Month: February 2011

LATE RELIANCE AND OTHER DEVELOPMENTS TO LOOK OUT FOR

Posted on | by Robin Hopkins

My paper from last week’s 11KBW Information Law Seminar contains a number of updates on important developments – both recent and imminent – at Upper and First-Tier Tribunal levels.

One of the most important concerns the contentious question of late reliance: in particular, is a public authority entitled to rely as of right on an exemption it raises for the first time before the Commissioner or even the Tribunal? The Upper Tribunal has recently answered with a firm “yes”: the decision in the joint appeals from the Tribunal decisions in Home Office v IC, and DEFRA v IC and Birkett (GIA/1694/2010 and GIA/2098/2010) can be downloaded here; see also commentary by FOI Man on his blog here. As I mention in my paper, however, the Upper Tribunal may have more to say on this matter very shortly (in an appeal involving the All Parliamentary Group on Extraordinary Rendition) – so watch this space for updates.

Another imminent Upper Tribunal decision to look out for is the case of Gaskell. concerns an appeal against a Decision Notice involving the Valuation Office Agency. In that Decision Notice, the Commissioner found that – notwithstanding the public authority’s unlawful withholding of the requested information – he would not be ordering disclosure because of events (in this case, the coming into force of new legislation) arising after the time at which the request was handled. The appeal invites the Upper Tribunal to find that the Commissioner has no discretion to make such a decision based on events subsequent to the relevant time for his assessment.

The High Court has recently confirmed that the “costs of compliance” for FOIA purposes does not include the costs of redaction: see Chief Constable of South Yorkshire v IC ([2011] EWHC 44 (Admin)).

Two notable EIR decisions are expected shortly, one at first instance in the GM Freeze case (which is expected to provide much-needed guidance on how widely the concept of “emissions” should be construed), the other by the Upper Tribunal in the Kirklees case (which is expected to clarify the question of imposing charges following a request to inspect information).

The latter case also saw this argument raised before the Upper Tribunal: a “purposive request” (i.e. one that takes the form “please provide me with the information I would need to answer the following questions”) is not a valid request for EIR and FOIA purposes.

Finally, the First-Tier Tribunal has recently heard an appeal by Channel 4, in which the appellant argued that contracts should be treated as whole, rather than severable documents, meaning that if part of the contract can be withheld, then the whole contract can also be withheld. The implications of this position would be substantial, so again – watch this space.

BIOMETRIC INFORMATION IN SCHOOLS

Posted on | by Timothy Pitt-Payne QC

In my post yesterday about the Protection of Freedoms Bill I referred to the provisions about biometric information in schools.  I asked why this subject had been singled out for attention in the Bill, and whether there was any evidence that the current situation  was unsatisfactory.

Action on Rights for Children (ARCH) have just posted on their website a very interesting briefing on the subject:  see here.  This is clearly an issue that has been of concern to ARCH for some years, and their paper gives an overview of developments since 2001.  ARCH welcome the proposal to introduce consent into the process of taking children’s biometric data, but suggest that ensuring any consent is valid and informed will present a considerable challenge. 

 

PROTECTION OF FREEDOMS BILL – A NEW DAWN FOR PRIVACY?

Posted on | by Timothy Pitt-Payne QC

This post is an extract from my presentation at 11KBW’s Information Law seminar last night.

The Coalition Government’s Programme for Government, launched on 20th May 2010, made a number of commitments relating to information law, including issues about privacy and data protection. It also stated that the Government would introduce a Freedom Bill. On Friday last week (11th February) the Protection of Freedoms Bill was duly published, with lengthy explanatory notes stating that it implemented 12 specific commitments in the Programme for Government.

As well as extending the Freedom of Information Act (“FOIA”) and giving effect to the hitherto mysterious “right to data” promised in the Programme for Government, the Bill addresses a number of other information law issues:

(i) the taking and retention of DNA samples and profiles and other biometric data;

(ii) use of biometric data in schools;

(iii) regulation of CCTV and other surveillance camera technology;

(iv) the use of RIPA by local authorities;

(v) the employment vetting system, in particular the role of the ISA and the system of CRB checks;

(vi) the retention of information regarding convictions or cautions for offences involving consensual gay sex with a person aged 16 or over; and

(vii) the appointment and tenure of the Information Commissioner.

On the face of it the Bill appears to be a privacy-friendly piece of legislation, with a number of provisions that reduce the amount of information held by public authorities or that limit various manifestations of the “surveillance society”. However, the approach has its limitations.

First, the Bill is something of a rag-bag.  For instance, why has the use of biometric technology in schools been singled out for attention? Is there actually any evidence that the existing DPA framework has not been coping with this adequately? There is little evidence in the Bill of a comprehensive attempt to think through issues about privacy: the impression is more of an attempt to address specific issues that have caused public controversy (e.g. employment vetting), created legal problems in Strasbourg (e.g. DNA retention), or otherwise caught the eye of politicians. Contrast the approach in New Zealand, for instance, where the Law Commission is conducting a comprehensive review of the law of privacy.

A second, related point is that the regulatory framework in this area is becoming increasingly fragmented. The Information Commissioner is responsible for the DPA. Other regulators deal with different aspects of privacy. The Office of the Surveillance Commissioners oversees the use of covert surveillance and covert human intelligence sources. The Interception of Communications Commissioner reviews the interception of communications, the acquisition of communications data and related issues. The Equality and Human Rights Commission also has a role to play in relation to article 8 of the Convention. Now in addition we are to have a Commissioner for the Retention and Use of Biometric Material and a Surveillance Camera Commissioner. A less scattergun and more considered approach to reform in this area might begin by looking at whether the time has come to introduce a Privacy Commissioner (perhaps by expansion of the existing ICO) to bring all of these various functions under a single roof.  See here for discussion along similar lines.

A third point is that the Bill is very much focused on the activities of the public sector as a potential threat to privacy. For instance, the focus is on public sector rather than private operators of CCTV systems. There is nothing that reflects contemporary debates about the use of personal information by credit reference agencies or social networking sites.