Feeds

Info Commissioner admits 'It's going to be tough'

Improving FoI compliance - with extreme prejudice

Combat fraud and increase customer satisfaction

"There was an awful lot of 'After you Cecil', 'No after you Claude', about it. Public authorities were taking forever to respond to Freedom of Information requests. They were then taking forever to do internal reviews. "We concluded, my colleagues and I, that we had simply to send a shock wave back through the system, if you like the other way. And we did that by prioritising clearing the backlog and making it plain to public authorities that we were no longer going to tolerate foot dragging, obfuscation, and generally gaming the system."

It did not take very long for that message to get through, and in the first year the ICO achieved a "massive" reduction in the backlog and is now dealing only with current business.

The turnaround, as Graham explains it, has a message for other public sector organisations: "It's important to say, we did not at that stage make great changes to our processes. We did not put in extra resources – we did not have any extra resources to put in. But it was simply a question of making it a management priority, cutting out some 'nice to haves', and making the point that unless we could get a grip on the FoI backlog we wouldn't be listened to on any other subject."

Graham did go on to restructure his office, however, and rather than having two entirely separate divisions for data protection and FoI, it is now organised around policy and delivery. "We have a very effective delivery operation, but we make sure through our policy function that we get consistency and quality in what we do," he says.

These changes, Graham believes, have contributed to getting across to public authorities the message about FoI rights and that the ICO and will be on their case if they don't comply.

"I think there has been a certain residual feeling, years after the act was passed, 'Oh they can't possibly expect to have access to that'," he says. "Whereas a lot of the information that is being guarded like the crown jewels is fairly boring."

Furthermore, Graham maintains that if this were published proactively, it would save a lot of management time.

"And now the lead from the top, which is very much about transparency and accountability, will also I think help in the search for savings in public expenditure, because FoI is shining the torch into the dark corners. And some things, when you have to publish them, you realise they are rather difficult to defend."

He has in mind, particularly, duplication of expenditure and parallel bodies that do more or less the same thing. The argument goes that without FoI these issues would remain hidden and inertia would mean they would continue in the same way.

"I think freedom of information is a huge contributor toward to reform of public services," he enthuses. Not everyone, however, is as positive. Tony Blair complains in his memoirs that FoI is mainly used by journalists and inhibits candid, private discussion in government. According to reports, councils face mounting bills for FoI work, £800,000 annually in the case of Birmingham City Council.

Graham says he doesn't know how councils make that sort of calculation when FoI requests are an integral part of general information work, which includes data protection and records management.

"I don't think you can separate it out and say that that bit is because we have been tied up with answering questions from the Birmingham Post and Evening Mail," he says. "And I think an awful lot of public money has been wasted by different actors in the public service resisting the Freedom of Information Act, to a ludicrous extent.

"Handling of requests, long drawn out internal reviews, dragging out the work of the information commissioner, not coming up with timely responses, changing your mind half way through an investigation, coming up with additional reasons why not, appealing to the information tribunal - with a barrister. You name it. That's where the money goes.

"Now if people can just sort of lighten up and realise that this is public information and it ought to be out there, that's where the money is to be saved, I think."

SANS - Survey on application security programs

More from The Register

next story
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.