Feeds

Government project reviews are not FOI exempt, says tribunal

Backs ICO's order that reports be made public

The essential guide to IT transformation

Crucial reviews of large, ongoing Government IT projects are not exempt from the Freedom of Information (FOI) Act, the Information Tribunal has ruled (pdf). The tribunal has backed the Information Commissioner's order that the reports become public.

Two requests were made for the release of reports on the Government's identity cards system but the Office of Government Commerce (OGC) refused them, saying that the balance of public interest lay in their non-disclosure.

The Information Commissioner's Office (ICO) said that under the FOI Act the requests were legitimate and ordered the disclosure of the information. The tribunal has now backed the ICO.

The tribunal said not only that these reports should be made available, but that the OGC was attempting to ensure that all such reports were given an automatic exemption from disclosure. This was wrong, said tribunal chairman John Angel.

"Although [OGC lawyer] Mr Tam says he is not putting forward a case for [reports] to be subject to an absolute exemption under FOIA it seems very like that to us," said Angel in the ruling. "He says that the combined extent of the harm which will flow from disclosure is so overwhelming that there can be very few exceptions and then only possibly after a long period of time, say 30 years."

All major government projects must now be subjected to reports at crucial stages of their development before proceeding to the next stage. Designed to detect and solve problems earlier rather than later, these are called gateway reports.

The OGC argued that workers' honesty in the reports was contingent on their remaining confidential. "[Tam's] whole argument is based on the fact that the GR [gateway report] system can only continue to be successful if disclosure is not a realistic possibility," said Angel.

But the tribunal said Parliament had had the opportunity to exempt the reports from the Act and had chosen not to, so the tribunal should not allow the OGC to assert that an exemption exists.

"The FOIA has been around for seven years, from before the start of GRs," he said. "Parliament in its wisdom has absolutely exempted certain information from the Act, but it has not exempted GRs as such in this way."

Angel was scathing about assurances reportedly given to participants that their comments would not be made public.

"We cannot understand how the OGC appears to have given such internal assurances that reports would not be disclosed under the FOI Act," he said. "There has always been a possibility that GRs would be disclosed under the FOI Act. GRs are all about the management of risk. We would have thought that FOIA would have been factored into that risk assessment because cases like this appeal were foreseeable.

"To have developed a system on the apparent assumption that there was little or no risk of disclosure is at the very least unprofessional and at variance with one of the aims of GRs which is to encourage and support, in effect, more professionalism in the way programmes and projects are undertaken," said Angel.

The tribunal said that some reports would qualify for exemption from the Act. Angel said that it was unlikely that the "floodgates would open" and all the reports would be made public.

"The tribunal has considered all the circumstances of this case and finds that the public interest in maintaining the exemption does not outweigh the public interest in disclosure," said Angel. "In other words we uphold the commissioner's Decision Notices in this case.

He ordered that the information be released, but delayed the release by 14 days so that the tribunal could decide whether or not the names of the interviewees should be blanked out.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

5 things you didn’t know about cloud backup

More from The Register

next story
Hello, police, El Reg here. Are we a bunch of terrorists now?
Do Brits risk arrest for watching beheading video nasty? We asked the fuzz
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
EU justice chief blasts Google on 'right to be forgotten'
Don't pretend it's a freedom of speech issue – interim commish
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.