3. EXCLUSIONS
A number of bodies or functions are to be excluded from the
scope of the Act.[7] The
comments that follow deal only with some of the proposed exclusions,
but in general suggest that such matters should be subject to
the Act, protected where necessary by exemptions.
Law enforcement functions
The most significant exclusion applies to the law enforcement
functions of the police and bodies such as, but not limited to,
the DSS and Immigration Service.[8]
This is difficult to reconcile with the stated intention of ensuring
that decisions are based on the contents of the individual record,
rather than the class into which it falls.[9]
The exclusion is said to be necessary to:
"avoid prejudicing effective law enforcement [and] the
need to protect witnesses and informers".[10]
However, such concerns could be dealt with by appropriate
exemptions, as under the Data Protection Act. The Act allows individuals
to see data held about them on computer, by the police as well
as others, while exempting information whose disclosure would
prejudice "the prevention or detection of crime "
or "the apprehension or prosecution of offenders".
[11]The identity of informants
is also protected under the Act.[12]
If necessary, more specific exemptions could be provided, as has
been done under the US FOI Act.[13]
The police and other bodies referred to carry out essential
functions, but they are also capable of arbitrariness or prejudice.
We would hope that the benefits of increased accountability would
be recognised by the Government, particularly in light of the
Metropolitan Police Commissioner's recent acknowledgement that
a minority of officers are, in his words, "corrupt, dishonest,
unethical".[14]
It is not clear how the administrative and law enforcement
function of the police and other bodies are to be distinguished.
For example, would measures required to be taken to protect the
confidentiality of police information, investigate complaints,
ensure that officers are properly trained, prevent racism, protect
public safety at large events, deal with major traffic problems,
secure the safe and appropriate use of CS gas, or ensure the accuracy
of forensic laboratories, be regarded as administrative? If they
are, do they remain so when information about problems in these
areas is sought by an individual who believes he or she has suffered
as a result of a failure to meet the required standards? Does
any distinction depend on whether the request relates to the policy,
its monitoring, or its application in particular cases? Does it
matter whether the individual's dealings with the police was as
a complainant, victim, information, witness, suspect or convicted
criminal?
If any of these matters are (or at some point are) regarded
as involving law enforcement functions, how does the proposed
bar on access square with the individual's existing rights to
see what is held about him or her on computer (so long as disclosure
does not prejudice law enforcement)? It is difficult to see how
the proposed approach meets the White Paper's objective of introducing
"clear and consistent requirements which would apply across
government".[15]
In addition to the police, DSS and Immigration Service, the
law enforcement functions of some other bodies (though it is not
clear which) may also be excluded. We understand from the evidence
that Dr David Clark, the Chancellor of the Duchy of Lancaster,
gave to this Committee in December that this is not intended to
apply to bodies responsible for enforcing environmental or safety
legislation, a welcome reassurance. However, many other bodies
have investigatory and enforcement functions, including the Inland
Revenue, the Department of Trade and Industry, Customs and Excise,
local authority trading standards officers, planning authorities
and others. In the case of the government departments, this provision
could prevent access to information to which the public is presently
entitled under the open government Code of Practice.
The proposal to exclude the law enforcement functions of
the Immigration Service represents a reversal of recent trends.
When the Code of Practice was issued in 1994, all information
relating to immigration, nationality, consular and entry clearance
cases was excluded. However, the revised Code issued early in
1997 brought these matters within the Code's scope, subject to
a harm test.[16] The
White Paper's rejection of a harm test, in favour of an exclusion,
is a surprising reversal of the progress made under the former
Government.
Legal professional privilege
The White Paper proposes that the Government's legal advice
should also be excluded from the scope of the Act altogether.[17]
We think that legal advice should be accessible subject to an
exemption permitting withholding where disclosure could harm an
authority's position in existing or likely litigation.
The purpose of legal professional privilege is to ensure
that clients can seek legal advice in confidence, without fear
that their communications with their lawyer may become available
to an opposing party in litigation. The rationale is therefore
the same as that for civil servants' policy advice: to protect
the frankness of such communications. However, in relation to
policy advice the Government no longer insists that the protection
of candour requires the withholding of all internal discussion.
The Code of Practice applies a harm test to its disclosure, as
will the FOI Act. A similar approach should be adopted for legal
advice.
A harm-test exemption would generally protect legal opinions
(and other exchanges between an authority and its lawyers in the
course of obtaining such advice) where these related to current
or contemplated litigation or where future litigation was a realistic
prospect. But it would permit disclosure where there is no prospect
of litigation, for example where the matters have been concluded
and there is no possibility of related cases following. A simple
illustration is advice relating to possible proceedings under
legislation which has since been repealed.
In other cases, there may be little prospect of disclosure
causing harm. The legal advice obtained by an authority may merely
summarise existing case law on an issue of public policy; or explain
the implications of the use of a particular term in a government
bill, or set out the changes in government practice required as
a result of a new judgment, statute or European directive. Such
material may be helpful to the public, while holding no prospect
of undermining the Government's position in the courts. The problems
that may be caused by withholding it may be seen from the experience
of one open government requester, who was refused information
about the number of NHS prescriptions for certain high volume
drugs on the grounds that "Our legal advice is that the confidentiality
of information derived from patient information, including prescription
data, is not removed by aggregation and anonymisation . . . ."[18]
The refusal to disclose the legal advice itself helped the department
resolutely to maintain this illogical stance for several months,
before eventually conceding that it was wrong.
The American FOI Act exempts documents subject to attorney-client
privilege[19] but in
1993 the US Attorney General urged agencies to apply a harm test
to such information and withhold it only where the agency "reasonably
foresees that disclosure would be harmful to an interest protected
by that exemption".[20]
The Department of Justice has urged that this approach be applied
"even to information that falls within the traditional attorney-client
privilege".[21]
Canada's Information Commissioner has described the sweeping
protection for legally privileged documents under his country's
legislation as "unsatisfactory".
"Most legal opinions, however stale, general or uncontroversial,
are jealously kept secret. In the spirit of openness, the government's
vast storehouse of legal opinions on every conceivable subject
should be made available to interested members of the public.
Tax dollars paid for these opinions and, unless an injury
to the conduct of government affairs could reasonably be said
to result from disclosure, legal opinions should be disclosed."
[22]
Personnel files
The Act will not provide public sector employees with access
to their own employment records, partly because this is felt to
raise different issues from those involved in providing the public
with access to official information, and because to do so would
discriminate between public and private sector employees.[23]
We think all employees should be entitled to such access. The
new Data Protection Bill could have provided the vehicle for such
an across-the-board right, but because its provisions on access
to manual records are likely to be limited we understand this
will not occur. An alternative would be to use the FOI Act to
establish a new right of access to employment records spanning
both public and private sectors, as proposed in the 1993 Right
to Know Bill. Failing this, we think the FOI Act should permit
public sector employees to see their personnel files, even if
a similar right is not yet available in the private sector.
Such access would support measures to protect the political
neutrality of public officials and deter reprisals against whistleblowers,
by revealing whether objections to improper instructions or efforts
to raise matters of concern have led to unjustified comments on
their records. It would also demonstrate to public officials who
may be inclined to regard FOI as an imposition that they too enjoy
direct benefits under it.
Security and Intelligence services
Such bodies are covered by FOI laws in the USA, Canada and
New Zealand, subject to appropriate exemptions. The case for including
them in the UK is strengthened by their increasing involvement
in non-national security work, and the fact that they have taken
on functions previously carried out by parts of the ordinary civil
service. The Data Protection Registrar has already called for
MI5 to register under the Data Protection Act. At present, it
relies on the national security exemption contained in section
27 of that Act to avoid registering any of the data it holds,
implying that all its computerised information, without exception,
requires protection on national security grounds. The Registrar
has objected to this, commenting: "The extension of the
role of the Security Services into areas of traditional policing
should not carry with it an extension of the exemptions provided
by section 27". [24]
1