioritised, you have to ask explicitly, and then you will be told.

The ICO has not yet officially released any statistics about the impact of its new prioritisation policy. However I understand that in the first three months about 60 cases were prioritised and allocated to a case officer to investigate within a month or so. This is a smaller number than might have been expected.

Around 80 percent of these were prioritised in line with the criterion for the importance of the public interest involved in the issue. And about 60 percent of decisions to prioritise reflected the fact that the requestor was in a good position to disseminate further any information received, possibly as a journalist or campaigner.

In most of the early decision notices for prioritised complaints the ICO has backed the authority and ruled against disclosure. So if you are a requestor, the fact that the ICO has decided to prioritise your appeal does certainly not mean that it has reached a preliminary decision that you are right.

The ICO’s tougher FOI enforcement policy  Read More »

ICO sets out new targets for improvement

Information Commissioner John Edwards launching his new strategy

John Edwards is clearly adapting to life in the UK, seven months after he arrived here from New Zealand to take up the role of Information Commissioner.

Launching his three-year strategic plan for the Information Commissioner’s Office yesterday, he succeeded in saying ‘day-ta’ most of the time, although he did manage to come out with at least one ‘dar-ta’.

While data protection (however pronounced) is certainly the main focus of his attention and indeed the dominant activity within his budget, the new Edwards plan is also important for those concerned about the FOI side of the ICO’s work.

To his credit Edwards has recognised publicly as well as privately that the substantial delays in the ICO’s handling of FOI complaints are not acceptable. In his speech he said that the administering of FOI law ‘requires fundamental change, and that change has to start in my office’.

He and his team have also shown a welcome willingness to engage with the FOI community and discuss (in his words) ‘how we fix a system that clearly needs fixing’.

As the ICO leadership itself recognises, things are now at the stage where requesters need to start seeing practical results rather than just hearing expressions of intention.

As part of its plan the ICO announced new objectives for its work on handling complaints under FOI law and the Environmental Information Regulations (EIR). These include:
• ensuring that less than 1% of its caseload is over 12 months old
• reaching a decision on 80% of complaints within six months
• ensuring that 66% of tribunal appeal decisions go in the ICO’s favour

The current serious casework delays are illustrated by new up-to-date statistics which the ICO also released yesterday, with a commitment to do this regularly.

This is a valuable improvement, because in recent periods the ICO has only been publishing an inadequate series of datasets which are outdated, patchy and limited to closed cases.

The latest figures (for end of June 2022) show that 7.2% of active cases were over 12 months old. The ICO had reached a ‘first decision’ within six months on only 67.7% of cases.

The new dataset of open casework reveals that the ICO is still investigating one complaint relating to Brent Council nearly 26 months after it was made in May 2020.

There are 25 FOI/EIR cases that were still unresolved over 18 months after they were received. Of these, one of them actually involves a complaint about the ICO itself.

But the public authority which features by far the most frequently in these long-delayed cases is the Cabinet Office, which accounts for nearly half of them – 11 of the 25 involve complaints about its refusal to supply information requested. It is not clear whether this is because the Cabinet Office handles especially tricky issues or whether it is particularly slow and difficult about cooperating with ICO investigations, or indeed both.

As for the ICO’s performance objective for when its decisions are appealed by dissatisfied requesters or authorities, I have done a very quick analysis of tribunal cases so far this year, and the target of 66% appears pretty close to the current success rate. My rough calculation produced a figure of 68% (it is based on the summary outcome listed on the tribunals website without checking the details of individual cases).

ICO staff accept that some of their decision notices will inevitably get overturned, but there is always a risk that faster processing of cases can lead to more reversals later.

The ICO says its new approach will include more active prioritisation of significant cases and greater attempts at speedy resolution of disputes without the issuing of a formal decision notice.

For the ICO to improve its FOI casework handling is important and will be a relief to frustrated requesters.

However it is essential as well for the ICO to tackle the crucial systemic issues of poor performance on FOI by numerous public authorities. This week the ICO also released a new framework for regulatory action.

While it is understandable that ICO staff wanted to have this revised policy in place before implementing a tougher stance, it is unclear for the moment how much tenacity will be deployed in carrying out its series of measures and enforcing better standards.

One early promising sign could be the practice recommendation it delivered this week to the Department of Health and Social Care, reprimanding the department over its failure to properly search non-corporate communication channels when responding to FOI requests.

In the Q&A session at the launch I raised one particularly egregious example of FOI deficiency, the fact that in the latest set of government statistics the Department for International Trade had breached the legal deadline for replying to requests an extraordinary 55% of the time.

I asked Edwards what more evidence he would need before taking enforcement action against a badly performing authority and he replied simply: ‘None’.

If this does indicate a much firmer attitude is being adopted, that then is good news and will be strongly welcomed by requesters pursuing their legal rights to information.

I understand the ICO has taken up the issue directly with the DIT. But how persistently determined it will actually be in tackling this sort of blatantly inadequate FOI record remains to be seen.

Edwards announced that he had persuaded government to set up a cross-Whitehall senior leadership group to drive improved compliance on data protection within the civil service. There is some hope within the ICO that this could in future be extended to cover systemic issues of government FOI compliance too.

Unlike his predecessor Elizabeth Denham whose extent of contact with the Cabinet Office had become minimal by the end of her tenure, Edwards says he’s happy with the level of engagement he has been getting from the Cabinet Office.

Edwards also stated that the ICO will be publishing its internal staff training materials on both FOI and data protection, and this is expected to happen soon.

The ICO has initiated a consultation exercise on the three-year plan. If you want to express your views, you can do so here.

ICO sets out new targets for improvement Read More »

The perils of @JCE_IC

From the internal briefings prepared for the new Information Commissioner John Edwards, it’s clear there has been rather a lot of angst among his senior colleagues about how he conducts his personal Twitter feed.

His account’s tone was casual and folksy when he was New Zealand’s Privacy Commissioner, combining some serious policy points with jokey remarks, funny videos and cultural criticism, while slipping into the occasional political controversy. As I said when I wrote about it before, I like its friendly informality, but I’m not at all surprised that his new cautious-minded colleagues seem deeply wary about the ‘risks’.

The induction documents recently released under FOI reveal how the ICO management assembled a battery of arguments and research to try to persuade him to adopt a more corporate approach for his tweeting.

They fear that his unofficial posts could be seen as the ICO’s organisational view and policy – perhaps they’re thinking of the time he described Facebook as ‘morally bankrupt pathological liars’.

They’re worried that his personal tweets could be ‘misconstrued’ – perhaps they saw the time he pointed out that a New Zealand opposition politician sent emails in comic sans.

They’re concerned that he could be seen as endorsing individuals or sub-tweeting – linking to a Guardian article that’s seven years old to explain to him the tricky etiquette of sub-tweeting.

They certainly don’t want him conversing with other Twitter users or getting involved in Twitter spats, recommending he should ‘reduce or limit interaction with other Twitter users’.

They warn him that ‘UK media have form of going through old tweets to try and find content that could be used critically’ and so maybe he should delete some of them, though obviously I worked through his back catalogue ages ago.

They would like him to change his Twitter bio so that it directs enquiries to @ICONews, but that hasn’t happened – yet.

And naturally they want him to focus his feed on ICO work and events, and tweet about this in a timely way. They’ve done their research and thus can draw attention to the anodyne content of the personal Twitter feeds of various other heads of UK public agencies – who are largely content to retweet their organisations’ press statements, with a little extra stuff on the wonderful work of whichever outpost they have just visited, perhaps a picture of some conference they’ve spoken at, and minimal interaction with anyone else. This familiar flow of earnest tedium is presented as ‘good practice’ in corporate social media.

Still it’s not all negative – they point out that the @ICONews Twitter account has ten times the followers that Edwards has personally, and therefore they ‘can help to grow’ his follower base.

Has it changed the tone of his tweets? Maybe Edwards is being a bit more careful and corporate, but we’re still getting the muppet videos and the cautionary tales of how to behave on trains.

The perils of @JCE_IC Read More »

Inducting Mr Edwards

John Edwards (Photo credit: PrivacyMaven – CC BY-SA 4.0)

In New Zealand they’re called BIMs – Briefings to Incoming Ministers – and it’s routine for these induction documents explaining background and policy options for the new office-holders to be published. It’s one example of how NZ outdoes the UK on government openness in policy formulation.

So perhaps the new Information Commissioner John Edwards, a New Zealander, was not surprised that someone (not me, by the way) put in a freedom of information request for the internal briefings he received on taking up his post in January.

In response the ICO has now released a large batch of material covering 21 documents – there’s a lot to read when you want to be someone – and it sheds some fascinating light on the thinking within the organisation’s senior management team.

One point first: Anyone familiar with how FOI works in practice will note that the ICO has disclosed some internal discussion points which many UK public authorities would have sought to keep secret, claiming it would harm the free exchange of views (until the ICO overrules them several months later if the requester bothers to complain). Of course they’ve acted rightly in line with the public interest and set the correct example by releasing this material, but still credit to them for doing so. (Some information has been withheld, to protect frankness of discussion, their investigations, international relations, and legal advice.)

While much of the content is about data protection, and there’s some revealing analysis on the ICO’s overall strategy, I’ll focus on my interest, which is the FOI side of their work.

The ICO is clearly very sensitive to two common criticisms. Firstly, that it concentrates on data protection and privacy issues at the expense of FOI. Secondly, that it has failed to tackle the substantial and apparently growing delays affecting its FOI appeals casework – many complainants are now told they will have to wait nine months just for their appeal to be allocated to a case officer.

This can be seen in the briefing paper on developing FOI strategy. It argues against a simple focus on casework and enforcement with limited involvement in policy debate, largely because that would play into fears about the ICO neglecting FOI and encourage the view that FOI responsibilities should be given to another organisation.

The briefing papers also contain numerous references to the knock-on problems stemming from the ICO’s inability to stay on top of its FOI appeals caseload (which involves complaints about the handling of FOI requests by other public bodies).

The FOI strategy paper acknowledges that the delays in complaint handling ‘do understandably draw criticism’, although it argues the ICO is ‘hampered’ due to available resources. It also accepts that the ICO’s current enforcement powers are ‘arguably underused’.

A draft communications plan for the new commissioner’s ‘first 100 days’ is revealing when it expresses worry about initiating a campaign for Edwards to speak out about the ‘continued value’ of FOI. The fear is of resultant publicity risks, namely ‘poss criticism around a significant casework backlog’.

I have to confess that on this point the ICO comms team have got people like me bang to rights. When the ICO press office drew attention to Edwards talking about the benefits of FOI in a media interview, this is indeed the theme I picked up on.

This briefing also notes concern that it could open up questions of charging for FOI requests, a topic Edwards surprisingly raised at his select committee appointment hearing, to the consternation of openness campaigners. He later told me that it was an ‘off the cuff response’ linked to his experience in New Zealand. But the paper also argues this would be an ‘opportunity to set record straight and keep civil society stakeholders at bay for a while’.

Another campaign idea considered is one to ‘highlight how FOI has informed public debate’ and ‘remind people how to make FOI requests’. But the document again points out a possible downside for an organisation which can’t handle its current caseload: generating more FOI requests would ultimately put ‘increased pressure’ on the resources of the ICO.

A paper on overall strategic planning includes this for a ‘draft enduring strategic objective’: ‘We will not continue to simply grow the approach of dealing with more and more appeals with static or net reductions in grant-in-aid funding but will instead focus on encouraging public authorities to be more transparent and open, publishing more information routinely and so avoiding the need for the public to escalate appeals to the ICO.’

However, the notion that more routine publication will avoid ICO appeals is a futile and irrelevant hope. Proactive release of information is a good thing, but there is very limited overlap between the material organisations will willingly agree to publish routinely, and the contentious requests for material that requesters really want to access which reach the ICO.

What would cut ICO casework is getting authorities to adopt habits of responding on time and releasing the information that they should release, which needs tougher enforcement.

When Chris Graham became Information Commissioner in 2009, he made it his top priority to reduce the organisation’s then appalling FOI casework backlog. He felt it was necessary so that the ICO could speak with credibility and authority. By thoroughly reviewing processes and structures within existing resource levels, and bringing a spirit of determination that boosted morale and swept aside the fatalism of some staff, he succeeded.

These documents indicate how today’s ICO is constrained by its organisational failure to stay on top of its FOI casework.

There are other interesting themes to be gleaned from all the induction briefing papers, including:

  • A report on the backlog in the ICO’s own FOI requests (this is distinct to the backlog for complaints about other organisations), which says that by the end of June they expect to reach their target of answering 92% of requests within the legal time limit.
  • A paper from the ICO’s Parliament and Government Affairs department, its lobbying team, which states that one of PGA’s ‘important functions’ is to ‘facilitate any necessary engagement’ between government and the ICO’s enforcement and casework sections – which surprised me and suggests an uneasy crossover of internal roles for a regulator.
  • A list of what the management think the other ranks might ask Edwards at an initial all-staff Q&A session, from matters of top-level strategy to the vexed issues of car parking and will he base himself in Manchester or London;
  • A media guide containing the press office’s views, positive and negative, on certain journalists;
  • And a lot of unease about the new Commissioner’s personal Twitter feed, which merits a blog post of its own.

Inducting Mr Edwards Read More »

The ICO monitors the ICO

The information law regulator has reached an agreement with itself to hold a regular series of meetings with itself, so that its staff can check up on how its staff are doing on answering freedom of information requests.

One of the tasks of the Information Commissioner’s Office is to try to improve the performance of public authorities with a particularly bad track record on dealing with FOI applications, such as … the Information Commissioner’s Office.

Last month the ICO revealed it would writing to the, um, ICO, to find out about the ICO’s plans to do better in future and so avoid being further criticised by, yes, the ICO.

This has now happened, and in an unusually speedy response to my FOI request, the ICO has sent me the correspondence.

It reveals that in the first nine months of the current financial year, the ICO only responded to 71% of FOI requests on time. At Christmas there were three requests that were over a year overdue.

The group manager for complaints wrote to the head of corporate planning to say: “We cannot ignore the fact that we have had an increasing number of complaints reported to us about the ICO in relation to late compliance with information requests. Adverse media coverage and blogs have also reported on these issues … We are therefore requesting a formal update on your recovery plans”.

The reply says “We recognise our performance is not where it should be”.

The recovery plan has now been published on the ICO website. It says they are recruiting and reallocating staff, with the aim of ensuring that 90% of FOI requests are responded to on time by the end of June, while requests over a year overdue should be cleared by the end of February.

This is all to do with the FOI requests which the ICO itself receives, not the complaints it assesses about the processing of FOI requests sent to other public bodies. That side of the ICO’s operations is also affected by serious delays.

The disclosed correspondence shows that the complaints team will meet monthly with the information access team to review progress. All those who comment agree that the ICO should treat itself in the same way it would treat any other public authority with an inadequate record of compliance with FOI law.

It does seem somewhat absurd, but it is nevertheless better than alternative arrangements – such as the ICO not being subject to FOI requests at all, or not falling under the oversight of an information rights regulator, or being let off the hook by its own staff rather than publicly and embarrassingly rebuked.

On the other hand, this process wouldn’t be necessary if the ICO actually responded promptly and efficiently to information requests.

While this request was responded to quickly, another of my FOI requests has not had a reply from the ICO nearly three months after it was submitted.

The ICO monitors the ICO Read More »

John Edwards, the kindly stranger and the funny tweets

The new UK Information Commissioner, John Edwards, takes office today, after recently flying across the globe from New Zealand where he was Privacy Commissioner – and, as he reported on Twitter, encountering on arrival a kindly stranger at Gatwick airport who gave him a pound coin to unlock a luggage trolley.

However the UK’s FOI community are not convinced that Edwards himself will turn out to be a kindly stranger. Indeed his arrival in the post is regarded with some trepidation.

John Edwards (Photo credit: PrivacyMaven – CC BY-SA 4.0)

This is primarily because of the surprising and indeed disconcerting remarks which Edwards made in September to the House of Commons DCMS committee, at his pre-appointment hearing.

In the FOI section he quickly and without prompting raised the topic of what he called the “extraordinary administrative burden” arising from some FOI requests, and added that “it is legitimate to ask a requester to meet the cost of some of that administration, otherwise you see there is a potential for cross-subsidisation of people who are overusing or even abusing those rights”.

Edwards also expressed a distinct lack of enthusiasm for expanding freedom of information further for private sector bodies who are contracted to deliver public services – “I suppose extending FOI to cover those organisations would be one option”, he replied rather guardedly to this suggestion from an MP.

These statements are a contrast to the stronger pro-transparency stances adopted by previous UK Information Commissioners, who have opposed fees for freedom of information requests, defended FOI against rhetoric about “burden” and “abuse”, and advocated such a broadening of the FOI system.

Nevertheless, for those who like a more positive take, there is a more optimistic viewpoint. This is that Edwards was effectively talking about the situation in New Zealand rather than the UK.

From his remarks he seemed unaware of the tight legal cost limits that apply to FOI responses in the UK. These curtail the administrative effort and cap costs, and also push requesters (or at least the more effective ones) into making narrower rather than wide-ranging applications. Such specific limits do not exist in New Zealand, where the law instead does allow charging for some FOI requests but for a range of reasons public bodies often do not make requesters pay.

Possibly Edwards had briefed himself inadequately on the FOI part of his new role. But that could also turn out to be a problem, if it is symptomatic of a neglect of FOI.

This has already been a serious issue at the UK Information Commissioner’s Office, whose resources, public statements and high profile casework in recent years have increasingly been dominated by the data protection side of their responsibilities, to the detriment of their FOI work.

And in New Zealand as Privacy Commissioner for eight years, Edwards himself was focused on the data protection and privacy field. The country’s freedom of information system is enforced by a different regulator, the Ombudsman (Edwards worked there much earlier in his career).

However, there are some positive views on government transparency in the personal blog Edwards wrote when a lawyer in private practice, before becoming Privacy Commissioner.

In one 2011 piece he argued for the disclosure of free and frank policy advice as “precisely what the electorate needs”. In 2012 he praised the release of briefings for incoming ministers, even if this meant they were then written with a view to public consumption, on the basis that “officials should prepare advice that to the greatest extent possible can stand up to public scrutiny”.

The disclosure of internal government policy advice and especially cabinet papers, particularly once decisions have been taken, has gone much further in New Zealand than under FOI in the UK (although journalists there are still not happy about what they don’t get). If it turned out that Edwards actually wanted to import some of that culture and practice from back home into the UK FOI system it could have a big effect on the role of the ICO.

(Incidentally, his blog also reveals that the Gatwick luggage trolley incident was not the first time he was saved financially by a helpful representative of Britain. As a young budget traveller he once faced a tricky situation with some Bolivian officials who demanded an extortionate sum to stamp his passport. Fortunately he was rescued by the intervention of the British Consul and her insistence on “bureaucratic banalities” – she maintained that any such payment would need a receipt, which for some reason the law enforcers of La Paz were reluctant to provide. And whether for good or ill, Edwards is now about to encounter more of the bureaucratic banalities of the British state).

Ensuring that freedom of information does get enough attention from his office and is pursued with energy and commitment is one crucial challenge facing the new Commissioner. Another is rectifying the sorry state of how the ICO itself complies with FOI law.

The Privacy Commissioner’s office in NZ is subject to the information rights regime of the country’s Official Information Act (OIA). In the four-year period of 2017-21 it received 130 information requests, of which only one was answered outside the legal timeframe. And the Ombudsman’s office tells me that during Edwards’ tenure as Privacy Commissioner it did not uphold a single OIA complaint against the PC.

If Edwards can grasp the issue here with determination and replicate something like that sort of performance at the ICO it would indeed be a major achievement, but the ICO is a much bigger and more complex organisation with a much larger casework, and a very poor track record recently on handling its own FOI requests, which often gives the ICO the embarrassing task of rebuking itself.

In his valedictory office webinar in New Zealand, Edwards cautiously stressed the “constant tension” and “balance” between assisting organisations to achieve their objectives and being an assertive regulator and enforcer. That was in the context of data protection, but in the FOI area as well his impact will depend on which side of that balance he actually gives most weight to.

It will also rest on what is now his personal balance between seeing the world through the perspective of administratively minded state officials or that of a lawyer representing the individual rights of citizens.

One of his New Zealand habits that it looks like Edwards will maintain is his personal Twitter feed. Informal, folksy, casual and sometimes glib, its tone and content will be rather unusual for a top-ranking British public figure at a state regulatory body.

He has combined serious points on privacy policy and some later deleted stinging criticism of Facebook (“morally bankrupt pathological liars”), with comments on the latest cinematic releases, lots of jokey remarks and funny videos, and an occasional willingness to get involved in political controversy.

It sometimes caused him trouble in New Zealand, and unless he’s very careful I predict it will cause him more trouble here (in many ways I think that’s a shame, as I like his friendly informality, but that’s how things work), despite the proclamation in his pinned tweet below:

His recent “I could have been someone” tweet also captured above was presumably a Christmas reference to the lyrics of Fairytale of New York. Whatever deeper personal meaning may lie hidden in his gnomic expression we can only guess at. Still, if you meet him your opening conversational gambit could be “Well, so could anyone” (perhaps after you’ve offered him a pound coin).

What kind of “someone” will he turn out to be as UK Information Commissioner?

Somebody in New Zealand who has observed Edwards’ work closely over many years told me: “He genuinely cares about people’s well-being and that institutions are well governed”.

If Edwards wants to deliver on these two notions in the freedom of information field here, he needs to ensure (a) that people’s individual rights to access public sector information are enforced rigorously and assertively, defended against resistance and backlash, and ideally extended; and (b) that the ICO itself becomes a prompt and efficient and well-governed institution in handling information casework and requests.

We shall see. Meanwhile I find it difficult to imagine any of his predecessors as Information Commissioner so gleefully tweeting this video.

Update

John Edwards has responded to my blog above with the following comments on Twitter:

“I think any trepidation of the sort you mention, based as it is on a single off the cuff response at select committee, informed, as you say, by my NZ experience, is misplaced. I have always been a strong advocate for FOI, and will continue be in my new role.”

“Also, what you have characterised as “a distinct lack of enthusiasm for expanding freedom of information further for private sector” was more in the nature of a thoughtful pause to consider the various different ways that could be achieved.”

He also said: “I didn’t even know those old blog posts were still accessible!”


John Edwards, the kindly stranger and the funny tweets Read More »

ICO latest casework dataset

The incoming Information Commissioner will face a serious challenge in getting on top of the ICO’s increased backlog of FOI cases.

The ICO currently has 2,317 open complaints under the Freedom of Information Act and Environmental Information Regulations, according to the latest database of their open casework which I have obtained from them.

It shows 79 cases which the ICO has already taken over a year to process. Of these, nine concern complaints about the Cabinet Office and six about the Foreign Office, including several relating to the FOI exemption for security bodies.

The oldest case goes back over two years and involves Transport for London and the use of the cost limit exemption.

The ICO states this dataset for open casework can’t be directly compared to the active FOI caseload obtained from May by the Campaign for Freedom of Information, which listed 1,748 open complaints. The new dataset includes various cases not in that one, including EIR complaints, and also cases where the ICO is awaiting further information before launching an investigation – according to the ICO there is a “subtle difference” between what it calls its “active caseload” and its “open casework”.

The ICO says: “We have plans in place to address the rise in work over the coming financial year, particularly as the new staff we have recently recruited complete their training and ways of working return to normal.”

ICO latest casework dataset Read More »

ICO and the pre-pandemic delays

The latest performance data issued by the Information Commissioner’s Office confirms how the ICO was falling behind on dealing with FOI cases before the pandemic.

Yesterday the ICO released a new batch in its ‘proactive disclosure’ of monthly complaints data. This is somewhat old given it covers a period two years ago, from April to August 2019, but it does show how its record on processing FOI and EIR casework was deteriorating even before the disruption caused by Covid.

The average time taken on a case closed in this period which involved a decision notice was 176 days. Comparing this to the same 5-month timeframe in previous years where data is still available gives the following, according to my calculations based on the ICO datasets:

Average time taken to close FOI/EIR cases which involve decision notices:

Apr-Aug 2014: 142 days
Apr-Aug 2015: 122 days
Apr-Aug 2016: 141 days
Apr-Aug 2017: 158 days
Apr-Aug 2018: 159 days
Apr-Aug 2019: 176 days

Analysing the monthly complaints data demonstrates a disturbing pattern of increasing delay over these years.

From around 2017 the ICO started to deal more quickly with simple cases it could reject easily on procedural grounds (eg because the complainant failed to ask the public authority involved for an internal review before approaching the ICO). But the delays have got even longer for complaints which go to a formal ICO decision notice – and these would include the significant cases that really matter.

Since the pandemic took hold matters have of course got worse, as was revealed in data obtained by the Campaign for Freedom of Information.

There’s also a very useful analysis of numerous aspects of ICO operational data in this report by the researcher Lucas Amin for the campaign group openDemocracy.

The latest ICO annual report said: “There will be a focus on these matters as lockdown restrictions are lifted to be able to progress the oldest cases as soon as possible, nonetheless, there is an obvious effect on both those cases over 12 months old as well as the age profile generally. It is anticipated that this will be rectified in the medium term.”

What constitutes “the medium term” is not clear.

ICO and the pre-pandemic delays Read More »