Unpacking the UK Freedom of Information Act
The Freedom of Information Act (FOIA) 2000 was created to improve transparency in the public sector. It empowers citizens to have access to information held by public authorities and understand more about what kind of information they collect.
As of the end of 2020, Government departments in the UK typically received around 8,000 to 9,000 Freedom of Information requests each quarter. This will only increase as the public becomes more aware of prevailing surveillance practices, and privacy becomes more of a priority.
How do public authorities protect data? How can they be transparent and ethical about data without compromising national security?
How does the FOIA work?
“Any person making a request for information to a public authority is entitled:
(a) to be informed in writing by the public authority whether it holds information of the description specified in the request, and
(b) if that is the case, to have that information communicated to him. ”
The FOIA works on two fronts:
Public authorities are required to publish certain information about their activities.
Individuals (e.g. members of the public) can request information from public authorities.
Freedom of Information requests give the right to publicly held information - it does not apply to personal information about individuals that public authorities may hold.
Recorded information could be:
Computer documents
Emails
Photographs
Video or sound recordings
Printed documents
Personal information is covered by the Data Protection Act and the applicant would have to make a data subject access request for such information.
Who does the FOIA apply to?
The Act applies to any public authority in England, Wales, and Northern Ireland, and UK-wide public authorities based in Scotland. Information held by Scottish public authorities is covered by the Freedom of Information (Scotland) Act 2002.
These public authorities include:
Local authorities
The NHS
State schools
Government departments
Police forces
While the Act covers public authorities, it does not necessarily apply to all bodies that receive public money. It does not apply to private sector organisations that perform public functions or charities that receive grants from public funds.
Once you receive a request, you have 20 working days to provide the information.
A FOIR request could look like this:
“Please send me all the information you have about ongoing developments in my area.”
“Please tell me why the license for this public building was granted?”
“I am requesting video footage of a traffic accident on the 3rd of January 2022.”
Under Section 11 of the FOIA, the requester can state a preference for the means of information, e.g. electronic or hard or a condensed version. The information provided must be:
whole (unless specified otherwise - e.g. a summary of documents is requested),
Does not need to be the original document, but can be a copy,
Can be sent by letter, email, social media, fax, or online forms.
Any preference requests should be met as far as reasonably practicable, and if not, the requester must be informed as to why.
Can requests be denied?
The number of denied FOI requests has risen from roughly 40% to 60% over the last decade because the FOIA lists several exemptions to the right of access, some of which include:
The request is a repeat of a previous request,
It would be an unreasonable burden on the organisation’s resources and exceed a cost limit to fulfil the request,
It is a vexatious request, i.e. likely to “cause a disproportionate or unjustifiable level of disruption, irritation or distress”,
The information could prejudice commercial interests,
The information could endanger someone’s health and safety,
It would not be in the public interest to disclose it, or
It may compromise national security.
Regardless of the particular exemption that may apply, it is essential to keep open communication with the applicant and explain both how the Act works and why their specific information cannot be provided.
What if we simply don’t have the information?
It is essential that after receiving a request, you carry out a proper and thorough search through the information you hold.
The FOIA only applies to recorded information you hold - if you don’t have the requested information, communicate this to the applicant.
Should they complain to the ICO, ensure you have sufficient backing for why this information was not available.
Should you fail to publish the correct information, hide or destroy information, or answer inadequately, you may be investigated by the ICO.
Bodies that regularly respond to less than 90% of requests can be subject to special monitoring by the ICO which can be damaging both financially and in regard to public opinion and reputation.
How to respond to a video FOIA request: step-by-step
Step 1: Log the nature and date of the received request to keep track.
Requesters should include their name, a contact address (email or postal address), and a detailed description of what they need.
If you need further clarification or information, if you need more time or if it is found to be excessive, be sure to contact the applicant again.
Step 2: Check the information being requested has not already been published by your organisation or previously responded to in another FOIA request.
This will save you time!
Step 3: Locate the video in your servers.
Determine if any exemptions apply to its release and/or if there is information outside of the scope of the FOIA that needs to be redacted.
Step 4: Upload the video footage to Secure Redact.
The system will automatically add redaction boxes overlaid onto any faces, licence plates, and other personal data.
Step 5: Review the redaction boxes and untick any tracks to allow the data subject(s) to be visible in the final video.
Step 6: Download the redacted video.
Step 7: Remember, you must communicate all the information in the document. Summaries are not allowed unless they have specifically requested this.
Step 8: Respond to the applicant with the necessary information.
Explain what you have provided them and why, including an explanation as to why information may have been redacted or not included.