Feeds

ICO consultation: What should public bodies disclose?

Graham's office to push out code of practice by the end of the year

Choosing a cloud hosting partner with confidence

The UK's data protection and Freedom of Information watchdog has launched a new consultation with a view to changing its guidance on what information public sector organisations should be forced to disclose and how.

Under Freedom of Information (FOI) laws public authorities must "adopt and maintain" a scheme of publishing information, which must be approved by the ICO. The scheme has to "specify classes of information which the public authority publishes or intends to publish, specify the manner in which information of each class is, or is intended to be, published, and specify whether the material is, or is intended to be, available to the public free of charge or on payment".

The Information Commissioner's Office (ICO), which is responsible for ensuring compliance with FOI laws, wants to update its model publication scheme "to increase the level and range of information proactively available, reflecting the public interest," the consultation (7-page/113KB PDF) said. The ICO's model publication scheme sets out what information public sector organisations must publish in accordance with its responsibilities under the FOI laws.

Currently the ICO's model publication scheme states that public organisations should generally make information available on their websites on what they do, what they spend and how they make decisions,.

Respondents to the consultation are asked "What further classes of information or further detail can be included in publication schemes?" and how publication schemes should "evolve in the light of Web 2.0?" Information Commissioner Christopher Graham said in a speech.

A spokesman for the ICO told Out-Law.com that this means the ICO is considering whether it is appropriate for public sector organisations to disclose information through new mediums, such as social networks.

The ICO plans to have amended its guidance on public sector publication schemes by the end of this year, Graham said.

Graham also said that there is "perhaps a good case" for the UK to have a "coordinated national information policy".

"What is needed is a joined-up and consistent approach to the different strands of transparency policy across government," he said.

The Freedom of Information Act and the Freedom of Information (Scotland) Act came into full force on 1 January 2005, giving individuals the right for the first time to see information held by government departments and public bodies.

Some information can be held back under qualified and absolute exemptions. However, where information can be withheld under a qualified exemption organisations are still obliged to conduct a "public interest test" to determine whether it is right for information to be disclosed.

Graham said that some organisations do not correctly balance the privacy rights of individuals with their requirements to disclose information.

"There is certainly a public interest in privacy for individuals as well as in transparency around public information but privacy should not always be claimed as a barrier to transparency, accountability or open data," Graham said.

The Information Commissioner said that the ICO is currently developing a new code of practice on anonymisation and that it will also "publish broader guidance on key privacy principles that apply to data set disclosures".

"The code of practice on anonymisation ... will look at the importance of successfully anonymising data prior to disclosure – particularly with regards to statistical data sets," the ICO's spokesperson said in a statement.

Earlier this year the ICO looked at the issue of anonymisation of data in detail when it hosted a seminar with industry, government and academic representatives.

One academic raised the difficulty of knowing what information should be published considering that there is the potential for "jigsaw identification, whereby data from a number of sources can be combined to enable identification of individuals".

"There is a demand for greater transparency, for example relating to health, education and court data, but we must ensure that transparency of government does not equal transparency of the citizen," the academic said, according to a report (13-page/113KB PDF) from the seminar.

The ICO's code of practice is expected to be announced by the end of the year, the ICO's spokesman said.

In his speech Christopher Graham also criticised some of the proposals announced in the Protection of Freedoms bill.

The bill orders the destruction of DNA material in most cases where a person is not charged or convicted of a crime.

For those whose samples were taken while detained under the Terrorism Act they must not be immediately destroyed, though. They can be kept for three years, or indefinitely in the case of people who have already committed a serious crime.

Samples taken from people in the investigation of other serious offences and from people who have been previously convicted of serious offences can also be retained, some for three years and some indefinitely, under the bill proposals.

The bill also contains provisions reforming the use of technology for surveillance, including CCTV systems and automatic number plate recognition (ANPR) systems.

The government said that the bill would rebalance the relationship between the state and individuals.

"It is important that the new laws deliver the promised benefits of strengths and safeguards for information rights," Graham said.

"The proposals to delete the DNA profile and fingerprints of those who have not been convicted and are of no ongoing interest to the police are welcome and meet long-standing concerns, but the associated information about these people held on the police national database should be deleted too," he said.

"Additional regulation of CCTV and ANPR is also welcome, but the current proposals are limited in coverage ... in a way that does not reflect how wide this surveillance technology is used and there [are] no new sanctions for non-compliance," he said.

Under UK data protection laws individuals have the right to access personal information held about them by an organisation.

Graham said that proposals in the bill could allow more employers to force job applicants to "exercise their rights as data subjects" to access data about themselves that is held by police in order to show the results to the employer.

"There is already a long-standing and urgent need to trigger provisions to make this practice unlawful," Graham said. "It is no good exempting citizens from [vetting] checks if employers can get round this by unfairly exploiting the citizens' own right to [gain] access to police information."

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Remote control for virtualized desktops

More from The Register

next story
Bladerunner sequel might actually be good. Harrison Ford is in it
Go ahead, you're all clear, kid... Sorry, wrong film
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
Forget Hillary, HP's ex CARLY FIORINA 'wants to be next US Prez'
Former CEO has political ambitions again, according to Washington DC sources
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Choosing a cloud hosting partner with confidence
Download Choosing a Cloud Hosting Provider with Confidence to learn more about cloud computing - the new opportunities and new security challenges.