OGN Submission: Consultation on Revised FOI Code of Practice
This response was submitted on 2nd February 2018 by the UK Open Government Network to the government’s consultation on the revised FOI Code of Practice (the set of guidelines for civil servants for dealing with FOI requests).
Some of the main points that we made included:
– The Code of Practice should be fully aligned with the Information Commissioner’s Office guidelines;
– Public authorities should publish comparable statistics about their implementation of the FOI Act, in open, standardised and readable formats;
– This information should be published in one publically-accessible online repository;
– Interpreting requests as vexatious should not lead to the refusal to answer legitimate requests that are complicated, sensitive, or uncomfortable.
Below you can read the full text as submitted by the UK Open Government Network.
The UK Open Government Civil Society Network (OGN) is a coalition of organisations and individuals committed to making government work better for people through transparency, participation, and accountability. 
The OGN was established in 2011 in response to the Government joining the Open Government Partnership (OGP) – an international initiative spanning over 70 countries, bringing civil society and government together to co-create ambitious action plans for governments to ‘race to the top’ in areas of transparency, civic participation, public integrity and the use of new technologies for openness and accountability.
The UK Open Government National Action Plan 2016-18 included a commitment to consult with civil society in order to update and expand the Freedom Of Information Code of Practice for public officials – originally published over a decade ago. A need to revise the Code of Practice has also been recognised and highlighted by the Independent Commission on Freedom of Information. 
We regard the Freedom of Information (FOI) Act as a fundamental pillar of the UK’s openness arrangements and recognise the importance of the Code of Practice in ensuring its smooth implementation across government.
As such, we welcome the implementation of this commitment to update the FOI Code of Practice, and outline below our comments and suggestions to the draft text published for consultation.
Question 1: Is the guidance in chapter 1 of the Code clear and helpful for public authorities to understand the right of access to information in the FOI Act and how to manage requests on this basis?
Are there any other areas where it would be helpful for this guidance to be more detailed or where it could be clearer?
It is hugely important for the Code of Practice to be clear and precise for public officials.
It should be noted that the Information Commissioner’s Office (ICO) has published detailed guidance for those working for public authorities with day-to-day responsibility for dealing with freedom of information requests.  The guidance includes frequently asked questions and uses practical examples to explain how to apply the FOI Act.
The Code of Practice should be fully aligned with the ICO guidance and most recent jurisprudence, in order to avoid confusion or misunderstandings about how to deal with freedom of information requests.
A fully aligned Code of Practice with ICO guidance will help to reduce doubt or uncertainty in how to deal with requests for public servants and it will encourage a more uniformed implementation of the FOI Act across public authorities. Clear guidance overall should result in a better experience for citizens too, as requests are responded to in a consistent manner across public authorities.
Below we provide specific comments, paragraph by paragraph:
The FOI Act and relevant jurisprudence outline there is a general presumption of openness. The guidance must ensure that this principle is not lost in the explanations around when to not communicate information to requesters. For example in paragraph 1.1, the phrase “or if the request can be refused under sections 12 or 14” could be understood by public officials to encourage them to find reasons to not publish information. This phrase should be changed to “or if sections 12 or 14 apply to the request”.
Paragraph 1.10 and 1.11
Paragraph 1.10 correctly describes the position under the Act, and is in line with the approach of the Commissioner and Tribunal.
Whilst paragraph 1.11 is in line with the Act, members of the OGN would find it useful to know why backup files are excluded.
The FOI Act requires requesters provide their names and not use pseudonyms, which is reflected in the Code of Practice. Here, the Code of Practice should be fully in line with the ICO’s guidance and not unduly narrow the implementation of the Act.
The Information Commissioner’s Office is clear that a public authority should accept names provided at face value if there is no obvious reason to believe that a pseudonym is being used. The ICO adds:
“Whilst this may mean that some pseudonymous requests will slip through the net, we would not want to see a situation where authorities routinely carry out checks on requesters’ identities. The Act provides a public right to information, not a right limited to certain individuals.” 
This paragraph, as with the Code of Practice as a whole, should encourage public authorities to ensure that information is communicated in open formats (such as .odt, .ods, .odp), wherever possible. This is particularly important when text or numerical data is released in image formats which make it difficult to reuse the data or information.
As with the explanation regarding paragraph 1.14, the Code of Practice should follow the ICO guidance on the matter of using a real name or pseudonym, in order to not unnecessarily restrict the right of access to information.
Where the public authority requires an extension, it should not only inform the requester of this, it should provide the applicant with a new deadline for when they should receive a response. This should not be done “ideally”, but rather, should be done as a matter of routine unless it is not possible to do so. Requesters should not be left with uncertainty as to when their requests will be dealt with.
The OGN recommends that each public authority as a matter of routine, rather than as best practice (as currently stated) have a procedure in place for dealing with complaints about the handling of requests from the public. This will help to ensure public authorities avoid mishandling requests in the first place, and reassure citizens that their complaints will be addressed and that they do not need to follow up immediately with a complaint to the ICO.
Paragraph 6.4 and 6.5
The Code of Practice should make clear the purpose of the ‘cost limit’ regarding FOI requests. This means making clear that the cost limit only applies to searching and drafting the response to requests, but not the redaction of information. The Code of Practice should be fully aligned with the advice produced by the ICO. 
It is also important to note that public authorities should not be encouraged to aggregate requests as a way to ensure that the cost limit is exceeded and therefore have requests refused for that reason. Aggregation of requests should be limited insofar as it helps to actually reduce the overall administrative burden of searching and responding to requests.
Question 2: Does the guidance about publication of FOI compliance statistics provide enough detail for public authorities to start publishing their own compliance statistics?
If further guidance on this would be helpful what should this cover?
It is helpful for public authorities to have guidance on how to publish their compliance statistics for the public. The types of information that should be included as part of these statistics should also include:
– The number of requests that had only some information granted (and some withheld)
– The number of times that each exemption to access was applied to requests (at the initial stage and after an internal review)
– The number of vexatious requests received and rejected
Public authorities should publish their statistics using comparable time periods. Comparable information will enable public authorities to identify the most effective authorities and therefore learn from their methods in order to also improve their implementation of the UK FOI Act – a ‘race to the top’. It will also help to ensure public authorities are held to account if they are not adequately dealing with requests.
This information should be published in one publically-accessible online repository (a ‘one-stop shop’) as well as, or in place of, publishing this information across departmental websites. Departmental websites should include links to a ‘one-stop-shop’ webpage so that users know where to get the full data.
As this kind of comparable data is brought together by organisations like the Institute for Government, it does not seem to be an impossible task for government to produce comparable data on a (minimum) quarterly basis.
Furthermore, regardless of where the information is located, it should be published and downloadable in an open and standardised format to enable comparability, further ensuring accountability in the implementation of the Act.
Question 3: Is the guidance about the publication of information about senior pay and benefits clear and helpful? Are there any areas of this guidance where further detail would be useful?
As with compliance statistics, efforts should be made to make sure this information is clear and accessible to the public.
Furthermore, the information should be published and downloadable in an open and standardised format wherever possible (across authorities if not in a ‘one-stop shop’). The data should be published in a way that is comparable wherever possible.
Question 4: Does the proposed guidance on vexatious and repeated requests provide the right level of detail about the circumstances in which public authorities might want to consider using section 14?
If further guidance on this would be useful what should this cover?
Vexatious requests can be a burden on public authorities, their time, and therefore, taxpayers’ money. However, it is important that refusing vexatious requests is not interpreted or encouraged in a way that leads to refusing to answer legitimate requests that are complicated, sensitive, or uncomfortable for the public authority to answer.
The establishment of whether a request is vexatious or not should not encourage public authorities to require all requesters to explain or give reasons for their request.
Again, the ICO provides useful information for public officials, on how to identify vexatious requests, and the Code of Practice should be fully in line with this guidance. 
Question 5: Is it helpful to merge the datasets Code of Practice with the main section 45 Code so that statutory guidance under section 45 can be found in one place?
Streamlined and readily-accessible guidance on datasets is a sensible approach to take. It makes sense to have one set of guidance for datasets that outlines the rules for this type of information for when the FOI Act applies and for when the PSI Regulations apply.
Question 6: If you agree the datasets Code should be merged is it helpful to split the datasets guide into a section on release of datasets and a section on guidance on re-use of datasets?
The OGN understands the benefits that a single set of guidance provides to public authorities when meeting obligations under the FOI Act and PSI Regulations. Having information in one location gives civil servants the confidence that they have the information they need to take decisions on how to deal with requests for datasets.
Guidance by the National Archives and the Information Commissioner’s Office should be considered as part of the guidance on dealing with datasets. Any guidance in the Code of Practice, or annexed to it, should be in full alignment with their comprehensive guidance on the FOI Act and PSI Regulations.
Question 7: Are there any other areas in Part I of the Act where it would be helpful to have additional guidance in the Code? If so, what do you think the additional guidance should cover and why?
The OGN recommends that the ICO be involved in the development of the Code of Practice, to ensure thorough and full alignment with established ICO guidelines and best practice.
 Independent Commission on Freedom of Information report https://www.gov.uk/government/publications/independent-commission-on-freedom-of-information-report
 p.11, Recognising a request made under the Freedom of Information Act (Section 8) https://ico.org.uk/media/for-organisations/documents/1164/recognising-a-request-made-under-the-foia.pdf
 Requests where the cost of compliance exceeds the appropriate limit https://ico.org.uk/media/for-organisations/documents/1199/costs_of_compliance_exceeds_appropriate_limit.pdf
 Dealing with vexatious requests (section 14) https://ico.org.uk/media/for-organisations/documents/1198/dealing-with-vexatious-requests.pdf