Identifiability and the Unmotivated Intruder

It is not uncommon for public authorities who hold statistical data to decline to disclose specific figures in categories for which the number is fewer than five, on the basis of a fear that the number of affected people is sufficiently small that they are reasonably identifiable. In other words, they rely on section 40(2) FOIA to withhold the number.That approach has now been considered by the Upper Tribunal in Information Commissioner v Miller [2018] UKUT 229 (AAC). That case concerned a request to (what is now) MHCLG for their information supplied by local authorities on a range of homelessness statistics. In relation to parts of the dataset which related to five or fewer individuals, section 40(2) was relied on. The FTT disagreed in a decision on the papers and the ICO appealed.

The issue in such cases is not that the number is itself clearly and easily personal data. It is that the number, taken to together with other information available to a person sufficiently interested, might cause a person to be identified. Despite the apparent wording of section 1(1) of the Data Protection Act 1998, the possibility of identification may be by any other person to whom the disputed information is disclosed, which under FOIA, would be disclosure to the world. When determining whether information constitutes personal data because of the likelihood of identification, the approach to be applied by the FTT should be to take account “of all the means likely reasonably to be used either by the controller or by any other person to identify the said person”: see recital (26) of the Directive. This was confirmed in Department of Health v Information Commissioner [2011] EWHC 1430 (Admin) at [17] and [22] per Cranston J and in Information Commissioner v Magherafelt District Council [2012] UKUT 263 (AAC) at [56]-[68] per Judge Mullen. The approach of the ICO, broadly confirmed in Magherafelt, is to consider the identifiability on the basis of a ‘motivated intruder’ (and see too: Craigdale Housing Association v The Scottish Information Commissioner [2010] CSIH 43).

It was the application of this approach, rather than the correctness of it, which was primarily in issue before Judge Markus QC in Miller. The test, she paraphrased at [28], was “what are the chances of an individual being identified?

The problem for the ICO (and MHCLG) was, in the view of Judge Markus, that the relatively limited information available about the person’s homelessness application meant that very specific details would need to be in the knowledge of the motivated intruder. Having looked at more detailed information than that available to the FTT, she held that “the chance of a member of the public being able to identify the household and its members from the data is so remote as to be negligible”, a probability by no means enhanced by the fact that the data was about four years old at the point of the request: at [50]. She also held that it was “quite fantastical to suppose that, several years later, there would be anyone sufficiently motivated to try to identify an individual to which the data related”, particularly given its lack of attraction to the classic motivated intruder model of a journalist: at [52].

The Miller judgment is not, then, a significant legal development: the application of the established principles is essentially one of common sense having regard to the particular circumstances of the information in issue. But it is likely to be an important practical guide to authorities which regularly have to consider the release of statistical datasets.

Rupert Paines acted for the ICO.

Christopher Knight