Monetary penalty for marketing phonecalls: Tribunal upholds ‘lenient’ penalty

December 16th, 2014 by Robin Hopkins

A telephone call made for direct marketing purposes is against the law when it is made to the number of a telephone subscriber who has registered with the Telephone Preference Service (‘TPS’) as not wishing to receive such calls on that number, unless the subscriber has notified the caller that he does not, for the time being, object to such calls being made on that line by that caller: see regulation 21 of the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended (‘PECR’).

The appellant in Amber UPVC Fabrications v IC (EA/2014/0112) sells UPVC windows and the like. It relies heavily on telephone calls to market its products and services. It made nearly four million telephone calls in the period May 2011 to April 2013, of which approximately 80% to 90% were marketing calls.

Some people complained to the Information Commissioner about these calls. The Commissioner found that the appellant had committed serious PECR contraventions – he relied on 524 unsolicited calls made in contravention of PECR. The appellant admitted that it made 360 of the calls. The appellant was issued with a monetary penalty under section 55A of the Data Protection Act 1998, as incorporated into PECR.

The appellant was issued with a monetary penalty to the value of £50,000. It appealed to the Tribunal. Its appeal did not go very well.

The Tribunal found the appellant’s evidence to be “rather unsatisfactory in a number of different ways. They took refuge in broad assertions about the appellant’s approach to compliance with the regulations, without being able to demonstrate that they were genuinely familiar with the relevant facts. They were able to speak only in general terms about the changes to the appellant’s telephone systems that had been made from time to time, and appeared unfamiliar with the detail. They had no convincing explanations for the numerous occasions when the appellant had failed to respond to complaints and correspondence from TPS or from the Commissioner. The general picture which we got was of a company which did as little as possible as late as possible to comply with the regulations, and only took reluctant and belated action in response to clear threats of legal enforcement.”

The Tribunal set out in detail the flaws with the appellant’s evidence. It concluded that “the penalty was appropriate (or, indeed, lenient) in the circumstances, and the appellant has no legitimate complaint concerning its size”.

This decision is notable not only for its detailed critique (in terms of PECR compliance) of the appellant’s business practices and evidence on appeal, but also more widely for its contribution to the developing jurisprudence on monetary penalties and the application of the conditions under section 55A DPA. Thus far, the cases have been Scottish Borders (DPA appeal allowed, in a decision largely confined to the facts), Central London Community Healthcare NHS Trust (appeal dismissed at both First-Tier and Upper Tribunal levels) and Niebel (PECR appeal allowed and upheld on appeal).

The Amber case is most closely linked to Niebel, which concerned marketing text messages. The Amber decision includes commentary on and interpretation of the binding Upper Tribunal decision in Niebel on how the section 55A conditions for issuing a monetary penalty should be applied. For example:

PECR should be construed so as to give proper effective to the Directive which it implements – see the Tribunal’s discussion of the Marleasing principle.

The impact of the ‘contravention’ can be assessed cumulatively, i.e. as the aggregate effect of the contraventions asserted in the penalty notice. In Niebel, the asserted contravention was a specified number of text messages which had been complained about, but the Tribunal in Amber took the view that, in other cases, the ICO need not frame the relevant contravention solely by reference to complaints – it could extrapolate, where the evidence supported this, to form a wider conclusion on contraventions.

Section 55A requires an assessment of the “likely” consequences of the “kind” of contravention. “Likely” has traditionally been taken to mean “a significant and weighty chance”, but the Tribunal in Amber considered that, in this context, it might mean “more than fanciful”, ie, “a real, a substantial rather than merely speculative, possibility, a possibility that cannot sensibly be ignored”.

The “kind” of contravention includes the method of contravention, the general content and tenor of the communication, and the number or scale of the contravention.

“Substantial” (as in “substantial damage or substantial distress”) probably means “more than trivial, ie, real or of substance”. Damage or distress can be substantial on a cumulative basis, i.e. even if the individual incidents do not themselves cause substantial damage or substantial distress.

“Damage” is different to “distress” but is not confined to financial loss – for example, personal injury or property interference could suffice.

“Distress” means something more than irritation.

The significant and weighty chance of causing substantial distress to one person is sufficient for the threshold test to be satisfied.

Where the number of contraventions is large, there is a higher inherent chance of affecting somebody who, because of their particular unusual circumstances, is likely to suffer substantial damage or substantial distress due to the PECR breach.

The Amber decision is, to date, the most developed analysis at First-Tier Tribunal level, of the monetary penalty conditions. The decision will no doubt be cited and discussed in future cases.

11KBW’s James Cornwall appeared for the ICO in both Amber and Niebel.

Robin Hopkins @hopkinsrobin

Above and below the waterline: IPT finds that Prism and Tempora are lawful

December 5th, 2014 by Robin Hopkins

The now famous revelations by US whistleblower Edward Snowden focused on US government programmes under which vast amounts of data about individuals’ internet usage and communications were said to have been gathered. The allegations extended beyond the US: the UK government and security agencies, for example, were also said to be involved in such activity.

Unsurprisingly, concerns were raised about the privacy implications of such activity – in particular, whether it complied with individuals’ rights under the European Convention on Human Rights (privacy under Article 8; freedom of expression under Article 10).

The litigation before the Investigatory Powers Tribunal

Litigation was commenced in the UK by Privacy International, Liberty, Amnesty International and others. The cases were heard by a five-member panel of the Investigatory Powers Tribunal (presided over by Mr Justice Burton) in July of this year. The IPT gave judgment ([2014] UKIPTrib 13_77-H) today.

In a nutshell, it found that the particular information-gathering activities it considered – carried out in particular by GCHQ and the Security Service – are lawful.

Note the tense: they are lawful. The IPT has not determined whether or not they were lawful in the past. The key difference is this: an essential element of lawfulness is whether the applicable legal regime under which such activity is conducted is sufficiently accessible (i.e. is it available and understandable to people?). That turns in part on what the public is told about how the regime operates. During the course of this litigation, the public has been given (by means of the IPT’s open judgment) considerably more detail in this regard. This, says the IPT, certainly makes the regime lawful on a prospective basis. The IPT has not determined whether, prior to these supplementary explanations, the ‘in accordance with the law’ requirement was satisfied.

With its forward-looking, self-referential approach, this judgment is unusual. It is also unusual in that it proceeded to test the legality of the regimes largely by references to assumed rather than established facts about the Prism and Tempora activities. This is because not much about those activities has been publicly confirmed, due to the ‘neither confirm nor deny’ principle which is intrinsic to intelligence and security activity.

Prism

The first issue assessed by reference to assumed facts was called the “Prism” issue: this was about the collection/interception by US authorities of data about individuals’ internet communications and the assumed sharing of such data with UK authorities, who could then retain and use it. Would this arrangement be lawful under Article 8(2) ECHR? In particular, was it “in accordance with the law”, which in essence means did it have a basis in law and was it sufficiently accessible and foreseeable to the potentially affected individuals? (These are the so-called Weber requirements, from Weber and Saravia v Germany [2008] 46 EHRR SE5).

When it comes to intelligence, accessibility and foreseeability are difficult to achieve without giving the game away to a self-defeating extent. The IPT recognised that the Weber principles need tweaking in this context. The following ‘nearly-Weber’ principles were applied as the decisive tests for ‘in accordance with the law’ in this context:

“(i) there must not be an unfettered discretion for executive action. There must be controls on the arbitrariness of that action.

(ii) the nature of the rules must be clear and the ambit of them must be in the public domain so far as possible, an “adequate indication” given (Malone v UK [1985] 7 EHRR 14 at paragraph 67), so that the existence of interference with privacy may in general terms be foreseeable.”

Those tests will be met if:

“(i) Appropriate rules or arrangements exist and are publicly known and confirmed to exist, with their content sufficiently signposted, such as to give an adequate indication of it.

(ii) They are subject to proper oversight.”

On the Prism issue, the IPT found that those tests are met. The basis in law comes from the Security Service Act 1989, Intelligence Services Act 1994 and the Counter-Terrorism Act 2008. Additionally, the Data Protection Act 1998 DPA, the Official Secrets Act 1989 and the Human Rights Act 1998 restrain the use of data of the sort at issue here. Taken together, there are sufficient and specific statutory limits on the information that each of the Intelligence Services can obtain, and on the information that each can disclose.

In practical terms, there are adequate arrangements in place to safeguard against arbitrary of unfettered use of individuals’ data. These included the “arrangements below the waterline” (i.e. which are not publicly explained) which the Tribunal was asked to – and did – take into account.

Oversight of this regime comes through Parliament’s Intelligence and Security Committee and the Interception of Communications Commissioner.

Further, these arrangements are “sufficiently signposted by virtue of the statutory framework … and the statements of the ISC and the Commissioner… and as now, after the two closed hearings that we have held, publicly disclosed by the Respondents and recorded in this judgment”.

Thus, in part thanks to closed evidence of the “below the waterline” arrangements and open disclosure of more detail about those arrangements, the Prism programme (on the assumed facts before the IPT) is lawful, i.e. it is a justified intrusion into Article 8 ECHR rights.

The alleged Tempora interception operation

Unlike the Prism programme, the second matter scrutinised by the IPT – the alleged Tempora programme – involved the interception of communications by UK authorities. Here, in contrast to Prism (where the interception is done by someone else), the Regulation of Investigatory Powers Act 2000 is pivotal.

This works on a system of warrants for interception. The warrants are issued under section 8 of RIPA (supplemented by sections 15 and 16) by the Secretary of State, rather than by a member of the judiciary. The regime is governed by the Interception of Communications Code of Practice.

The issue for the IPT was: is this warrant system (specifically, the section 8(4) provision for ‘certified’ warrants) in accordance with the law, for ECHR purposes?

This has previously been considered by the IPT in the British Irish Rights Watch case in 2004. Its answer was that the regime was in accordance with the law. The IPT in the present cases re-examined the issue and took the same view. It rejected a number of criticisms of the certified warrant regime, including:

The absence of a tightly focused, ‘targeting’ approach at the initial stages of information-gathering is acceptable and inevitable.

There is no call “for search words to be included in an application for a warrant or in the warrant itself. It seems to us that this would unnecessarily undermine and limit the operation of the warrant and be in any event entirely unrealistic”.

There is also “no basis for objection by virtue of the absence for judicial pre-authorisation of a warrant. The United Kingdom system is for the approval by the highest level of government, namely by the Secretary of State”.

Further, “it is not necessary that the precise details of all the safeguards should be published, or contained in legislation, delegated or otherwise”.

The overall assessment was very similar as for Prism: in light of the statutory regime, the oversight mechanisms, the open and closed evidence of the arrangements (above and below the “waterline”) and additional disclosures by the Respondents, the regime for gathering, retaining and using intercepted data was in accordance with the law – both as to Article 8 and Article 10 ECHR.

Conclusion

This judgment is good news for the UK Government and the security bodies, who will no doubt welcome the IPT’s sympathetic approach to the practical exigencies of effective intelligence operations in the digital age. These paragraphs encapsulate the complaints and the IPT’s views:

“158. Technology in the surveillance field appears to be advancing at break-neck speed. This has given rise to submissions that the UK legislation has failed to keep abreast of the consequences of these advances, and is ill fitted to do so; and that in any event Parliament has failed to provide safeguards adequate to meet these developments. All this inevitably creates considerable tension between the competing interests, and the ‘Snowden revelations’ in particular have led to the impression voiced in some quarters that the law in some way permits the Intelligence Services carte blanche to do what they will. We are satisfied that this is not the case.

159. We can be satisfied that, as addressed and disclosed in this judgment, in this sensitive field of national security, in relation to the areas addressed in this case, the law gives individuals an adequate indication as to the circumstances in which and the conditions upon which the Intelligence Services are entitled to resort to interception, or to make use of intercept.”

11KBW’s Ben Hooper and Julian Milford appeared for the Respondents.

Robin Hopkins @hopkinsrobin

New President of the GRC

December 4th, 2014 by Christopher Knight

The Ministry of Justice has today announced the new President of the General Regulatory Chamber to be Judge Peter Lane. He will take up his post on 15 December, replacing Judge Nicholas Warren, who is retiring.

As President of the GRC, Judge Lane will doubtless hear a fair share of Information Rights appeals – as his predecessor did – and will have some familiarity with the regime from his time in the last four years or so sitting in the Upper Tribunal.

Panopticon wishes Judge Lane all the best in his new role (in which guise many Panopticonners will doubtless see more of him), and Judge Warren all the best in his retirement.

Christopher Knight

Information Rights: imminent developments

December 4th, 2014 by Robin Hopkins

Like any self-respecting Panopticon, this website keeps tabs on imminent developments in its fields of interest. Here are some of the major cases to look out for in the information rights field.

State surveillance and the Prism/Tempora programmes

The obtaining, use and retention of personal data by state agencies has come under intense scrutiny since Edward Snowden’s revelations about the Prism/Tempora programmes. Litigation brought in the UK by Privacy International and Liberty against GCHQ and others reaches a head tomorrow, when the Investigatory Powers Tribunal gives judgment in that case.

Google Spain – and beyond

The Google Spain ‘right to be forgotten’ judgment has been one of the major events of 2014, in information rights terms. How is the right to be forgotten supposed to be applied in practice? The authoritative Article 29 Working Party (the cross-EU panel established under Article 29 of the DP Directive) has now given definitive guidance on how regulators should deal with such matters: see its guidelines adopted on 26 November.

Additionally, in X & Y v Google France the French Court (the Paris Tribunal de Grande Instance) has saddled Google with liability (on pain of monetary penalties) for defamation, in that google.com continued to provide links to Facebook and other webpages containing defamatory material. See this comment from Wiggin LLP on this case.

Domestic privacy/data protection litigation against Google

The case of Vidal-Hall v Google Inc saw Mr Justice Tugendhat grant permission to serve a claim extra-territorially. In so doing, he made a number of potentially significant observations about data protection and the privacy impact of Google’s activities through Apple’s Safari browser. The Court of Appeal is considering the appeal against the Tugendhat judgment next week. The ICO has been granted permission to intervene.

Police information

This week, the Supreme Court has heard appeals in the Catt and T cases, which concern the application of Article 8 ECHR and the DPA to information retained by the Metropolitan Police about persons who were not said to have committed criminal offences.

Next week, the Court of Appeal hears the case of Commissioner of Police of the Metropolis & X v Z (Children) & the Secretary of State for the Home Department, which concerns whether DNA profiles obtained under Part II of PACE (police powers to gather evidence from crime scenes) may lawfully be disclosed for purposes other than criminal law enforcement.

Medical information and confidentiality

Permission has also been granted to appeal in W and Others v Secretary of State for Health and Another [2014] EWHC 1532 (Admin), which concerns the disclosure of by the NHS of information about unpaid NHS debts by non-UK residents to departments of the UK government. One of the issues is the extent (if any) to which patient confidentiality applies to such information.

Panopticon understands that the British Medical Association has been given permission to intervene, and that the case will be before the Master of the Rolls (among others). The case is due to be heard next spring.

MPs’ expenses and the meaning of ‘information’ for FOIA purposes

Another case due before the Court of the Appeal (including the Master of the Rolls) next spring is IPSA v Information Commissioner, which concerns a FOIA request by Ben Leapman (then of the Daily Telegraph) for copies of original receipts submitted by a number of named MPs in support of their expenses claims. Issues include the meaning of ‘information’ for the purposes of FOIA.

The EIRs – public authorities and charges

The Fish Legal litigation – concerning the meaning of a ‘public authority’ for EIR purposes – has returned from the CJEU and has been heard by the Upper Tribunal. Piggy-backing onto this case are other appeals concerning whether the Duchy of Cornwall and the Sovereign are public authorities for EIR purposes.

In the opposite direction of travel, the CJEU will next week consider the case of East Sussex CC v ICO & LGA, a referral from the Tribunal on the question of reasonable charges for the provision of information under the EIRs.

As ever, watch this space.

Panopticon is also pleased to highlight the heavy presence of 11KBW counsel in the majority of the cases referred to above.

Robin Hopkins @hopkinsrobin

Public access to local authority information: transparency with teeth

November 20th, 2014 by Robin Hopkins

The Freedom of Information Act and Environmental Information Regulations are the dominant statutory regimes for public transparency, but they are of course not the only ones. A good example is the regime under the Local Government Act 1972 (as amended), particularly sections 100A-K. Those provisions govern public access to local authority meetings, as well as the public availability of minutes, reports, background documents and so on for such meetings, subject to provisions for exempt information (Schedule 12A).

A recent judgment of the Admin Court (Cranston J) in a planning matter, Joicey v Northumberland County Council [2014] EWHC 3657 (Admin) illustrates the importance of compliance with that regime for public access to information.

The claimant challenged the local authority’s grant of planning permission for a wind turbine. One of his grounds was its failure to make available the noise assessment report which had been considered in the granting of permission, contrary to the provisions of the 1972 Act referred to above, and also in breach of the council’s Statement of Community Involvement.

The Council had argued that the report, being on its files, was duly available. Cranston J disagreed: “it was not open to inspection by members of the public since the files were in such a state that the duty officer on 1 November fetched what must have been a Brackenside file, but not one with the report. If the Council cannot organize its files in a way which means the duty officer is able to produce a particular report within a reasonably practicable time the report is not available” (paragraph 44). This is a compelling warning to public authorities to make sure relevant information is properly (rather than technically or hypothetically) available where required.

Here is an important passage from Cranston J’s judgment about the practical and democratic value of transparency (paragraph 47):

“… Right to know provisions relevant to the taking of a decision such as those in the 1972 Act and the Council’s Statement of Community Involvement require timely publication. Information must be published by the public authority in good time for members of the public to be able to digest it and make intelligent representations: cf. R v North and East Devon Health Authority Ex p. Coughlan [2001] Q.B. 213, [108]; R (on the application of Moseley) (in substitution of Stirling Deceased) v Haringey LBC [2014] UKSC 56, [25]. The very purpose of a legal obligation conferring a right to know is to put members of the public in a position where they can make sensible contributions to democratic decision-making. In practice whether the publication of the information is timely will turn on factors such as its character (easily digested/technical), the audience (sophisticated/ ordinary members of the public) and its bearing on the decision (tangential/ central)”.

Here, the dense and technical report had not been made available with sufficient time for it to be digested acted upon.

Cranston J was also clear that, had the information been made properly available, it could have made a real difference. Officers could have been prompted to rethink certain points, and decision-makers could well have been swayed: the decision was made by “a committee of politicians where the vote was not whipped. It is a very bold person who will hazard that in such circumstances a particular result is inevitable”.

Relief was therefore appropriate: “the claimant will be entitled to relief unless the decision-maker can demonstrate that the decision it took would inevitably have been the same had it complied with its statutory obligation to disclose information in a timely fashion” (paragraph 51).

The Council’s decision was therefore quashed on the transparency ground (among others). See paragraph 59:

“Here the claimant had standing to challenge a decision of his local Council. By denying him timely access to information to which he was entitled it limited his full participation in democratic decision-making. The fact that he might not be immediately affected by the proposal where he lives is not a sufficient reason to deny him the remedy he seeks. This was a serious breach by the Council of its statutory obligations. An additional factor bearing on the exercise of discretion in this case is the Council’s own behaviour in the back-dating of the website to when the WSP noise assessment was available to it. Although it did not have any consequences in the circumstances of this case, it had the potential to mislead members of the public about their right to know and to use the information disclosed. In all there is no reason to deny the claimant his remedy.”

The case is a powerful illustration of the practical value of transparency and public participation, and of how failure to comply with laws aimed at those ends can really bite.

Robin Hopkins @hopkinsrobin

Disclosure to GMC

November 19th, 2014 by jamesgoudie

The disclosure of material to the General Medical Council (“the GMC”) by other agencies, including the Police, has an important role to play in the exercise of the GMC’s public interest functions as they relate to a Doctor’s fitness to practice.  Section 35A of the Medical Act 1983 grants a specific power to the GMC to require the disclosure of information which appears relevant to the discharge of these functions.

The leading case in relation to the duties of the Police, when a request for disclosure is received from a regulatory body, such as the GMC, remains the decision of the Court of Appeal in Woolgar v Chief Constable of Sussex Police [2000] 1 WLR 25.

The issue in R (Nakash v Metropolitan Police Service (“MPS”) and GMC [2014] EWHC 3810 (Admin), in which Judgment was given by Cox J on 17 November 2014, was whether, as the Claimant Doctor contended, the Administrative Court should prohibit the disclosure by the MPS of material requested by the GMC, on the basis that it was unlawfully obtained by the police, in breach of the Claimant’s ECHR Article 8 rights; that it included material of a highly personal and confidential nature; and that the material had no relevance to the issue of the Claimant’s fitness to practise as a medical practitioner.

Cox J concluded that the decision by the MPS to disclose the material requested by the GMC was in error. They had failed to carry out the “careful balancing exercise of competing interests” required by Article 8.  Relevance of the material is obviously an important factor.  So too, however, is the personal and confidential nature of the material requested.

At paragraph 46, Cox J said:-

 “… Since the primary decision as to disclosure will be made in these cases by the police, it is important that before the decision to disclose is made, there is a rational assessment of the relevant competing interests and that consideration is given, in each case, to the extent of the interference, and whether the disclosure sought is in accordance with the law and is a proportionate response to a legitimate aim …”

The MPS’s decision having been found to have been flawed, Cox J proceeded to carry out the balancing exercise herself, and found that disclosure by the MPS to the GMC was justified, under Article 8(2), notwithstanding the circumstances in which the MPS had obtained the material and the interference with the Doctor’s Article 8(1) rights.

James Goudie QC

Video recordings

November 18th, 2014 by jamesgoudie

The classification requirements imposed by the Video Recording Acts are lawful, the Court of Appeal (Criminal Division) has ruled, on 14 November 2014, in R v Dryzmer and Play Media Distribution Ltd.  The prohibition on supplying video recordings which have not been classified by the British Board of Film Classification is not rendered unlawful either by ECHR Article 10, on freedom of expression, or by TFEU Articles 34-36 on non-interference with trade. The reason is the same in both cases.  Qualitative restrictions on grounds of public health and morals are justified.

This was an application of the ECJ decision in Case 244/06, Dynamic Medien Vertriebs GmbH v Avides Media AG.  In that case the ECJ observed as follows.  The protection of the rights of the child is recognised by various international instruments which the Member States have cooperated on or acceded to, such as the International Covenant on Civil and Political Rights, which was adopted by the General Assembly of the United Nations on 19 December 1966 and entered into force on 23 March 1976, and the Convention on the Rights of the Child, which was adopted by the General Assembly of the United Nations on 20 November 1989 and entered into force on 2 September 1990. Those international instruments are among those concerning the protection of human rights of which it takes account in applying the general principles of Community law.  Under Article 17 of the Convention on the Rights of the Child, the States Parties recognise the important function performed by the mass media and are required to ensure that the child has access to information and material from a diversity of national and international sources, especially those aimed at the promotion of his or her social, spiritual and moral well-being and physical and mental health. Article 17(e) provides that those States are to encourage the development of appropriate guidelines for the protection of the child from information and material injurious to his or her well-being. The protection of the child is also enshrined in instruments drawn up within the framework of the European Union, such as the Charter of Fundamental Rights, Article 24(1) of which provides that children have the right to such protection and care as is necessary for their well-being. Furthermore, the Member States’ right to take the measures necessary for reasons relating to the protection of young persons is recognised by a number of Community-law instruments. Although the protection of the child is a legitimate interest which, in principle, justifies a restriction on a fundamental freedom guaranteed by the EC Treaty, such as the free movement of goods, such restrictions may be justified only if they are suitable for securing the attainment of the objective pursued and do not go beyond what is necessary in order to attain it.  However, it is not indispensable that restrictive measures laid down by the authorities of a Member State to protect the rights of the child correspond to a conception shared by all Member States as regards the level of protection and the detailed rules relating to it.  As that conception may vary from one Member State to another on the basis of, inter alia, moral or cultural views, Member States must be recognised as having a definite margin of discretion.  Prohibiting the sale and transfer by mail order of image storage media which have not been examined and classified by the competent authority for the purpose of protecting young persons and which do not bear a label from that authority indicating the age from which they may be viewed constitutes a measure suitable for protecting children against information and materials injurious to their well-being.

 James Goudie QC

Kennedy goes to Strasbourg (maybe)

November 18th, 2014 by Anya Proops

Hot of the press – Readers of this blog will be aware of the wonderful saga involving Mr Kennedy and his tireless quest to gain access to information held by the Charity Commission. I have been told today that, having lost his appeal before the Supreme Court (see the relevant Panopticon post here), Mr Kennedy is now seeking to bring the case before the European Court of Human Rights. An application has been lodged and Mr Kennedy is now awaiting a decision on admissibility. All of which means that we may yet see the Strasbourg Court having its say on the vexed question of whether s. 32 FOIA, as currently framed, is compatible with the Art 10 right to receive information. For further updates, watch this space.

Anya Proops

Good Things Come to Those Who (Have Inherent) Weight

October 29th, 2014 by Christopher Knight

Philosophically, everything must have an inherent weight. Otherwise it would have no weight at all. But FOIA is not concerned with philosophy; it is much more concerned with who is in charge of the sheep dip, and indeed the levels of public funding for the sheep being dipped. (No points for spotting that reference, Bruce.) As a result, there are often debates in the FOIA case law about whether a particular qualified exemption contains an inherent weight, i.e. is the fact that the exemption is engaged at all sufficient to place some weight in the public interest balance against disclosure? The answer varies according to the particular exemption.

In Cabinet Office v Information Commissioner [2014] UKUT 461 (AAC), the Cabinet Office appealed against a decision of the FTT that the number of times the Reducing Regulation Committee has met should be disclosed. This apparently supremely uninteresting piece of information was withheld in reliance on section 35(1)(b) FOIA, which provides a qualified exemption for information relating to Ministerial communications. The Cabinet Office argued that the FTT had erred in not ascribing an inherent weight to section 35(1)(b), and also that it had misunderstood aspects of the evidence on prejudice presented to it.

The appeal in fact succeeded on the second ground, because Judge Turnbull took the view that the FTT had misunderstood an aspect of the evidence being given to it  – even though it had got it right in other places – and was not sufficiently sure that that would make no difference, so that the case was remitted. That aspect is very fact-specific and unlikely to be of much wider interest, except possibly to avid watchers of the Reducing Regulation Committee.

The Cabinet Office did not succeed on its first ground. Under the existing state of the jurisprudence, section 35(1)(c) (advice of Law Officers) has some inherent weight (HM Treasury v Information Commissioner [2009] EWHC 1811; [2010] QB 563) but that section 35(1)(a) (formulation of Government policy) does not (OGC v Information Commissioner [2008] EWHC 774 (Admin)). Section 42 (legal professional privilege) also has some inherent weight: DBERR v O’Brien [2009] EWHC 164 (QB). Judge Turnbull concluded at [47]-[70] that there was no inherent weight in the section 35(1)(b) exemption. He reasoned that there were a variety of policy justifications underpinning the various limbs of section 35, and they did not all overlap. The fact that the information has merely to “relate to” Ministerial communications means that the exemption could be engaged without bringing into play to any significant extent any of the public policy considerations underlying the exemption. It was not obvious how the information in issue would undermine the convention of collective Cabinet responsibility, or have an effect of the future behaviour of Ministers. The section 35(1)(c) exemption was narrower in that it was more likely that the information would engage the central policy justification for the exemption, but that where it did not there may be situations where even the exemption in s.35(1)(c) can be engaged without any necessary assumption of some inherent weight (see at [61]). Section 42 was different because it did not include the words “relate to” and any disclosure would undermine the single policy justification of protecting privileged access to legal advice.

Judge Turnbull’s analysis at [67] was to set out a test which is more nuanced and contextual than simply an assertion of inherent weight:

I think that some confusion and apparent contradiction has been introduced into the case law by formulating the question as being whether the exemption in a particular subsection of section 35(1) carries inherent weight. In my judgment it is preferable (i) to consider to what extent the public interest factors potentially underlying the relevant exemption are in play in the particular case and then (ii) to consider what weight attaches to those factors, on the particular facts.”

As a result, the FTT had not erred in law. (In fact, the Cabinet Office had not made the argument before the FTT that there should be an inherent weight in section 35(1)(b). That was evidently the correct position to have taken.) It is difficult to argue with the reasoning of Judge Turnbull, and the judgment is a helpful clarification of the law under sections 35(1)(a) and (b), although it perhaps makes the situation slightly less clear in relation to (c), given the reinterpretation of HM Treasury to allow for less/no inherent weight in more tangential cases. The only surprise is that Lord Steyn’s much cited adage from R (Daly) v Secretary of State for the Home Department [2001] 2 AC 532 at [28] that “in the law, context is everything” did not get another outing.

Robin Hopkins appeared for the ICO.

Christopher Knight

The Government wants to get your PECR up

October 26th, 2014 by Christopher Knight

You – yes, you! – are entitled to FREE compensation! Our records – what records? Magic records! – show that you were missold PPI and can now claim thousands of pounds!

If you haven’t ever had a text message or a phone call along these lines, then you are either managing to live as a hermit or you are extraordinarily lucky. Most of us face spam texts and nuisance cold-calls as a daily fact of life. They are a regular source of irritation and annoyance. They are also blatantly illegal, particularly if you have signed up to the Telephone Preference Service. See: regs 22-23 of the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) (“PECR”), implemented under EU Directive 2002/21/EC.

Unfortunately, the nature of such communications means that it will not be very often that they are a source of “substantial damage or substantial distress”. Yet, that is the test which must be met in order for the Information Commisisoner to impose a monetary penalty notice (“MPN”): section 55A(1) of the Data Protection Act 1998 (implemented as the enforcement regime for PECR as well in a fit of slightly lazy ‘joined-up’ thinking).

As readers of this blog will know, the Upper Tribunal’s interpretation of the MPN regime as applied to PECR in Information Commissioner v Niebel [2014] UKUT 255 (AAC) has had the effect that it will be almost impossible for the ICO to establish substantial damage or distress in spam text message cases (see Anya Proops’ detailed comment here). It is certainly the case that the door remains more ajar in relation to nuisance calls – which by their nature are much more likely to cause genuine distress to some individuals – and the ICO is dealing with a couple of MPN appeals to establish how ajar, but Niebel casts a baleful shadow.

But, to the east, a new dawn may be rising. If the ICO’s war against the orc-like forces of spam is reminscient of the Battle of Helms Deep (and I think we can all agree that it is), then the Secretary of State for Culture, Media and Sport, Sajid Javid, is Gandalf, appearing with the remains of the Rohirrim on the morning of fifth day to turn the tide. For the DCMS has just launched a consultation exercise on amending PECR with a view to altering the test from “substantial damage or distress” to causing “annoyance, inconvenience or anxiety”. On its face, that change will be much more easily met and give PECR some teeth, as well as better implementing the Directive, which did not require anything so high as the section 55A test. The consultation paper can be found here, and the period for responding closes on December 7th. So once you have had fun allocating characters to the players in this area (Is Ed Vaizey Peregrine Took? Is Christopher Graham, the ICO, Aragorn? Is our own Robin Hopkins, counsel for Mr ‘Spamalot’ Niebel, Grima Wormtongue?), do respond to the consultation.

Update

Few areas of the law have such informed and coherent bloggers as information and data protection law, and not surprisingly, the PECR consultation has been grist to the commentariat mill. But at least one leading blogger, Jon Baines, has made the point that the Government’s (and the ICO’s) preferred option from the consultation is actually to remove the threshold entirely. He is right (and however formidable I may be – thanks Jon – I should have made that point). That is what the consultation paper says under option 3 (removing any harm threshold at all). Although it is also fair to say that it is slightly surprising that that is the preferred option, as the rest of the consultation paper appears to be drafted around the utility of adopting the “annoyance, inconvenience or anxiety” threshold. Not only is that what the Government says on the consultation page of its website, but paragraphs 16-20 of the paper (under the heading ‘The Proposal’) talk expressing in terms of the ‘annoyance’ threshold (and cross-refer to that being the test used by Ofcom). At paragraphs 44-45 of the paper the ICO appears to have provided evidence on the different actions it could have taken under an ‘annoyance’ test. Nowhere until the options are presented is it suggested that the talk of “lowering the threshold” might mean removing the threshold altogether. Which might just be an oversight. Or it might indicate that consulting on a preferred no harm option is one of those kite-flying efforts Sir Stephen Sedley warned of in the LRB. Either way, the reader is left less than clear as to what DCMS or the ICO really want.

(Apologies for the lack of LOTR references in this update. To make up for it, do enjoy this video of Ian McKellen explaining to schoolkids why they should revise for their exams. You’re welcome.)

Christopher Knight