Doesn't this really come down to having the right Fair Processing Notices
where data is collected, and in replying promptly to the requestor when
acknowledging the FoIA request with the details of Fair Processing?
It is not the fact of it being a particular type of request, surely, that
determines the confidentiality, but is the Fair Processing Notice and
documented procedures (which I can presumably discover by issuing a FoIA
request if it is not already prominent?)
Obviously there may be times when confidentially is intellectually correct
or disclosure is intellectually correct. Sometimes the intellect has an
argument with itself. The issue is not the intellect but the law. Make the
processing fair, describe the process for all to see, and the intellect may
be put back in its drawer until next required.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Turner
Sent: 30 May 2006 13:55
To: [log in to unmask]
Subject: Re: [data-protection] Anonymity when making FOI requests of your
own organisation
Purely personal opinion here - not my employer's official view but what I
think when people ask me who has made a request.
It's an instinctive reaction is to ask who has made a request, and I do not
see that as illegitimate. The FOI officer has a responsibility for ensuring
that all requests are responded to properly, and without discrimination
against the applicant. However, this isn't the same thing as keeping the
applicant's identity a secret. I have dealt with instances where the
applicant has requested anonymity, especially where third parties are
concerned. I always respect this, and I also routinely avoid disclosing the
applicant's identity to third parties when consulting them.
Nevertheless, to refuse to tell my colleagues or manager who has made a
request, particularly when they are more likely to deal with the
consequences of a disclosure than me, seems unnecessarily prim and lacking
in trust. Some colleagues like to know the background, and I cannot see any
reason why they shouldn't. In DP terms, I think it should be within the
applicant's reasonable expectations that their identity will be known to
staff within the organisation. I am happy to work for an organisation where
officers have knowingly disclosed information to their most awkward
correspondents - if the only way I could ensure consistency was to refuse to
tell my colleagues who applicants were, I would be worried.
Tim Turner
Data Protection / FOI Officer
Legal and Property Services
Wigan Council
-----Original Message-----
From: Lawrence Serewicz [mailto:[log in to unmask]]
Sent: 30 May 2006 12:24
To: [log in to unmask]
Subject: Re: [data-protection] Anonymity when making FOI requests of your
ownorganisation
While I accept that such a view about openness and transparency can be put
forward, I am not convinced that human nature supports it. If the government
were about openness and transparency, in its dealings with the public, would
we need to protect whistleblowers?
More to the point, the question is not whether the applicant must give an
identity, it is whether that identity should be shared widely within an
organisation. The two are related, but they are different.
When I first started to discuss FOI requests, I was surprised to find that
the first questions asked were "Why do they want to know that?" The next
question is then "Who is asking". Neither of these are material to
answering 99% of the FOI requests.
Is it fair processing that Mr. Smith's request for information about paper
purchases is known by senior managers? Does Mr. Smith's identity change
anything about the content of the response? We have strict limits about
sending someone's housing claims around an authority's internal e-mail, why
should someone's FOI request be handled differently? An applicant's
identity should be shared on a need to know basis otherwise is that fair
processing?
Lawrence
Lawrence W. Serewicz
Scrutiny Manager
Management Support Unit
Wear Valley District Council
01388-761-985
"Carter, Antoinette (MCS)" <[log in to unmask]>
Sent by: This list is for those interested in Data Protection issues
<[log in to unmask]>
30/05/2006 12:07
Please respond to
"Carter, Antoinette (MCS)" <[log in to unmask]>
To
[log in to unmask]
cc
Subject
Re: [data-protection] Anonymity when making FOI requests of your
ownorganisation
I take the view, and it is my personal view, that FOI is about openness and
transparency, and that if you expect that of the government department you
are dealing with, you should be equally open in your dealings with them.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Lawrence Serewicz
Sent: 30 May 2006 11:41
To: [log in to unmask]
Subject: Re: [data-protection] Anonymity when making FOI requests of your
ownorganisation
I was under the impression, although happy to be corrected, that the
applicant's identity was not something that should be shared unless
necessary. For example, pace the IC's Birmingham decision, identity may be
needed to determine whether a request is vexatious. If the request is for
potentially personal data, which would shift the request into data
protection.
I fear that requests will dry up if senior managers can know who is making a
request and on what topics. Knowing human nature, I would be seriously
surprised if senior managers want to know the identity for benign purposes.
Even if the person has not made the request anonymously, there is an
expectation that their request is what matters not who they are.
I recall reading a background article that pointed out that it would be good
practice to keep the applicant's identity as confidential as possible. (I
cannot find the article, but the case remains in my mind.) The article cited
a case in Japan where the government agency was taken to court by the
applicant because his application was being treated differently because
people knew he was making the request. The Japanese agency was told not to
refer to applications by the person's name and to keep knowledge of that
information to those that needed to know. Would we be processing mr.
smith's information fairly if we circulated the identity of his requests
throughout the organisation?
As I said earlier, I am quite willing to be educated on this issue.
Lawrence
Lawrence W. Serewicz
Scrutiny Manager
Management Support Unit
Wear Valley District Council
01388-761-985
"Carter, Antoinette (MCS)" <[log in to unmask]>
Sent by: This list is for those interested in Data Protection issues
<[log in to unmask]>
30/05/2006 11:03
Please respond to
"Carter, Antoinette (MCS)" <[log in to unmask]>
To
[log in to unmask]
cc
Subject
Re: [data-protection] Anonymity when making FOI requests of your own
organisation
The member of staff could have submitted their request anonymously but has
chosen not to. I therefore think that it is perfectly reasonable for you to
identify the requester to whoever you need to contact in order to answer the
request irrespective of any "awkwardness" it may cause. I'm sure managers
have worse to deal with...?
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Graeme Hawley
Sent: 30 May 2006 10:56
To: [log in to unmask]
Subject: [data-protection] Anonymity when making FOI requests of your own
organisation
Hi,
What is the score when an employee makes an FOI request of their own
organisation? I am the FOI officer at our organisation, and have received a
request for info from a member of staff. They have supplied their name and
email address. I am pretty sure that in gathering the information for this,
senior management will ask who this has come from.
There isn't usually a problem when it is external, and I can say something
like "a jounalist from the Telegraph", but it will be clear from the nature
of the question that this has come from inside. Despite being the FOI
officer, a request made for information isn't made personally to me, but
rather to the organisation. I am just the guy that handles them. However,
in order to satisfy the request, there is no need for anyone else to know
the identity of the applicant. On the other hand, the organisation itself
has received this request, so who am I to say who else in the organisation
should or shouldn't know? I feel that if the management knew the identity
of the applicant it may cause awkwardness for them (damage and distress).
Does anyone have any suggestions. In order to withhold the member of
staff's name I think I need some sort of refernece from the DPA. FOISA
doesn't say anything about this.
Cheers
Graeme
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
*******************************************************************
Visit the National Library of Scotland online at www.nls.uk
*******************************************************************
This communication is intended for the addressee(s) only. If you are not the
intended recipient, please notify the ICT Helpdesk on
+44 131 623 3789 or [log in to unmask] and delete this e-mail. The
statements and opinions expressed in this message are those of the author
and do not necessarily reflect those of the National Library of Scotland.
This message is subject to the Data Protection Act 1998 and Freedom of
Information (Scotland) Act 2002 and has been scanned by MessageLabs.
*******************************************************************
This message is for the use of the intended recipient(s) only.
If you have received this message in error, please notify the sender and
delete it.The British Council accepts no liability for loss or damage caused
by software viruses and you are advised to carry out a virus check on any
attachments contained in this message. Our purpose is to build mutually
beneficial relationships between people in the UK and other countries and to
increase appreciation of the UK's creative ideas and achievements. The
British Council is registered in England as a charity.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This message is for the use of the intended recipient(s) only.
If you have received this message in error, please notify the sender and
delete it.The British Council accepts no liability for loss or damage
caused by software viruses and you are advised to carry out a virus check
on any attachments contained in this message. Our purpose is to build
mutually beneficial relationships between people in the UK and other
countries and to increase appreciation of the UK's creative ideas and
achievements. The British Council is registered in England as a charity.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses using Sophos
anti-virus software.
www.mimesweeper.com
www.sophos.com
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|