Public Services > Central Government

ICO chief defends FoI access

Neil Merrett Published 13 January 2015

Ensuring awareness of privacy risks is vital to promoting the benefits of public sector data sharing, says information commissioner


Information commissioner Christopher Graham has argued that Freedom of Information (foI) access must remain a vital part of the government's transparency initiatives alongside its commitments to open data and proactive publication.

Along with questioning the current pace of European data protection reforms, Graham, who leads UK data regulator the Information Commissioner's Office (ICO), this week raised concern over recent comments by Cabinet Office minister Frances Maude about potentially moving away from the practice of handling FoI requests.

"My aim if I'm honest with you is to make Freedom of Information redundant," he cited Maude as saying last month. "My view is that we should be proactively making public everything that is appropriate."

During an address delivered at Liverpool John Moore's University yesterday, the information commissioner queried Maude's stance by asking: "'everything that is appropriate': that's the worrying phrase. Who decides?"

He added, "Proactive publication is, of course, desirable - and it also saves money in the long run. After all, why should an individual have to go to the trouble of making a specific request for something that should be freely available to all anyway?"

"But to rely on proactive publication alone leaves the citizen a bit like the supermarket shopper who's told by the high handed store assistant: 'if you can't find it on the shelves, we ain't got none'. This wouldn't work for a customer focused supermarket and isn't good enough for modern government."

In a wide ranging speech that encompassed topics including the delayed roll out of NHS England's patient information sharing programme and the approach of successive governments to transparency, Graham backed a multi-tiered approach to data protection and innovation.

"The emphasis should be on promotion of good practice for data controllers and consumers - with proportionate, risk - based enforcement where things go wrong," the commissioner said.

Graham also noted that 2015 marked the 20th anniversary of the 1995 Data Protection Directive and the implementation of the 1998 Data Protection Act that led eventually to the establishment of his own role, suggesting updates to the directive are needed.

"Today, that 20 year old directive is scarcely fit for purpose as the technology and the uses of data have raced further ahead of anything the law makers envisaged. The institutions of the European Union are moving, but at a snail's pace, to reform the data protection regime with a new regulation which would apply uniformly across the single market," he said. "And data protection authorities like the ICO have to work beyond Europe's borders to deliver global responses to global threats."

Graham's comments have been delivered as a Ministry of Justice (MoJ) call for evidence from stakeholders and the public on the work of the ICO as part of a 'triennial review' to determine the organisation's future remit and structure closes this Friday (January 16).

Although uncertain about potential changes to the work of the ICO stemming from the review, the information commissioner said a key focus for the organisation going forward would be to raise awareness about potential privacy risks and the importance of sufficient protection measures.

Graham noted that difficulties often arose in trying to balance 'the right to privacy' and 'the right to know' - not least in the work of the public sector - where he said there were strong arguments for the potential benefits of data sharing between authorities, "but only if the privacy risks have been assessed".

"The plan for uploading patient information from GP surgeries to the Health and Social Care Information Centre (HSCIC) depends crucially on citizen confidence - which, following last year's botched communications exercise, is in short supply," the information commissioner said. "And yet knowing which treatments work and perhaps which GP surgeries are prescribing efficiently and effectively - and which aren't - seems to make eminent sense, particularly with a health service which is facing ever increasing demands, and levels of resourcing which aren't keeping up efforts to build awareness. "

Addressing the potential costs of the ten year-old FoI Act that was introduced back in January 2005, Graham claimed that further savings to the public purse would be possible if the ICO was capable of spending more on data protection advice and guidance to assist public authorities from making what he called "the same mistakes."

The information commissioner also said that he was pleased with progress on efforts to outline the transparency obligations of commercial organisations contracted to provide public services - citing work by the Institute for Government and the Confederation of British Industry (CBI).

Related articles:

HSCIC secure facility to open by March

MoJ review of public service FoI requests due soon

Government yet to commit to open contract standard

Government wants outsourcing openness with revised FoI code

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.