Section 7(9) DPA is about privacy, not employment disputes

Posted on | by Robin Hopkins

Disputes about subject access requests under section 7 of the Data Protection Act 1998 only rarely make their way to the Higher Courts. The leading – and often bedevilling – case of Durant is, for example, now 9 years old. Given this scarcity of precedent from the High Court and Court of Appeal, up-to-date illustrations of the judiciary’s approach to the DPA are most usefully sought in County Court judgments – see for example Panopticon’s post on the case of Elliot v Lloyds TSB Bank from earlier this year.

The most recent notable judgment is that of the County Court (HHJ May QC) in Professor Karim Abadir v Imperial College.

The applicant is an eminent econometrics professor employed by Imperial and has been since 2005. In 2011, Professor Abadir took issue when another professor at Imperial began to assess the academic staff by means of subjective metrics. The applicant objected to this, considering those metrics to be inappropriate for the academic staff in his department, and sought disclosure of the discussions that had taken place prior to their implementation.  Aggrieved, he made a subject access request. He was given some information, apparently of the human resources variety in the main. He objected to the nature of some of the comments which had been circulated about him and took the view that some of the emails he sought had been deleted. Imperial informed him in July that it would be implementing an email system upgrade and change of server in August. The applicant feared that some of the emails he wished to obtain would be permanently deleted. He sought an injunction preventing the systems work and requiring Imperial to search for and disclose to him “every document where reference is made” to him, including in deleted files.

Professor Abadir’s application was refused for a number of reasons.

Two reasons were matters of form, in that they related to what was missing from the application. The application was “objectionable” on the grounds that the applicant had not specified the nature of the underlying claim he would bring in due course. Also, assuming the underlying intended claim to be under section 7(9) of the DPA, the Judge expected the applicant to provide a draft order specifying exactly what information or searches he sought. The applicant had not done so. Instead, he asked for “generalised search of all computer systems, to include deleted data”.

Two further reasons were fatal in substantive terms. One was that there was no evidence to support the claim that the systems work would lead to the permanent loss of relevant emails. In fact, Imperial’s evidence contradicted that. There was thus no urgency to justify granting an injunction.

The final reason concerned the purpose or motive behind Professor Abadir’s claim. It was confirmed that his purpose was “to obtain disclosure of documents for purposes of deciding how to frame and pursue against Imperial College employment grievances which Prof Abadir believes he has. Put this way, the process by which documents are sought, given the purpose to which they are intended to be put, is much more akin to an application for pre-action disclosure.  It is disclosure, not right of access to personal data, which Prof Abadir is really seeking from Imperial College.”

On this point, HHJ May QC concluded that “disclosure is sought is not for the purposes of protecting Prof Abadir’s privacy but for the purposes of pursuing a claim against his employer.  To use the provisions of the DPA to pursue such a purpose is an abuse: Ezsias v The Welsh Ministers”.

Unusually, the Judge also awarded the University costs on an indemnity basis. In part, this was because the applicant had failed to identify the underlying cause of action, or to contact Imperial to make enquiries about its server changes before issuing his application for an injunction. HHJ May QC also concluded as follows: “to the extent that the injunction was sought for the purposes of supporting an intended action for DPA disclosure, it was clearly misconceived.  To seek disclosure under the DPA for the purposes of considering an employment claim is an abuse.  In any event, as DPA proceedings are for the purposes of protecting privacy, deletion/destruction of documents would not be contrary to those purposes, quite the reverse.”

It is apparent, therefore, that Courts continue to be unimpressed by the pursuit of subject access requests motivated by prospective litigation, and that they tend to see privacy concerns (rather than employment grievances) as the underlying rationale for the right of access to personal data. This will be welcomed by many data controllers.

Anya Proops appeared for Imperial College.

Robin Hopkins

The Data Protection Act in defamation cases: increasingly relevant, potentially primary?

Posted on | by Robin Hopkins

The Data Protection Act 1998 is increasingly being deployed as part of a claimant’s arsenal in defamation claims. The Information Commissioner has historically resisted policing DPA breaches in the context of allegedly defamatory expressions of opinion by one person about another.

Courts, on the other hand, have accepted that expressions of opinion about individuals are (as the definition at section 1 of the DPA makes clear) personal data, and that the DPA can therefore bite. This has arisen, for example, in the context of Norwich Pharmacal claims seeking the disclosure of the identities of users posting allegedly defamatory material. See for example Applause Store Productions Ltd and another v Raphael [2008] EWHC 1781 (QB), on which Anya posted here.

The use of the DPA in defamation claims (or cases which, though brought under the DPA, look in substance like defamation claims) has, it seems, gathered momentum. In late 2011, Tugendhadt J gave judgment in a case about the ‘solicitors from hell’ website:  The Law Society and others v Rick Kordowski [2011] EWHC 3185 (QB), on which Rachel Kamm posted here.

Last month, the DPA was again successfully relied upon as founding an arguable defamation-type claim. Desmond v Foreman, Shenton, Elliott, Cheshire West and Cheshire Council and Cheshire East Council [2012] EWHC 1900 (QB), involved a cover teacher who was suspended and ultimately dismissed following allegations that he had conducted himself in an inappropriate sexual manner towards a sixth-form student. The case involved a number of communications: meetings to discuss the allegations; requests for information from the police and previous employers; referrals to the Independent Safeguarding Authority, and queries about his home situation made by an officer of one local authority to an officer at another.

The claimant contended that a number of these communications implied that he was actually guilty of and had actually committed various serious offences (including rape, of which he had been accused in 2001 but exonerated through court proceedings). He brought a defamation claim, also contending that the allegedly defamatory statements infringed his rights under Article 8 and the DPA (in particular, breaches of data protection principles 1, 2, 3, 4 and 6).

The defendants – two local authorities, a headmaster and two local authority officers – sought summary judgment. They said the communications complained of were no more than expressions of concern that matters needed investigating, they asserted qualified privilege (based on the performance of their public duties) and justification.

The judge – as in Kordowski, Tugendhadt J – dismissed the application for summary judgment in part, finding that the claimant’s case under Article 8 and the DPA had a real prospect of success in relation to some of the communications complained of.

The judgment is of interest not only as an illustration of the difficulties of lawfully sharing sensitive information (including opinions) in the context of safeguarding children. It also illustrates that the DPA is increasingly – and realistically – being pressed into the service of types of complaint traditionally brought under other heads. The DPA and Article 8 are, of course, long-standing and natural complements to each other. Defamation, however, is slightly more alien territory for the DPA. Copyright infringement (on which, see a post of mine from last year here) is another area to which the DPA is increasingly relevant.

What, it is sometimes wondered, does a claim under the DPA add which is not already covered by claims under Article 8, defamation and so on? After all, as the defendants in Desmond argued, if someone is aggrieved at DPA breaches, then he has another remedy available, namely a complaint to the ICO. Interestingly, Tugendhadt J’s judgment in Desmond reverses this: what, he asked, would an Article 8 or defamation claim add to the DPA claim – at least with respect to one of the communications complained of? In particular, he was concerned with how best to deal with the claim that information about the 2001 rape allegation had been processed (retained, communicated) without reference to the judgments exonerating the claimant.

This last point about fair and accurate records of serious allegations is important: see an older post of mine here.

For the moment, back to Desmond and how best to deal with legal claims about this sort of complaint. Tugendhadt J said this:

“81. How and why it is that the references to the 2001 incident came to be recorded, but recorded without mentioning the public judgments of the court containing the police’s explanation for not charging the Claimant, is a question for which the proceedings under the DPA may provide the most appropriate form of investigation (as the Court of Appeal suggested in para 51 of their judgment). It is for consideration whether claims under the HRA or in defamation would add any benefit to the Claimant over and above a claim under the DPA. And as noted above, a claim under the DPA appears to raise no issues of limitation.

82. I invited the parties to consider why the Court should not direct that the claim under the DPA proceed first and separately from the other two claims, and give directions as to the filing of evidence (or agreed statements of facts) so that the matter could be determined in accordance with the overriding objective, and in particular with the objective of allotting to the case an appropriate share of the court’s resources.”

This demonstrates that, at least in some circumstances, the DPA may appropriately play the lead role rather than a supporting one in a complaint about unjustifiable and damaging communications about individuals. It looks as if the DPA will continue to flex muscles it did not even know it had.

Robin Hopkins

The BBC in the Tribunal: not a public authority under the EIR; strong arguments for disclosure of licence fee legal advice

Posted on | by Robin Hopkins

In Montford v IC and BBC (EA/2009/0114), the appellant had asked the BBC various questions about its expenditure in relation to Cambridge Media and Environment Program, which researched and planned a programme of seminars that had been running since 2005 at which BBC editorial staff discussed issues such as environmental change and world development, with the objective of improving BBC journalism in those areas.

The BBC is a public authority within Schedule 1 of FOIA only within the following parameters: “The British Broadcasting Corporation, in respect of information held the purposes other than those of journalism, art or literature”. The Supreme Court addressed this “derogation” from FOIA in Sugar v BBC [2012] UKSC 4: see our post here. Montford concerned not only the application of Sugar to this request, but also an argument that, given the subject matter of the request and the BBC’s activities, the BBC was a public authority within the meaning of regulation 2 of the EIR.

The Tribunal considered the leading cases on the latter point (Smartsource, Port of London, Network Rail, Bruton) and – applying the multifactorial approach from Smartsource – concluded that the BBC was not a public authority under the EIR. Further, the requested information was not environmental: that requires more than a remote link to the environment, and in the present case there was no link. It was therefore FOIA which applied, and Sugar meant that the requested information fell within the derogation. The BBC therefore did not have to provide it.

The BBC also featured – though not as a party – in another Tribunal decision of late. Crawford v IC and DCMS (EA/2012/0018) concerned the conclusion of the ‘BBC settlement’, ie the funding arrangements (freezing of the licence fee, BBC taking over World Service funding and so on) agreed with extraordinary speed between Jeremy Hunt and BBC Trust chair Michael Lyons in October 2010. The requester – a BBC journalist – sought information about that agreement. By the time of the hearing, the only disputed information was legal advice, which fell within section 42(1) of FOIA. The argument focuses on the public interest.

As readers will be aware, information falling within section 42(1) has very rarely been ordered for disclosure by the Tribunal. One gets the sense from the Tribunal’s decision in Crawford that the appellant here came closer than most to getting the information he sought.  The Tribunal noted the unprecedented speed with which negotiations about matters of great public interest were concluded in 2010. In the circumstances, there were “weighty factors in favour of disclosure of any information which can shed light on how this speedy settlement which affects so many people was reached. In other words there is a significant public interest in transparency and accountability in this case”. The stumbling block, however, was that the disputed legal advice shed only limited light on those concerns. Disclosure was thus not ordered. The Tribunal concluded on a note of sympathy with the requester:

“We would observe that we can understand why Mr Crawford has pursued this matter to a hearing despite disclosure of most of the information originally requested. It seems to us, that despite the exceptional nature of the CSR, the haste of the negotiations and lack of record of what took place means that Mr Crawford has quite understandably had to challenge the DCMS into providing whatever contemporaneous record there might be to help him in his journalist pursuit to provide the public with the facts of this unprecedented Licence Fee Settlement with its far reaching effects.”

Robin Hopkins

Commercial prejudice: the importance of precise and limited redactions

Posted on | by Robin Hopkins

In the recent decision in UK Coal Mining v IC, Nottinghamshire County Council & Veolia [2012] UKUT 212 AAC, the Upper Tribunal has dismissed an appeal concerned with section 43(2) of FOIA (commercial prejudice): the First-Tier Tribunal (decision EA/2010/0142, on which see our post here) had been entitled to find that only very limited redactions could be made to provisions from a PFI contract for a waste incinerator. Upper Tribunal Judge Wikeley’s decision, while largely fact-specific, illustrates two significant points.

First, appeals against FTT decisions are liable to fail where they are simply attempts to re-run questions of fact and judgment.

Secondly, those seeking to rely on section 43(2) FOIA should be as precise as possible. Sometimes, for example, a clause in a contract might appear commercially sensitive at first glance, but upon closer scrutiny all that really warrants withholding might be the numbers.

The background to the decision is briefly as follows. UK Coal entered into a complex PFI agreement with the Council for an option to lease a former colliery site the site, with Veolia then sub-leasing the site from the Council to operate an incinerator. Upon a request for the contracts, the Commissioner found that regulation 12(5)(e) of the EIR (confidentiality of commercial or industrial information) was engaged, but that the public interest favoured disclosure. Upon what was effectively UK Coal’s appeal, the FTT found that the matter should have dealt with under FOIA rather than the EIR. Section 43(2) was engaged, but the public interest favoured disclosure of at some of the disputed information. Eventually, the Tribunal largely endorsed the Commissioner’s (very limited) redactions, rejecting the much more extensive redactions proposed by UK Coal. UK Coal’s appeal to the Upper Tribunal failed.

As regards challenges to the FTT’s decision, Upper Tribunal Judge Wikeley said that it was important that the FTT’s statement of reasons is read as a whole, rather than highlighting particular phrases and taking them out of their wider context. The FTT had allowed for the redaction of what it called “core financial information”, but this was simply a convenient shorthand not amenable to close textual analysis or to legal challenge per se.

Notably, he said that this of the FTT’s assessment:

“This was a quintessential issue of fact and degree for the tribunal at first instance to determine… The bottom line is that UK Coal is essentially seeking to re-argue questions of fact and judgement which have been litigated and adjudicated upon on their merits by the FTT.“

Judge Wikeley also warned that the caution against relying too heavily on other FTT decisions (see the Upper Tribunal’s decision in LB Camden v IC and Voyias GIA/2986/2011) applies with even greater force to attempts to rely on other decision notices by the ICO (as UK Coal sought to do here).

Turning to the section 43(2) redactions urged by UK Coal, the Upper Tribunal considered these to be “far too wide-ranging” and its arguments unsustainable. Some of the terms it sought to withhold were commonplace to commercial agreements. The FTT had approached its redaction analysis with care and precision, and correctly struck a balance between protecting UK Coal’s proper commercial interests under section 43 while ensuring that other information is disclosed. In some cases, the FTT allowed only for the redaction of figures rather than terms as a whole. This nonetheless ensured that a member of the public would have “no idea as to either the commercial methodology or the key financial and other numerical variables used”.

The Upper Tribunal’s decision cites specific examples of the scope of redactions to commercial terms which the FTT applied and which the Upper Tribunal found to be entirely understandable. The examples merit close attention by those seeking to withhold information in similar cases.

Robin Hopkins

Norwich pharmacal – from ugandan rendition to ticket touts

Posted on | by Anya Proops KC

In June of this year, I posted about a couple of cases in which Norwich Pharmacal orders (NPOs) had been made against Facebook (see my posts here and here). However, these are by no means the only notable recent examples of NPOs being considered by the court. Other examples, which certainly merit a mention on Panopticon include not least: Rugby Football Union v Viagogo Ltd [2011] EWCA Civ 1585 (NPO requiring disclosure of personal data did not breach the DPA or the DP Directive); Golden Eye v Telefonica [2011] EWHC 723 (Ch) (also concerned with the protection of the rights of data subjects) and R(Omar & Ors) v Secretary of State for Foreign and Commonwealth Affairs [2012] EWHC 1737 (Admin) (use of NPO for the purposes of foreign proceedings).

The Norwich Pharmacal Principles

Before examining these cases, it is worth citing from the speech of Lord Reid in Norwich Pharmacal v Customs and Excise Commissioners [1974] AC 133 where Lord Reid characterised the essential nature and purpose of an NPO as follows:

“If through no fault of his own a person gets mixed up in the tortious acts of others so as to facilitate their wrongdoing he may incur no personal liability but he comes under a duty to assist the person who has been wronged by giving him full information and disclosing the identity of the wrongdoers. I do not think that it matters whether he became so mixed up by voluntary action on his part or because it was his duty to do what he did. It may be that if this causes him expense the person seeking the information ought to reimburse him. But justice requires that he should co-operate in righting the wrong if he unwittingly facilitated its perpetration.” (p. 175)

Typically, there are five issues which fall to be considered whenever the court is invited to make an NPO (see further by way of example the Viagogo case).

(1)  Had arguable wrongs been committed against the claimant?

(2)  Was the defendant mixed up in those wrongs in the sense that it had facilitated them, albeit it innocently?

(3)  Was the claimant intending to seek redress for those wrongs?

(4)  Was the disclosure of information via an NPO necessary so as to enable the claimant to pursue that redress?

(5)  Should the court exercise its discretion so as to grant relief?

On the latter point, it is worth noting that the court’s discretion to grant an NPO is equitable in nature. It will exercise that discretion by reference to all the relevant circumstances so as to achieve a result which is just in substance. However, as can be seen from the Viagogo and Golden Eye judgments discussed below, in exercising its discretion the court will also have to take into account any relevant statutory obligations, including for example obligations imposed under the DPA and the Human Rights Act.

It is also worth noting the recent re-statement of the Norwich Pharmacal jurisdiction in President of the State of Equatorial Guinea v RBS International [2006] UKPC 7 where the Privy Council said this about the test of ‘necessity’:

“It is true that in some cases the word “necessary” has been used, echoing or employing the language of order 24, rule 13 of the Rules of the Supreme Court. But, as Templeman LJ observed in British Steel Corporation v Granada Television Limited [1981] AC 1096, 1132, “The remedy of discovery is intended in the final analysis to enable justice to be done”. Norwich Pharmacal relief exists to assist those who have been wronged but do not know by whom. If they have straightforward and available means of finding out, it will not be reasonable to achieve that end by overriding a duty of confidentiality such as that owed by banker to customer. If, on the other hand, they have no straightforward or available, or any, means of finding out, Norwich Pharmacal relief is in principle available if the other conditions of obtaining relief are met. Whether it is said that it must be just and convenient in the interests of justice to grant relief, or that relief should only be granted if it is necessary in the interests of justice to grant it, makes little or no difference of substance”

Viagogo – NPOs and the DPA

In Viagogo, the Rugby Football Union (RFU) sought an NPO against Viagogo (V) on the basis that V had innocently allowed its website to be used by third party individuals so as to advertise the sale of tickets for rugby matches at unduly inflated prices. In essence, the RBU sought to rely on Norwich Pharmacal principles so as to obtain disclosure from V of information identifying the third party individuals who, the RBU claimed, had acted in breach of contract and otherwise tortiously by selling the tickets at inflated prices. The judge at first instance granted the NPO sought by the RBU. V appealed against the order on the basis that it could not be reconciled with the provisions of the DPA or the DP Directive.

V accepted that the DPA and the Directive contained provisions which created exemptions in respect of the disclosure of personal data which was required by order of the court or which was necessary for the purposes of exercising or defending legal rights (see further s. 35 DPA). In light of these exemptions, V also accepted that the Norwich Pharmacal  jurisdiction was not per se incompatible with the DPA and the Directive. However, V argued that, in light of relevant European Court judgments including Satakunnen and Schecke v Land Hessen, disclosure of personal data should only be ordered by the court if this was ‘strictly necessary’ and ‘proportionate’ to the aim sought. V went on to argue that the application made by the RBU did not meet these requirements.

The Court of Appeal rejected V’s appeal. It held that the RFU had made out its case as to arguable wrongdoing by the third party. It also held that Viagogo had effectively been mixed up in that wrongdoing as its website had facilitated the advertising and sales of the tickets. On the question of whether the RFU intended to seek redress, the court rejected arguments to the effect that there was insufficient evidence of such an intention. On this point, the court noted that whilst any damages against the third parties may not be substantial, the RFU was still in a position to seek to protect its position by obtaining injunctive relief. The court also accepted that the order was necessary as the RFU had no other means of identifying the alleged wrongdoers. On the question of whether the court should apply a further test of ‘proportionality’, in order to comply with the DPA and the Directive, Longmore LJ said this:

’28. Once it is established that there is arguable wrongdoing by unidentified individuals and that there is no realistic way of discovering the arguable wrong doers other than a Norwich Pharmacal order, it will generally be proportionate to make such an order revealing the identity of those arguable wrongdoers. There can be no reasonable expectation of privacy in respect of data which reveal such arguable wrongs and Viagogo’s own conditions of business point out to their customers that there may be circumstances in which their personal data will be passed on to others. Mr Mill submitted that the acceptance of such conditions constituted a waiver by Viagogo’s customers of confidentiality in their personal data. I doubt if that is right but the fact that Viagogo’s conditions of business contemplate that personal data of their customers may be revealed is not wholly irrelevant to proportionality.

 29. I would prefer to say that the requirement that Viagogo disclose a limited amount of personal data in this case is proportionate because there is no other way in which arguable wrongdoing can be exposed. In this case, as in many other Norwich Pharmacal cases, necessity and proportionality may go hand in hand. The terms of the order must, of course, be proportionate but Viagogo have never suggested that some more limited form of order would be appropriate. The only personal data ordered to be revealed are the names and addresses of the arguable wrongdoers. That seems to me to be both proportionate and just.’

The court went on to find that, in all the circumstances, the judge was plainly entitled to exercise his discretion in favour of making the order.

Golden Eye v Telefonica

In Golden Eye, copyright owners brought a claim for Norwich Pharmacal relief against an internet service provider in circumstances where the copyright owners suspected that internet consumers had been engaged in peer-to-peer file sharing of their material in breach of copyright. In essence, the claimants sought to obtain information identifying the internet consumers so that they could write to the claimants and seek redress from them in respect of the alleged wrongful file-sharing.  Like Viagogo, the case raised questions about whether the order sought could be reconciled with the rights of the internet consumers in their capacity as data subjects. In the course of his judgment, Arnold J alluded to the Court of Appeal’s judgment in Viagogo and also to its earlier judgment in Totalise plc v Motley Fool Ltd [2001] EWCA Civ 1897 (which was not referred to in Viagogo) where Aldous LJ held as follows:

24. It is not necessary to construe section 35 or paragraphs 5 and 6 of Schedule 2, but it is manifest from paragraph 6 of Schedule 2 [of the Data Protection Act 1998] that no order is to be made

for disclosure of a data subject’s identity, whether under the Norwich Pharmacal doctrine or otherwise, unless the court has first considered whether the disclosure is warranted having regard to the rights and freedoms or the legitimate interests of the data subject. By virtue of section 10 of the Contempt of Court Act 1981, if applicable, the court must also be satisfied that disclosure is necessary in the interests of justice.  

25. In a case such as the present, and particularly since the coming into force on 2 October 2000 of the Human Rights Act 1998, the court must be careful not to make an order which unjustifiably invades the right of an individual to respect for his private life, especially when that individual is in the nature of things not before the court: see the Human Rights Act 1998, section 6, and the European Convention for the Protection of Human Rights and Fundamental Freedoms, articles 10 and (arguably at least) 6(1). There is nothing in article 10 which supports Mr Moloney’s contention that it protects the named but not the anonymous, and there are many situations in which – again contrary to Mr Moloney’s contention – the protection of a person’s identity from  disclosure may be legitimate.

 26. It is difficult to see how the court can carry out this task if what it is refereeing is a contest between two parties, neither of whom is the person most concerned, the data subject; one of whom is the data subject’s prospective antagonist; and the other of whom knows the data subject’s identity, has undertaken to keep it confidential so far as the law permits, and would like to get out of the cross-fire as rapidly and as cheaply as possible. However, the website operator can, where appropriate, tell the user what is going on and to offer to pass on in writing to the claimant and the court any worthwhile reason the user wants to put forward for not having his or her identity disclosed. Further, the court could require that to be done before making an order. Doing so will enable the court to do what is required of it with slightly more confidence that it is respecting the law laid down in more than one statute by Parliament and doing no injustice to a third party, in particular not violating his convention rights.”

 The court went on to consider whether the relief which was being sought in the present case was ‘proportionate’ having regard to the rights of the data subjects (see para. 116 et seq). On this point, the court noted that when determining the issue of proportionality, the court had to strike a fair balance between the property rights of the copyright owners (as afforded under Article 17(2) of the Charter of Fundamental Rights of the European Union and Article 1 of Protocol 1 ECHR) and the rights of the data subjects (as afforded under Article 8 of the Charter and Article 8 ECHR). Ultimately, the court held that the balance tipped in favour of ordering that the defendant disclose the identity of the internet consumers. Notably, and in contrast with the approach suggested in Totalise, the court was of the view that it would not have been practicable to have required the defendant to notify the consumers of the NP proceedings, not least given the number of consumers in issue (para. 140).

See further Julian Wilson’s pre-Golden Eye 2010 post on the use of NPOs by copyright owners in respect of file-to-file sharing.

Omar – Using NPOs for Foreign Proceedings

The case of Omar raised particularly complex issues. This was because the claimants were seeking an NPO to assist them in the context of foreign proceedings. The foreign element of the claim meant that the court was required to address not only the usual five issues applicable in the context of applications for NPOs but also a range of other issues, including how the court’s powers should be exercised so as to avoid infringing the principle of the comity of nations.

The background to the Omar case was that the claimants were facing charges of terrorism and murder before the Ugandan criminal courts in connection with their alleged involvement in the FIFA world cup bombing in Kampala in 2010. In response to the criminal proceedings, the claimants had gone on to petition the Ugandan Constitutional Court (UCC) on the basis that the criminal proceedings were unlawful and an abuse of process because they had come about in circumstances where the claimants had been illegally rendered from Kenya to Uganda, where they had been subject to torture and ill-treatment. Whilst the petition before the UCC was still pending, the claimants brought proceedings in the English Administrative Court against the Foreign Office. In essence, the claimants sought to rely on Norwich Pharmacal principles to obtain an order requiring the Foreign Office to disclose evidence and information which the claimants asserted was relevant to their petition to the UCC. The order was being sought on the basis that: (a) the UK Intelligence Services had been mixed up in the alleged unlawful rendition of the claimants and (b) it was necessary for the claimants to obtain any evidence held by the Foreign Office in connection with these matters for
the purposes of the proceedings before the UCC.

The High Court (presided over by the President of the Queen’s Bench Division) rejected the claimant’s application for an NPO. In summary, it found that the application was without merit for a number of different reasons, as summarised below.

(1) The question of how the court should address applications for the disclosure of evidence relating to foreign proceedings involving criminal allegations should be answered by reference to the provisions of the applicable statutory scheme, namely the Crime (International Co-Operation) Act 2003. Pursuant to the statutory scheme, the court would only order the disclosure of evidence where this had been requested by the Ugandan prosecutor or the Ugandan court. No such request had been made in the present case. Thus, the application for an NPO must be refused on the basis that it amounted to an impermissible attempt to circumvent the statutory scheme (paras. 31-72).

(2) The court would in any event have refused to grant an NPO in view of the fact that no application for disclosure had been made in the Ugandan courts. The principle of comity of nations would preclude the English court from making an order for disclosure which would have the effect of trespassing on foreign judicial proceedings, save where those foreign proceedings were patently inadequate or there was some other compelling reason for making of the order. Those considerations did not arise in the present case (paras. 73-80).

(3) In any event, an NPO could only be ordered where the claimants had established that the order was ‘necessary’ in all the circumstances (see further the discussion in Omar of the test of ‘necessity’ as considered in R(Binyam Mohamed) v Secretary of State for Foreign and Commonwealth Affairs [2008] EWHC 2048 (Admin) (“Binyam Mohammed No.1“) and the President of the State of Equatorial Guinea v Royal Bank of Scotland International (Privy Council, 2006)). In the present case, the claimants had failed to establish that an NPO was necessary because they had not sought to apply for disclosure in Uganda in relation to their arrests (paras. 81-90).

(4) Furthermore, whilst it was accepted by the Foreign Office that the claimants had made out a sufficient case of alleged wrongdoing in respect of their removal from Kenya to Uganda, an NPO could only be contemplated by the court if the Foreign Office had not merely been ‘mixed up’ in the wrongdoing but had, by its actions, positively ‘facilitated’ it. The court’s conclusions on whether the UK Intelligence Services had facilitated the alleged wrongful rendition of the claimants was set out in a closed annex to the judgment (paras. 91-102).

(5) If, contrary to the court’s earlier findings, the discretion to order an NPO had been engaged, the court would in any event have exercised its discretion so as to refuse relief. There were important factors which favoured the granting of relief in this case, including the fact that the claimants were facing the death penalty in Uganda. However, these factors were insufficient to justify the making of an NPO, particularly in view of evidence from the Foreign Office to the effect that the making of the order would be seen as a deliberate attempt by the UK to derail the Government of Uganda in its attempts to bring terrorists to justice and, further, ‘a grave betrayal of the of the UK’s promise to stand with Uganda in its fight against terrorism’. In reaching these conclusions, the court took into account in particular the analysis of how the discretion to order an NPO in respect of foreign proceedings should be exercised which was set out in Binyam Mohamed No. 1.

On the separate question of whether the Foreign Office had conducted reasonable and proportionate searches to discover whether it held evidence relating to the claim of ill-treatment, the court held that, on the evidence, the Foreign Office had discharged its duties in this regard (paras. 108-111).

One other notable feature of the judgment is what it says about how disclosure relevant to the application for an NPO should be dealt with by the court. In summary, the court concluded that the claimants were not entitled to disclosure under CPR 31 and that, more generally, a defendant would not be ordered to effect disclosure in a manner which revealed to the claimants the very information which was being sought through the proceedings. Similarly, the court held that, if and insofar as it needed to reference in its judgment information or evidence which had properly been withheld from the claimants, those references could and should be made in a closed annex which would not be disclosed to the claimants or the public at large (paras. 22-29). In this respect, the court’s approach to handling applications for NPOs closely resembles the approach which the information tribunal takes to the handling of closed evidence in the context of appeals under FOIA.

This judgment is important for a number of reasons. First, it highlights the court’s strong predisposition to avoid deploying its NPO powers in a way that might be regarded as exhibiting a colonialist attitude to foreign judicial proceedings. Second, it demonstrates the generally very high hurdles which will have to be cleared by a claimant who is seeking an NPO for use in foreign proceedings involving allegations of criminal wrongdoing. 11KBW’s Karen Steyn acted for the Secretary of State.

Anya Proops

Second veto issued on Iraq war cabinet minutes

Posted on | by Anya Proops KC

Yesterday the Government issued a second veto preventing the disclosure of minutes which recorded Cabinet discussions in 2003 on the Attorney General’s advice concerning military action against Iraq. The first veto which was issued in respect of this information was issued by Jack Straw MP in 2009 (see my post on the veto here). The second veto relates to a more recent request for disclosure of the same minutes, namely a request in March 2011. This more recent request was refused by the Government on an application of s. 35 FOIA (exemption in respect of policy formulation). The Commissioner accepted that s. 35 was engaged in respect of the minutes but found that the public interest balance weighed in favour of disclosure, particularly in view of the extremely strong public interests in creating transparency and accountability around the Labour Government’s decision to go to war in Iraq and the passage of time and changed circumstances since the Cabinet discussions took place (you can find his decision notice no. FS50417514 here). The Attorney General, as the person responsible for the advice which was being discussed in cabinet, assumed responsibility for issuing the veto certificate under s. 53. It appears that he consulted his colleagues in the Cabinet, the Commissioner and the Leader of the Opposition prior to issuing the veto.

In his Statement of Reasons for issuing the veto (which you can find here), the Attorney General notes that there were extremely strong public interests in the disclosure of the minutes. However, his position is that the need to protect a ‘safe space’ for Cabinet discussions relating to such highly sensitive matters was just as acute in 2011 as it had been when the first request for disclosure was made in December 2006. This was so, in his view, notwithstanding that the Cabinet discussions were, as at 2011, nearly a decade old; that there had since been a change of Government and, further, that UK forces were no longer engaged in combat in Iraq. The Attorney General’s view was that, irrespective of their age and the changed circumstances, disclosure of the minutes would have had a seriosuly chilling effect on Cabinet discussions in future. This was particularly because ‘the issue of Iraq was still live’ and most of the individuals involved in the discussions ‘are still Members of Parliament or otherwise active in public life’. The Attorney General also stated that, in assessing the public interest in disclosure, he had taken into account: ‘the very substantial amount of information which the public already has about the decision to use armed force in Iraq. That decision has arguably been subject to greater scrutiny than any other decision of the previous administration…’. He went on to refer in this context to the Hutton Inquiry, the Butler report and the more recent Chilcott Inquiry, which has still yet to issue its report. It is also clear that principle of upholding the convention of collective cabinet responsibility also weighed heavily in the Attorney General’s assessment of the public interest in maintaining the exemption.

Notably, the Attorney General was at pains to make clear that he had issued the veto because this was an ‘exceptional’ case and, as such, fell within the four corners of the Government’s existing policy in issuing vetoes. As I indicated in my earlier post on the Justice Committee’s report on FOIA (which you can find here), there is now a live question as to whether the Government’s policy will in any event be watered down so that it can also apply in non-exceptional cases.

Anya Proops