East Kent Hospital University Foundation Trust (EKHUFT) have released Susan Acott’s , the Chief Executive’s diary. It is not as open as Cllr Paul Carter’s diary released last month, and released almost in full, via a Freedom of Information request.
Both organisations have released their respective leaders diaries, meanwhile Folkestone & Hythe District Council elected leader – Cllr David Monk’s diary remains totally off limits to view, in clear breach of the Freedom of Information Act 2000 we believe.
EKHUFT have released Susan Acott’s diary for the period Oct 2017 – Nov 2018. Much of it has been redacted due to it potentially revealing, junior members of staff / non-public facing staff names, Locations & telephone details, Email addresses, names of Members of the public, Travel time, Annual leave.
When one compares Acott’s diary and what has been released against Cllr Paul Carter’s diary, it becomes abundantly clear there is NO consistency in the application of exemptions under Freedom Of Information.
Susan EKHUFT Chief Exec Cllr Paul Carter leader of KCC
That said, both EKHUFT and KCC may well apply exemptions, but they do not rule out entirely the release of their respective leaders diaries. For this their respective organisations, EKHUFT & KCC, should be applauded. However, the diary of Folkestone & Hythe District Council elected leader, Cllr David Monk, who is a great believer in transparency, believes his diary is off limits to the public. We firmly disagree.
While we are on the issue of Freedom of Information, many readers who use FoI have informed us that their FoI requests are being forwarded to departments with their names left on. The vast majority of FoI request should be passed onto the relevant departments and officers and be ‘applicant blind‘, ie their name removed. There are exceptions to this and these can be found in K v ICO EA/2014/0024.
We can be certain that requesters names are NOT being removed at Kent County Council, and that this has happened at Folkestone & Hythe District Council. To not remove the names of requesters (in most cases) is a breach of the General Data Protection Regulations. No if or buts.
However we would urge authorities to remain mindful of the applicant and motive blind principles behind the Act…
How FoI requesters’ details should be handled is a fraught one for FOI Officers.
Once a request is received it is logged and then forwarded by the FoI officer – ‘applicant blind’ – to the relevant departments. FoI request sent to departments should be applicant blind. However, we know this has and can put FoI Officers on a collision course with politicians and senior officials in their organisations. We personally know of FOI officers and other staff being bawled at by very powerful people because they refused to provide this information. We also know of individuals who have decided to leave public bodies after being put under pressure in this way.
“Managing FoI request involves handling personal data, and as such is subject to the rules set out in the GDPR. The first principle outlined in the GDPR requires data controllers to be transparent and elsewhere in the regulation individuals are given a right to be told how their information will be used. Article 13 of the GDPR specifies that certain information must be provided to individuals at the point their information is collected. This it appears many Public bodies are failing to do from the weight of evidence seen by the Shepwayvox Team
Public Authorities such as F&HDC (we use them as an example) collect information about FoI requesters. The Council process this information for various reasons throughout the course of managing it. The obvious reason for processing the information is to fulfill the obligations in the Freedom of Information Act by ensuring that the request is answered. However authorities such as F&HDC very often process information about requesters for reasons other than the purpose of answering the request. F&HDC might categorise requesters as journalists, citizen journalists, campaigners or private individuals, or discuss the request with colleagues elsewhere if they suspect the request may have been sent to multiple authorities. The principle of transparency in GDPR demands that applicants be informed about these activities.
The minimum information any authority who handle FoI or its sister EiR is expected to provide to any requester, is as follows:
Contact details for the authority and its data protection officer
details of what the information will be used for
a statement setting out the lawful basis for processing the data (the legal obligation to answer the request will be one: but alternative bases will be needed for supplementary activities such as those set out above).
details of who information may be shared with
details of how long information will be retained
a reminder of the applicants rights.”
This information can be primarily supplied via the organisations website, but FoI Officers should reasonably consider how to draw it to the attention of requesters when they make a request. A very simple and obvious way of doing this is to include a statement in any acknowledgement sent out, with a clear explanation in Plain English (to include any link) of how to access the relevant website page for further details.
Apart from the ‘applicant blind‘ argument there is a firm legal basis for restricting circulation of a requesters identity at the very least. The identity of applicants is personal information and must be processed in line with data protection laws. A requesters identity should only be revealed in very specific circumstances.
We hope that FoI Officers and all other officers within organisations which deal with FoI or EiR, remove requesters names in compliance with the law. No organisation, regardless if it is, KCC, EKHUFT or Folkestone & Hythe District Council are above the law.
The Shepwayvox Team
Not owned by Hedgefunds or Barons
None of the above is intended as legal advice, nor should be relied upon as such. If you have suffered from any of the matters raised in this blog post, you should seek legal advice from a qualified legal professional.