Tom Morrison catches up on key developments in data protection & freedom of information
Freedom of information and data protection interact in complex ways, most commonly in connection with requests for information under the Freedom of Information Act 2000 (FIA 2000) which could constitute personal data under the Data Protection Act 1998 (DPA 1998). Sometimes public authorities get the assessment wrong, in the eyes of the Information Commissioner’s Office (ICO), and purposely withhold information when it should have been disclosed or vice versa. In a case involving Islington Council, however, personal information relating to 2,375 residents was mistakenly disclosed in spreadsheets released under FIA 2000. That mistake cost the council a £70,000 fine. It had intended to release only the summarised information collated from the pivot tables behind the spreadsheets, not the source data.
By contrast the Home Office, Sussex Police and South Tyneside Council are now being intensively monitored by the ICO, following a series of complaints relating to the failure of the authorities to reply to information requests on time. A previous exercise, conducted in relation to Wirral Borough Council, has resulted in