Why Evans gets the spiders

March 26th, 2015 by Robin Hopkins

I told you FOI was sexy.

The Supreme Court’s judgment in R (Evans) v Attorney General [2015] UKSC 21 has received vast amounts of media coverage – more in a single day than everything else about FOI has received in ten years, I reckon. No need to explain what the case was about – the upshot is that Rob Evans gets Prince Charles’ ‘black spider’ letters. Here’s why.

In other words, this post summarises why the judgment went Evans’ way 5:2 on the FOIA veto and 6:1 on the EIR veto. I leave aside the trenchant dissenting judgments (Lord Wilson on both FOIA and the EIRs; Lord Hughes on FOIA only), which merit a post in their own right.

FOIA and the ministerial veto

Three of the five JSCs who found that the Attorney General’s veto under FOIA was unlawful took the following view (that of Lord Neuberger).

The constitutional context and the restrictive view of section 53

“A statutory provision which entitles a member of the executive… to overrule a decision of the judiciary merely because he does not agree with it would not merely be unique in the laws of the United Kingdom. It would cut across two constitutional principles which are also fundamental components of the rule of law”, i.e. (i) that a court’s decisions are binding and cannot be ignored or set aside by anyone, and (ii) that the executive’s actions are reviewable by the court on citizens’ behalf. “Section 53, as interpreted by the Attorney General’s argument in this case, flouts the first principle and stands the second principle on its head” (paragraphs 51-52).

Therefore, if Parliament intends to permit the executive to override a judicial decision merely because it disagrees with that decision, it must ‘squarely confront what it is doing’ and make its intentions ‘crystal clear’. Section 53 FOIA is a long way from authorising such an override on the grounds of disagreement (paragraphs 56-58).

The upshot is that a minister cannot use section 53 to override a judicial decision simply on the grounds that, having considered the issue based on the same facts and arguments as the court or tribunal, he reaches a different view. In their context, and in light of the serious constitutional implications, the words “on reasonable grounds” in section 53 FOIA must be construed more restrictively: mere disagreement with the court/tribunal will not do.

The threshold is higher: a section 53 certificate will be lawful if there has been a material change in circumstances, or if facts or matters come to light at some point which (a) indicate that the judicial decision being overturned was seriously flawed, but (b) cannot give rise to an appeal against that decision. Such cases will be exceptional, but they are a real possibility, in Lord Neuberger’s judgment. Section 53 therefore retains some utility (see paragraphs 68, 77 and 78). Lord Kerr and Lord Reed agreed with Lord Neuberger’s restrictive view of section 53.

A less restrictive view of section 53

Lord Mance (with whom Lady Hale agreed) also found the Attorney General’s veto in this case to have been unlawful. He agreed that mere disagreement with the decision being overturned will not do. Lord Mance’s interpretation of section 53, however, is markedly less restrictive than that of Lord Neuberger: the accountable person is entitled under section 53 to reach a different view on the balancing of competing interests, even in the absence of the sorts of new considerations Lord Neuberger envisages, provided he gives properly explained and solid reasons against the background and law established by the judicial decision (see paragraphs 130-131).

There is thus more scope for a lawful veto on Lord Mance’s view – but his was not the majority view. Lord Neuberger’s more restrictive view commanded wider support. This makes a big difference to the future use of section 53.

What about First-Tier and ICO decisions?

Here are some further important implications addressed by Lord Neuberger.

This veto was against a decision of the Upper Tribunal, which is a court of record. Do the same stringent restrictions apply to an attempt to veto a decision of the First-Tier Tribunal? Answer: yes.

What about the ICO’s decisions? Is the threshold for a lawful veto equally high, or is it lower? Answer: it is lower, as the ICO’s evaluation can seldom be as exhaustive as that of a Tribunal. Nonetheless, the option to appeal to the Tribunal will be a relevant consideration: to use the section 53 power to achieve what you could also achieve by the more constitutionally appropriate route of an appeal may be an abuse of that power.

Those distinctions are important. Some section 53 certificates have been issued against First-Tier Tribunal decisions – the NHS risk register veto, for example. Others have been against ICO decisions – the High Speed 2 veto, for example. The Iraq war cabinet minutes have been the subject of two section 53 certificates – one against a Tribunal decision, the other against an ICO decision.

The EIRs and the ministerial veto

By comparison, the answer under the EIRs was relatively straightforward: Article 6 of Directive 2003/4/EC requires that refusals to disclose environmental information can be challenged before court whose decisions will be final. The ministerial veto provision does not square with that requirement. Environmental information cannot be the subject of the ministerial veto. These were the arguments advanced by Mr Evans, and by Tim Pitt-Payne on the ICO’s behalf. They were accepted by six of the seven JSCs.

So, a triumphant day for Rob Evans and The Guardian – and indeed for FOIA, the EIRs, transparency and the rule of law.

The outlook for the future use of section 53 is challenging, though there is nuance aplenty, even aside from the dissenting judgments.

Robin Hopkins @hopkinsrobin

Google Spain, freedom of expression and security: the Dutch fight back

March 13th, 2015 by Robin Hopkins

The Dutch fighting back against the Spanish, battling to cast off the control exerted by Spanish decisions over Dutch ideologies and value judgments. I refer of course to the Eighty Years’ War (1568-1648), which in my view is a sadly neglected topic on Panopticon.

The reference could also be applied, without too much of a stretch, to data protection and privacy rights in 2015.

The relevant Spanish decision in this instance is of course Google Spain, which entrenched what has come to be called the ‘right to be forgotten’. The CJEU’s judgment on the facts of that case saw privacy rights trump most other interests. The judgment has come in for criticism from advocates of free expression.

The fight-back by free expression (and Google) has found the Netherlands to be its most fruitful battleground. In 2014, a convicted criminal’s legal battle to have certain links about his past ‘forgotten’ (in the Google Spain sense) failed.

This week, a similar challenge was also dismissed. This time, a KPMG partner sought the removal of links to stories about him allegedly having to live in a container on his own estate (because a disgruntled builder, unhappy over allegedly unpaid fees, changed the locks on the house!).

In a judgment concerned with preliminary relief, the Court of Amsterdam rejected his application, finding in Google’s favour. There is an excellent summary on the Dutch website Media Report here.

The Court found that the news stories to which the complaint about Google links related remained relevant in light of public debates on this story.

Importantly, the Court said of Google Spain that the right to be forgotten “is not meant to remove articles which may be unpleasant, but not unlawful, from the eyes of the public via the detour of a request for removal to the operator of a search machine.”

The Court gave very substantial weight to the importance of freedom of expression, something which Google Spain’s critics say was seriously underestimated in the latter judgment. If this judgment is anything to go by, there is plenty of scope for lawyers and parties to help Courts properly to balance privacy and free expression.

Privacy rights wrestle not only against freedom of expression, but also against national security and policing concerns.

In The Hague, privacy has recently grabbed the upper hand over security concerns. The District Court of The Hague has this week found that Dutch law on the retention of telecommunications data should be down due to its incompatibility with privacy and data protection rights. This is the latest in a line of cases challenging such data retention laws, the most notable of which was the ECJ’s judgment in Digital Rights Ireland, on which see my post here. For a report on this week’s Dutch judgment, see this article by Maarten van Tartwijk in The Wall Street Journal.

As that article suggests, the case illustrates the ongoing tension between security and privacy. In the UK, security initially held sway as regards the retention of telecoms data: see the DRIP Regulations 2014 (and Panopticon passim). That side of the argument has gathered some momentum of late, in light of (for example) the Paris massacres and revelations about ‘Jihadi John’.

Just this week, however, the adequacy of UK law on security agencies has been called into question: see the Intelligence and Security Committee’s report entitled “Privacy and Security: a modern and transparent legal framework”. There are also ongoing challenges in the Investigatory Powers Tribunal – for example this one concerning Abdul Hakim Belhaj.

So, vital ideological debates continue to rage. Perhaps we really should be writing more about 17th century history on this blog.

Robin Hopkins @hopkinsrobin

Quite like a whale

February 24th, 2015 by Peter Lockley

As my colleague Robin Hopkins has warned, the decision of the Upper Tribunal in Fish Legal looks like a pretty big beast: sixty pages on whether water companies are public authorities for the purposes of the Environmental Information Regulations, applying the CJEU’s lengthy ruling on the points of principle (for which, see this post by Chris Knight).

(If you just need the quick answer: yes they are, by virtue of having ‘special powers’, but not by virtue of being under the control of a public body. For the detail, read on.)

In fact, while it could never be classed as a minnow, on closer inspection Fish Legal is not the monster it first seems (see Part 1 of the judgment here and Part 2 here). Fifteen of those sixty pages are appendices. More importantly, the decision poses, but declines to answer, some wider questions. Although Mr Justice Charles was sympathetic to the Information Commissioner’s request for guidance on how to identify a public authority, he stopped short of laying down ‘broad general principles’ on the question (paras.95-97). He gave shorter shrift to the water companies’ request that he list all of their powers which fell within the definition of ‘special powers’– a request made, apparently, with a view to lobbying Parliament to rid the companies of those powers, and so save them from the burden of EIR (para.98).

And one would hardly have expected him to address the question with the widest ramifications: if water companies are public authorities by virtue of their “special powers”, what of the various other privatised industries? It is, of course, a very fact specific analysis. Anxious electricity chiefs, rail bosses, and telecoms honchos will just have to read the judgment and consider how the ‘special powers’ and ‘control’ tests would apply to their own particular circumstances (see para. 110).

 

Background

The UT had two issues before it: (i) whether the Information Commissioner had jurisdiction to decide whether a body was a public authority for the purposes of the EIR or FOIA (as he had purported to do), and therefore whether the UT itself had jurisdiction to hear the case, and (ii) whether privatised water companies in England and Wales are public authorities for the purposes of EIR, applying the principles set down by the CJEU following a referral from the UT (blog post here).

By the time of this, the second outing before the UT, the cast list had expanded significantly, bringing in several 11KBW counsel to join Anya Proops, who acted for the Information Commissioner before the CJEU. The Secretary of State was joined as a party and was represented by Julian Milford. The parties in two related cases, Cross v IC and the Cabinet Office and Bruton v IC and Duchy of Cornwall, were also invited to make submissions on the nature of the tests. Karen Steyn QC and Joseph Barrett appeared for Mr Bruton; Amy Rogers appeared for the Duchy. (Those cases will now go forward to be decided applying the Fish Legal principles.)

 

The jurisdiction issue

The Secretary of State argued that under s.57 FOIA, the First-Tier Tribunal only has jurisdiction over a decision notice issued by the Commissioner under s.50(3)(b) FOIA, and that the Commissioner had no jurisdiction to serve a decision notice on the issue of whether a body is a public authority. Section 50 is based on the premise that a request has been made to a public authority; these elements are anterior to the Commissioner’s jurisdiction and he has no authority to decide them within the framework of FOIA.

The UT rejected these arguments. It took the view that jurisdictional provisions are routinely based on certain assumed conditions, but this does not deprive the body in question of the jurisdiction to decide whether those conditions have been met. So the UT’s jurisdiction to hear an appeal on any point of law arising from a decision made by the FTT assumes that a decision has been properly made by a properly-constituted tribunal, but it does not mean that the UT cannot rule on whether those conditions are met in a given appeal (para 31).

The UT applied this reasoning to both a positive decision by the Commissioner that a body is a public authority, and a negative decision that it is not, even though the latter is not a decision notice under s.50(3) FOIA. To hold otherwise would mean that while a body could appeal against a positive decision, a requester would face the more expensive route of judicial review of a negative decision (para.37). Furthermore, the Commissioner would have no power under the similarly structured s.51 FOIA to require the information he needed to reach an informed decision that a body was not a public authority (para. 41).

After scrutinising the decision of the House of Lords in BBC v Sugar [2009] 1 WLR 430, the UT decided that there was nothing in the case that disturbed its conclusions on the point (paras.43-54).

The Commissioner therefore has jurisdiction to decide the issue, the FTT to hear appeals against his decisions and the UT to hear appeals against the decisions of the FTT.

The public authority issue

Two of the limbs of the definition of ‘public authority’ under the EIR were in issue. A finding that the companies fell within either would suffice to make them public authorities. (A little care is needed with the numbers of the provisions in question: Article 2(2)(b) of the Environmental Information Directive is transposed as Reg. 2(2)(c) of the EIR, and Article 2(2)(c) of the Directive as Reg. 2(2)(d) of the EIR.)

 

Persons performing public administrative functions – the ‘special powers’ test

The CJEU expanded on Art. 2(2)(b) of the Directive by explaining that persons ‘performing public administrative functions’ are

52 […] entities, be they legal persons governed by public law or by private law, which are entrusted, under the legal regime which is applicable to them, with the performance of services of public interest, inter alia in the environmental field, and which are, for this purpose, vested with special powers beyond those which result from the normal rules applicable in relations between persons governed by private law.

Only the parts underlined were in dispute in the case of the water companies, which clearly meet the rest of the test.

The UT declined to draw any conclusion from the fact that the CJEU had not seen fit to apply the principles to the facts of this case (paras. 99-100). It also rejected a suggestion that it should ask itself whether the companies’ powers were in the nature of State powers (as the Advocate General had suggested). That was because the definition of ‘State powers’ was unclear and ever-changing, and also because the CJEU had not adopted that test. In the end, however, the UT did adopt the State powers test ‘as a check’ – leaving the status of the test somewhat unclear (paras.113-117).

The main analysis focussed on the following powers of water companies:

Compulsory Purchase (under s.155 of the Water Industry Act 1991, “WIA”): this looks like a quintessential government power unavailable to ordinary citizens, but in fact the water companies enjoy the power at one remove: before exercising it they require authorisation by the Secretary of State, which they can apply for via a process set out in Schedule 11 to the WIA. Nonetheless, the provisions conferred a real, practical advantage on the water companies. Firstly, the application process afforded them privileged access to those advising the Secretary of State on whether to authorise a compulsory purchase. Secondly, it conferred significant commercial leverage on the companies in any negotiation to purchase land, even if they rarely resorted to it in practice (para 107).

Power to make byelaws (s.157 WIA): such byelaws  require confirmation from the Secretary of State, but as with compulsory purchase, the power still confers an advantage on the companies. The section confers power beyond that of any private landowner, since byelaws under s.157 can be backed by criminal sanctions, unlike a landowner’s licence. ‘Special powers’ extends to ‘special powers of enforcement’ (para. 110).

Power to lay pipes (s.159 WIA): this power was the subject of a detailed comparison with the powers ordinarily available under private law. The companies argued that the same powers could be acquired through a license or easement. While accepting that this was potentially so, the UT emphasised that private law typically requires consent of the parties to achieve such a result (through the law of contract or property). By contrast, the WIA gives the water companies effective power to compel this result (para.121).

Power to enter land (s.168 WIA): although there are powers within private law allowing entry to another’s land (eg self-help to abate a nuisance at common law), they are narrowly circumscribed (eg they require possession of neighbouring land). The water companies’ powers are both wider and deeper: they apply against any landowner in the company’s area of license, and they extend to surveying and even boring on the land (para.125).

Hosepipe bans (ss.76-76C WIA): these powers are unlike anything available at private law, and moreover are backed by criminal sanctions.

Since it was content that the companies enjoyed a cluster of special powers, the UT formally left open the question of whether one would have been enough (see para. 105). However its comment in conclusion that the powers mentioned were ‘sufficient, collectively in themselves and as examples of powers of the same type’ to meet the test (para. 130) suggests that some pattern of powers will probably be necessary before a body is considered a public authority.

 

Persons under the control of public authorities

The CJEU’s elaboration of Article 2(2)(c) set out the test for ‘control’ in the following terms:

68 […] this third, residual, category of public authorities covers any entity which does not determine in a genuinely autonomous manner the way in which it performs the functions in the environmental field which are vested in it, since a public authority covered by Article 2(2)(a) or (b) of the directive is in a position to exert decisive influence on the entity’s action in that field.

The test applies to the manner in which functions are performed, not the functions themselves: a body is not under control of the Government merely because its powers derive from statute (para. 133). There are two elements to the test: the body must (i) operate in fact in a non-autonomous manner, and (ii) do so because a public authority is in a position to control it (para. 134). In other words, although the public authority need not actually be exercising its powers of control, the existence of the powers must have a real constraining effect on the body in question (para.135). Furthermore, the test required the UT to look at the companies’ overall manner of performing their environmental services: it would not be enough to find control in ‘one or two marginal aspects of their business’ (para. 136).

As for prior authorities, Smartsource was simply no longer relevant: the task of the UT was to consider the issue afresh in the light of the CJEU’s ruling (para.137).

The UT was at pains to point out that ‘no legitimate business has complete freedom of action’: all operate in a framework of legal and commercial constraints. Something more is needed before one can say that they have lost their autonomy (paras 142-144).

The two counsel for the requesting parties sought to supply that ‘something more’ by advancing ‘macro’ and ‘micro’ examples of actual state intervention in the water industry: recommendations by the Secretary of State made on reviewing a Draft Water Resources Management Plan, and an enforcement notice issued by OFWAT in respect of the risk of sewer flooding in the Penketh area. These were dismissed as no more than ‘increased intensity of oversight at particular times and in respect of particular activities’ (para.148).

A list of potential interventions was also provided – an analysis of the Secretary of State’s powers under the WIA. Although these clearly put the Secretary of State ‘in a position to exert decisive influence’ over the water companies’ actions, they too were rejected as not demonstrating control. The UT’s first two reasons are a little puzzling. The first was that the powers are (to some extent) a substitute for the forces of competition, since water companies enjoy local monopolies (para. 151). This rather begs the question: the grant of a monopoly confers great power on a private entity, which needs to be limited in the public interest. Just because state control is a substitute for market forces, this does not stop it from being a form of control. The second reason was that ‘the risk of enforcement is at most only a marginal consideration for a reputable company’ (para.152). Really? Why then did OFWAT need to issue that enforcement notice for the Penketh sewers?

However, the UT went on to find that whatever the potential for intervention, the more basic aspect of the control test was not satisfied. Merely listing all the possible interventions distorted the picture of how the companies operate in fact, and only addressed the second element of the test. The UT’s overall conclusion on the control test was that ‘despite the extent to which there is scope to influence the companies’ decision-making on the way it delivers its services, the evidence does not show that that influence is actually exerted to such an extent that overall the companies lack genuine autonomy (para.153).

You might not have predicted this result if you had read the CJEU’s heavy hint on the question of control – see [71] of its judgment

The weight that the UT afforded to the companies’ status as ordinary private companies is one of the surprises of the judgment. And it will be one of the few points of comfort for other privatised utilities. Not many can be as heavily regulated as the water industry; perhaps they too can avoid at least this limb of the definition.

 

POSTSCRIPT: if you’ve come here from Robin’s post, you may be wondering what Lewis Carroll has to do with all this. Loyal reader (which you must be if you’ve got this far), your guess is as good as mine. Why is the section on the State powers test (paras. 113-117) headed ‘Hunting of the Snark’? Answers on an e-postcard please.

 

 Peter Lockley

 

 

 

Leviathan

February 23rd, 2015 by Robin Hopkins

Hot off the press: the Upper Tribunal has given its judgment in Fish Legal.

Applying the principles from the CJEU’s judgment of December 2013, it has held that the respondent water companies are public authorities for the purposes of the Environmental Information Regulations 2004, by virtue of their “special powers”.

The issues and facts are complex, and the judgment is lengthy. It also makes reference to Lewis Carroll, who now somehow appears in two consecutive Panopticon posts.

The judgment is contained in these two documents: FISH LEGAL UT DECISON PART 1 and FISH LEGAL UT DECISON PART 2.

Analysis  of the judgment will follow on Panopticon shortly (thus the barrister dreamed, while the bellowing seemed to grow every moment more clear).

Robin Hopkins

Keynote speaker announced for 11KBW Information Law Conference 2015

February 9th, 2015 by Panopticon Blog

We are delighted to be joined by Maurice Frankel, Director of the Campaign for Freedom of Information, who will giving the keynote address at this year’s conference on “FOIA: is this what we expected – and is it good enough for the future?”

The 11KBW Information Law Conference is being held on 19th March 2015. As well as providing an over-view of the key developments in the field of information law, the conference will cover a range of topical issues including: whether the law governing State surveillance is fit for purpose, the relationship between data protection and the media and whether, at 10 years old, FOIA should be seen a boon to or a burden on society.

Date: 19th March 2015
Venue: Royal College of Surgeons, 35 – 43 Lincoln Inn Fields, London WC2A 3PE
Cost: £99 + VAT (20%) = £118.80 to attend half day plus lunch £150 + VAT (20%) = £180.00 to attend full day. We are offering a EARLY BIRD DISCOUNT – 10% off if you book before 27th February 2015 on both half and full day places.

For more information on the conference agenda and details on how to book please click here

Local Offers

February 6th, 2015 by jamesgoudie

Section 30 in Part 3 of the Children and Families Act 2014 defines and prescribes the content of a “Local Offer”.  A local authority in England must publish information about the education and training, social care and health provision, for children and young people who have special educational needs or a disability, that it expects to be available in its area (or in some circumstances outside), whether or not it will be making that provision itself.  Schedule 2 to the Special Educational Needs and Disability Regulations 2014, SI 2014/1530, specify what information must be included in the Local Offer.  Mostyn J has considered these provisions in R (L & P) v Warwickshire County Council (2015) EWHC 203 (Admin).  He observed, at para 48, that Schedule 2 provides for a “very extensive range of information” to be published in the Local Offer, and referred to the “vast number” of people and bodies each local authority must consult before publishing its Local Offer and to the “huge range of information that must be referenced”.

Having referred to the statutory guidance, Mostyn J stated:

“51.       Although the prescriptions are extremely extensive it is important to understand that the requirement is no more than to publish information about what services are expected to be available.  Section 30 of the 2014 Act incorporates a publication obligation, no more, no less.”

At para 54, he said:

“…it must be very clearly understood what the purpose of the consultation is. It is about what appears in the Local Offer, which is a compendium of information. I remind myself of the words of section 30. The local authority has a duty to publish information about certain provision it expects to be available.”

At para 57, Mostyn J reiterated that the statutory consultation is about what the Local Offer should say about services to be provided, not about what services should be provided.  He dismissed the challenge to the fairness of the consultation.  He emphasized (para 59) that the Local Offer by its nature will always be subject to continuous updating; and, at para 77, approved the following submissions on behalf of the County Council:

(i) The development and publication of the Local Offer is, as the legislative framework envisages and the implementation guidance makes clear, intended to be an iterative process, subject to consultation and to be done in accordance with the new spirit of “co-production”. To update the website with further information on the Local Offer and to continue to do so as the Offer is refined and further developed is entirely lawful.

(ii) It is obviously not arguably unlawful for information to be published on the Council’s website by way of a link through to a partner’s website, for example with respect to the information on healthcare provision and SEN provision in schools.

James Goudie QC

New Court of Appeal Judgment on handling of DNA materials by the police

February 6th, 2015 by Rupert Paines

The question of what uses can properly be made of DNA data held by the police is an acutely sensitive one. In X and Commissioner of the Police of the Metropolis and anor v Z (Children) and anor[2015] EWCA Civ 34, the Court of Appeal has held that, where such data is obtained by police in exercise of their search and seizure powers under Part II of PACE 1984, it may be retained and used only for the purposes of criminal law enforcement function. Thus, such data cannot be used, for example, in order to resolve issues of paternity in care proceedings before the family court.

The background to the appeal was that X had murdered his partner Y. In the context of care proceedings involving Y’s children, an issue had arisen as to whether X was in fact the biological father of the children. X, despite asserting that he was the children’s biological father, had refused to undergo DNA testing. In response to this refusal, the children’s guardian applied to the court for disclosure of certain DNA profiles held by the Metropolitan Police Service, particularly on the basis that those profiles could then be used to resolve the paternity issue. X objected to the disclosure. Importantly, the DNA profiles in issue had been derived from blood swabs taken by the police from the scene of the murder by the MPS under Part II PACE. It was common ground that the court could not order disclosure of those DNA profiles held by the police in exercise of their powers under Part V PACE (samples taken directly from persons). This was because there is a statutory prohibition contained in Part V of PACE which expressly prohibited the use of such materials other than for the purposes of criminal law enforcement. Munby P, who decided the case at first instance, concluded that the court had a discretion to order disclosure of the Part II DNA profiles and that the disclosure was justified, particularly in view of the Article 8 rights of the children. The MPS appealed, alongside the putative father. The Secretary of State appeared as intervenor.

The Court of Appeal allowed the appeal. It did so on the basis that the President’s approach could not be reconciled with the statutory scheme embodied in PACE, particularly when that scheme was read in a purposive manner and having regard to the Article 8 rights of those individuals whose DNA profiles were held by the police. In reaching this conclusion, the Court relied heavily on the judgment of the European Court of Human Rights in Marper, which itself highlighted the need for substantial controls around the handling of DNA data by the police.

Anya Proops and Sean Aughey acted for the MPS.

Rupert Paines

Information Law Conference 2015

January 23rd, 2015 by Panopticon Blog

Join us at 11KBW’s Annual Information Law Conference on 19th March 2015.  As well as providing an over-view of the key developments in the field of information law, the conference will cover a range of topical issues including: whether the law governing State surveillance is fit for purpose, the relationship between data protection and the media and whether, at 10 years old, FOIA should be seen a boon to or a burden on society. Keynote speaker to be confirmed.

Click here to download the Information Conference Programme.

Venue and Booking information

Venue The Royal College of Surgeons of England, 35 – 43 Lincoln Inn Fields, London WC2A 3PE

Cost £99 + VAT (20%) = £118.80 to attend half day plus lunch; £150 + VAT (20%) = £180.00 to attend full day

EARLY BIRD DISCOUNT – 10% off if you book before 27th February 2015 on both half and full day places.

To Book To book your place on this conference please email RSVP@11kbw.com stating if you would to attend full or half day, the delegate name, firm, email address and any purchase order details you may require. You will be then sent a confirmation email of your place and invoiced. We do not have the facilities to accept payments by credit or debit cards.

CPD accredited with SRA and BSB: 4.5 hours

Data protection: three developments to watch

January 15th, 2015 by Robin Hopkins

Panopticon likes data protection, and it likes to keep its eye on things. Here are three key developments in the evolution of data protection law which, in Panopticon’s eyes, are particularly worth watching.

The right to be forgotten: battle lines drawn

First, the major data protection development of 2014 was the CJEU’s ‘right to be forgotten’ judgment in the Google Spain case. Late last year, we received detailed guidance from the EU’s authoritative Article 29 Working Party on how that judgment should be implemented: see here.

In the view of many commentators, the Google Spain judgment was imbalanced. It gave privacy rights (in their data protection guise) undue dominance over other rights, such as rights to freedom of expression. It was clear, however, that not all requests to be ‘forgotten’ would be complied with (as envisaged by the IC, Chris Graham, in an interview last summer) and that complaints would ensue.

Step up Max Moseley. The BBC reported yesterday that he has commenced High Court litigation against Google. He wants certain infamous photographs from his past to be made entirely unavailable through Google. Google says it will remove specified URLs, but won’t act so as to ensure that those photographs are entirely unobtainable through Google. According to the BBC article, this is principally because Mr Moseley no longer has a reasonable expectation of privacy with respect to those photographs.

The case has the potential to be a very interesting test of the boundaries of privacy rights under the DPA in a post-Google Spain world.

Damages under the DPA

Second, staying with Google, the Court of Appeal will continue its consideration of the appeal in Vidal-Hall and Others v Google Inc [2014] EWHC 13 (QB) in February. The case is about objections against personal data gathered through Apple’s Safari browser. Among the important issues raised by this case is whether, in order to be awarded compensation for a DPA breach, one has to establish financial loss (as has commonly been assumed). If the answer is no, this could potentially lead to a surge in DPA litigation.

The General Data Protection Regulation: where are we?

I did a blog post last January with this title. A year on, the answer still seems to be that we are some way off agreement on what the new data protection law will be.

The latest text of the draft Regulation is available here – with thanks to Chris Pounder at Amberhawk. As Chris notes in this blog post, the remaining disagreements about the final text are legion.

Also, Jan Philipp Albrecht, the vice-chairman of the Parliament’s civil liberties committee, has reportedly suggested that the process of reaching agreement may even drag on into 2016.

Perhaps I will do another blog post in January 2016 asking the same ‘where are we?’ question.

Robin Hopkins @hopkinsrobin

How to apply the DPA

January 15th, 2015 by Robin Hopkins

Section 40 of FOIA is where the Freedom of Information Act (mantra: disclose, please) intersects with the Data Protection Act 1998 (mantra: be careful how you process/disclose, please).

When it comes to requests for the disclosure of personal data under FOIA, the DPA condition most commonly relied upon to justify showing the world the personal data of a living individual is condition 6(1) from Schedule 2:

The processing is necessary for the purposes of legitimate interests pursued by the data controller or by the third party or parties to whom the data are disclosed, except where the processing is unwarranted in any particular case by reason of prejudice to the rights and freedoms or legitimate interests of the data subject.

That condition has multiple elements. What do they mean, and how do they mesh together? In Goldsmith International Business School v IC and Home Office (GIA/1643/2014), the Upper Tribunal (Judge Wikeley) has given its view. See here Goldsmiths. This comes in the form of its endorsement of the following 8 propositions (submitted by the ICO, represented by 11KBW’s Chris Knight).

Proposition 1: Condition 6(1) of Schedule 2 to the DPA requires three questions to be asked:

(i) Is the data controller or the third party or parties to whom the data are disclosed pursuing a legitimate interest or interests?

(ii) Is the processing involved necessary for the purposes of those interests?

(iii) Is the processing unwarranted in this case by reason of prejudice to the rights and freedoms or legitimate interests of the data subject?

Proposition 2: The test of “necessity” under stage (ii) must be met before the balancing test under stage (iii) is applied.

Proposition 3: “Necessity” carries its ordinary English meaning, being more than desirable but less than indispensable or absolute necessity.

Proposition 4: Accordingly the test is one of “reasonable necessity”, reflecting the European jurisprudence on proportionality, although this may not add much to the ordinary English meaning of the term.

Proposition 5: The test of reasonable necessity itself involves the consideration of alternative measures, and so “a measure would not be necessary if the legitimate aim could be achieved by something less”; accordingly, the measure must be the “least restrictive” means of achieving the legitimate aim in question.

Proposition 6: Where no Article 8 privacy rights are in issue, the question posed under Proposition 1 can be resolved at the necessity stage, i.e. at stage (ii) of the three-part test.

Proposition 7: Where Article 8 privacy rights are in issue, the question posed under Proposition 1 can only be resolved after considering the excessive interference question posted by stage (iii).

The UT also added this proposition 8, confirming that the oft-cited cases on condition 6(1) were consistent with each other (proposition 8: The Supreme Court in South Lanarkshire did not purport to suggest a test which is any different to that adopted by the Information Tribunal in Corporate Officer).

Those who are called upon to apply condition 6(1) will no doubt take helpful practical guidance from that checklist of propositions.

Robin Hopkins @hopkinsrobin