The Information Commissioner’s decision that official content held on a private E-mail account is subject to Freedom of Information laws appears to have come as a surprise to some, especially Senior Ministers and policy advisers. Really, as the Commissioner pointed out in his decision, this should not have come as any surprise to anyone. The Act covers recorded information held by or on behalf of a public authority. Clearly official correspondence and documentation held within a private E-mail account is held by or on behalf of the public authority and is therefore within the scope of the FOI laws.
What the Commissioner’s decision doesn’t do is make private E-mail accounts generally open to FOI. They are no more covered by the Act then personal correspondence carried out on official E-mail accounts. Personal correspondence and party business are not covered by FOI whether they are held on official or personal E-mail accounts. The Commissioner’s decision doesn’t mean that employees within public bodies need to hand over the passwords to their private E-mail accounts to their bosses so that they can be searched if an FOI request comes into the authority to see if relevant information is held on a personal account.
What it does require is that when the FOI Officer contacts an individual to see if they have any information that falls within the scope of a request received they have to consider whether there may be anything relevant within the personal E-mail account and if so search for it and hand it over to be considered along with the other information held. Public sector employees, Ministers and policy advisers don’t need to worry about their personal E-mail addresses being disclosed as this would undoubtedly breach the data protection principles and be exempt from disclosure. In any event the FOI legislation doesn’t provide a right to a copy of the E-mail only to the information contained within it.
What it requires is honesty on the part of public sector employees and others subject to FOI laws. That may be a tall order for some in the public sector, especially politicians. Knowingly not disclosing information held within private E-mail accounts would constitute a criminal offence. Likewise deliberately using private E-mail addresses as a way of trying to conceal it would constitute a criminal offence.
Does anyone really need to worry about their private E-mail accounts being accessed? Well, not really. Simple policies put in place by public authorities could avoid many of the issues. Banning the use of private accounts for official business would be a good place to start. I cannot think of a conceivable reason as to why any person subject to FOI would need to use their private E-mail address on a regular basis for work related activities? It’s unprofessional for a start! If in the rare event that a person does need to use their private E-mail account adding an official E-mail address into the “cc” field (either the employees own or the official e-mail of the recipient(s)) would also ensure that it is held officially on the authorities systems. It could then be picked up in the normal way that E-mail correspondence is identified when carrying out relevant searches in response to an FOI request. Indeed, the copying in of official E-mail addresses is suggested by the Commissioner as being a policy that public authorities should have in force to ensure that issues around information being held on private E-mail addresses is not missed.
The suggestion that the commissioner’s decision that FOI applies to text messages and private E-mails is an “over-extension of its original intent” is not something that can really be substantiated. It appears as if it might well be an attempt to amend the FOI laws to make them tighter and easier for Ministers (in particular) to avoid. Such moves must be forcefully objected to. Any tightening of the FOI laws must be resisted.
As for the suggestion that Cabinet minutes should be absolutely exempted from FOI laws by the outgoing Cabinet Secretary are, to put it mildly, a ridiculous suggestion. There are a number of exemptions under which these can be exempt from disclosure and there is not a steady stream of decisions coming from the ICO or the Courts forcing the Government to release such minutes. It’s not hard to argue that maintaining the exemptions being relied upon to exempt the minutes (and other papers) is in the public interest. However, it should be capable of requesting these and for it to be carefully considered whether it is actually in the public interest to withhold the information contained within them. Providing an absolute exemption to Cabinet minutes and documents would, in my view, run counter to the fundamental presumption of the FOI laws and that presumption is one of disclosure.
This really is a non-issue and I fail to understand why Ministers and others seemed to be of the opinion that official information held on behalf of a public authority on an E-mail system out with that of the authority’s official E-mail system is not covered by FOI. I also fail to see why private E-mail addresses would need to be used for official government business. They can’t possibly offer the same level of security as the GSI network. I can’t imagine that Google provides the required level of security required for the processing of government business! Security issues aside, providing remote access to E-mail is not some advanced technology, plenty of private sector businesses provide remote access to not just E-mail but a whole load of systems to their employees. If working from home becomes essential for whatever reason ensuring public sector employees have access to their E-mail can’t really be considered as being beyond the capabilities of the state. A prime example being @LynnFOI who accessed her work E-mail from home on CHRISTMAS DAY to respond to someone’s FOI request!#
Anyway, make up your own mind. Is it really an “over-extension of its original intent” or just an excuse to try and restrict information access rights? I know what I think!
prout de jure 