Decision 035/2005 | Scottish Information Commissioner

Home Decisions

Decision 035/2005

Decision 035/2005 – Mr T and Glasgow City Council

Request for details of allegations made by teaching staff against the applicant- section 38(1)(a) of Freedom of Information (Scotland) Act 2002 - personal data of which the applicant is the data subject

Applicant: Mr T
Authority: Glasgow City Council
Case No: 200501511
Decision Date: 13 October 2005

Kevin Dunion
Scottish Information Commissioner

Facts

Mr T requested details of allegations of bullying and harassment made against him by teaching staff of a primary school. Glasgow City Council (the Council) refused to disclose the information on the basis that it was exempt under sections 38(1)(b) and 39(1) of the Freedom of Information (Scotland) Act 2002 (FOISA). Mr T asked the Council to review its decision, but received no response. Mr T then asked the Scottish Information Commissioner to investigate the matter on his behalf.

Outcome

The Commissioner found that the Council was entitled to withhold the information requested by Mr T on the basis that it was exempt under section 38(1)(a) of FOISA. As a result, the Council had not breached Part 1 of FOISA in refusing to release the information to Mr T. However, the Commissioner also found that the Council had failed to comply with Part 1 of FOISA in the manner in which it responded to Mr T’s request.

Appeal

Should either the Council or Mr T wish to appeal against this decision, there is an appeal to the Court of Session on a point of law only. Any such appeal must be made within 42 days of receipt of this notice.

Background

1. Mr T requested details of allegations of bullying and harassment made against him by teaching staff of a primary school and the names of the staff who had made allegations about him from the Council on 2 February 2005.

2. The Council responded to his requests on 2 March 2005, withholding the information from Mr T on the basis that it was exempt under sections 38(1)(b) and 39(1) of FOISA.

3. On 11 March 2005, Mr T asked the Council to review its decision to withhold the information, and advised at the same time that he wished to withdraw the request for the names of the staff who had made the allegations.

4. On 16 April 2005, Mr T applied to the Scottish Information Commissioner for a decision as he was dissatisfied with the response he had received to his request for information.

5. The case was allocated to an investigating officer.

The Investigation

6. Mr T’s appeal was validated by establishing that he had made a request to a Scottish public authority and had sought a decision from the Commissioner only after asking the authority to review its decision to withhold information.

7. A letter was sent from my Office on 13 May 2005 to the Council to inform it that Mr T’s application had been received and that an investigation into the matter would now begin.

8. The Council was asked to provide:

      a) comments on its failure to provide Mr T with a notice advising him of the outcome of its review as required by section 21(5) of FOISA
      b) an explanation of the reasoning behind its application of sections 38(1)(b) and 39(1) of FOISA to the information requested
      c) copies of the information requested by Mr T.

9. The Council responded to this request on 14 July 2005, commenting on the application, and providing the information requested.

10. As requested, the Council gave detailed comments on its application of the exemptions contained in sections 38(1)(b) and 39(1) of FOISA to the information requested. The Council also stated that, in addition, it considered that the exemptions contained in sections 30, 36(2) and 38(1)(a) of FOISA may apply to the information requested.

The Commissioner’s Analysis and Findings

The Request for Review

11. In his application to me dated 16 April 2005, Mr T set out his dissatisfaction with the lack of response by the Council to his request that it review its decision to withhold the information.

12. Section 21 of FOISA requires an authority to carry out a review in response to an applicant’s request to do so. Following the review, the authority must issue a written notice to the applicant. In its submission to me of 14 July 2005, the Council accepted that it had not provided the applicant with a notice as required by section 21(5) of FOISA. It also became clear that the Council had not carried out a review as required by section 21(1) of FOISA.

13. In its submission, the Council outlined the revisions it had made to its administrative processes relating to internal reviews and work allocation in order to prevent non compliance with section 21 of FOISA in future.

Personal information and FOISA

14. Section 38(1)(a) of FOISA states that information is exempt information if it constitutes personal data of which the applicant is the data subject. This is an absolute exemption under FOISA in that it is not subject to the public interest test. In the following paragraphs, I will consider whether the information requested by Mr T falls into this category.

15. “Personal data” is defined in section 1(1) of the Data Protection Act 1998 (“the DPA”). Section 1(1) of the DPA defines personal data as:

“data which relate to a living individual who can be identified:

    a) from those data, or
    b) from those data and from other information which is in the possession of or is likely to
        come into the possession of the data controller...”

16. The definition is subject to the interpretation contained in Durant v Financial Services Authority [2003] EWCA Civ 1746. In this decision, the (English) Court of Appeal held that if information is to be viewed as personal data, the information has to be biographical in a significant sense, i.e. go beyond the recording of the individual’s involvement in a matter or event that has no personal connotations. The individual also has to be the focus of the information, rather than some other person with whom that individual may have been involved. The Court of Appeal summarised these two aspects as information affecting a person’s privacy whether in his personal or family life, business or professional capacity.

17. The information in question here relates to allegations which have been made against him by third parties. I find that in this case Mr T is the focus of the information requested and is therefore the data subject to which the data relates. As a result, the information requested by Mr T requested is exempt from disclosure by virtue of section 38(1)(a) of FOISA.

18. In its submission, the Council stated that although it had considered applying the exemption contained within section 38(1)(a) to the information requested by Mr T, it did not do so, as his personal data was inextricably linked to third party personal data and anonymisation of the third party data was impossible, regardless of whether the request was dealt with under FOISA or the DPA. The Council argued that it did not inform the applicant of his right to access the information requested under section 7 of the DPA as he was unlikely to receive any further information as a result.

19. I have considered this issue, and find that where a request has been made for information which is in the greater part personal data of which the applicant is the data subject, and which contains third party information which cannot be cleanly separated from the
applicant’s personal information, the request should be treated as a subject access request under section 7 of the DPA.

20. In conclusion, I consider that the Council was correct to withhold the information requested by Mr T under FOISA on the basis of the exemption contained in section 38(1)(a) of FOISA.

21. I acknowledge that the Council set out detailed submissions on the application of a number of other exemptions in FOISA. However, as I have found that the information requested is exempt from disclosure, I shall not review the application of further exemptions to the information.

Technical breaches of FOISA

22. Section 15(1) of FOISA relates to an authority’s obligation to advise and assist applicants in accessing information which they have requested. Where an authority finds the applicant has rights under alternative legislation to access information which would otherwise be withheld under FOISA, authorities should inform applicants of those rights, regardless of whether the authority believes the information could be made available to the applicant as a result of using those rights. Therefore, in not informing Mr T of his right to apply for the information requested under section 7 of the DPA, the Council did not comply with the duty to advise and assist Mr T set out in section 15(1) of FOISA.

23. As referred to in paragraphs 11-13 above, I note that the Council failed to carry out a review in terms of section 21(1) or issue a review notice to Mr T as it is required to do under section 21(5) of FOISA.

Decision

I find that the Council did not breach Part 1 of FOISA in refusing to release information to Mr T as the information is exempt under section 38(1)(a) of FOISA.

However, I also find that the Council did not deal with Mr T’s request for information in accordance with Part 1 of FOISA, particularly with respect to sections 15(1) and 21(5) of FOISA. I now require the Council to contact Mr T to advise him of his right to make a subject access
request for his personal data under section 7 of the DPA. I require the Council to do this within two months of receipt of this decision notice.

I am satisfied that Glasgow City Council has put in place adequate measures to conform to section 21 of FOISA in the future and do not require the Council to take any remedial steps to comply with FOISA.

Kevin Dunion
Scottish Information Commissioner
13 October 2005

PDF Icon Link to PDF file of decision 035/2005 (47.7 kb)