Feeds

Government project reviews are not FOI exempt, says tribunal

Backs ICO's order that reports be made public

Top three mobile application threats

Crucial reviews of large, ongoing Government IT projects are not exempt from the Freedom of Information (FOI) Act, the Information Tribunal has ruled (pdf). The tribunal has backed the Information Commissioner's order that the reports become public.

Two requests were made for the release of reports on the Government's identity cards system but the Office of Government Commerce (OGC) refused them, saying that the balance of public interest lay in their non-disclosure.

The Information Commissioner's Office (ICO) said that under the FOI Act the requests were legitimate and ordered the disclosure of the information. The tribunal has now backed the ICO.

The tribunal said not only that these reports should be made available, but that the OGC was attempting to ensure that all such reports were given an automatic exemption from disclosure. This was wrong, said tribunal chairman John Angel.

"Although [OGC lawyer] Mr Tam says he is not putting forward a case for [reports] to be subject to an absolute exemption under FOIA it seems very like that to us," said Angel in the ruling. "He says that the combined extent of the harm which will flow from disclosure is so overwhelming that there can be very few exceptions and then only possibly after a long period of time, say 30 years."

All major government projects must now be subjected to reports at crucial stages of their development before proceeding to the next stage. Designed to detect and solve problems earlier rather than later, these are called gateway reports.

The OGC argued that workers' honesty in the reports was contingent on their remaining confidential. "[Tam's] whole argument is based on the fact that the GR [gateway report] system can only continue to be successful if disclosure is not a realistic possibility," said Angel.

But the tribunal said Parliament had had the opportunity to exempt the reports from the Act and had chosen not to, so the tribunal should not allow the OGC to assert that an exemption exists.

"The FOIA has been around for seven years, from before the start of GRs," he said. "Parliament in its wisdom has absolutely exempted certain information from the Act, but it has not exempted GRs as such in this way."

Angel was scathing about assurances reportedly given to participants that their comments would not be made public.

"We cannot understand how the OGC appears to have given such internal assurances that reports would not be disclosed under the FOI Act," he said. "There has always been a possibility that GRs would be disclosed under the FOI Act. GRs are all about the management of risk. We would have thought that FOIA would have been factored into that risk assessment because cases like this appeal were foreseeable.

"To have developed a system on the apparent assumption that there was little or no risk of disclosure is at the very least unprofessional and at variance with one of the aims of GRs which is to encourage and support, in effect, more professionalism in the way programmes and projects are undertaken," said Angel.

The tribunal said that some reports would qualify for exemption from the Act. Angel said that it was unlikely that the "floodgates would open" and all the reports would be made public.

"The tribunal has considered all the circumstances of this case and finds that the public interest in maintaining the exemption does not outweigh the public interest in disclosure," said Angel. "In other words we uphold the commissioner's Decision Notices in this case.

He ordered that the information be released, but delayed the release by 14 days so that the tribunal could decide whether or not the names of the interviewees should be blanked out.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

SANS - Survey on application security programs

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.