Decision 103/2006 Mr M and South Lanarkshire Council
Names of individuals reporting and investigating an alleged breach of the terms of an anti-social behaviour order – section 38(1)(b) – personal data relating to a third party – section 34(3) – information relating to the obtaining of information from confidential sources – section 35(1)(h) –substantial prejudice to civil proceedings arising from an investigation
Names of individuals reporting and witnessing the alleged breach of the terms of an anti-social behaviour order
Applicant: Mr M
Authority: South Lanarkshire Council
Case No: 200502382
Decision Date: 29 June 2006
Kevin Dunion
Scottish Information Commissioner
Facts
Mr M requested from South Lanarkshire Council (the Council) the names of persons reporting an alleged breach of the terms of an anti-social behaviour order (ASBO) and a Council employee present at the scene of the alleged breach. The Council refused to supply this information. The refusal notice confirmed that the name of the Council employee was considered exempt under section 38(1)(b) of the Freedom of Information (Scotland) Act 2002 (FOISA). The identity of the person who complained was withheld under the terms of sections 34(3) and 35(1)(h) of FOISA. The Council also confirmed that it had judged that the public interest in maintaining the exemptions outweighed that in disclosure. Mr M subsequently asked the Council to review this decision. The decision to withhold the information was upheld by the Council following its review. Mr M then applied for a decision by the Commissioner in relation to this matter.
Outcome
The Commissioner found that the Council had acted in accordance with Part 1 of FOISA in withholding the identity of the person who had informed the Council about the alleged breach of the ASBO. The Commissioner found this information to be exempt from release under the terms of section 38(1)(b) of FOISA. The Commissioner did not find that the exemptions in sections 35(1)(h) or 34(3) applied to this information.
The Commissioner found that the Council had acted in breach of the requirements of Part 1 of FOISA in withholding the name of the Council employee who was present at the scene of the alleged breach. He found that this information was not exempt from release, and so required that the Council now release this information to Mr M.
Appeal
Should either Mr M or the Council wish to appeal against this decision, there is an appeal to the Court of Session on a point of law only. Any such appeal must be made within 42 days of receipt of this notice.
Background
1. On 28 June 2005, an ASBO placing certain restrictions on Mr M’s activities in the vicinity of his home was granted for a period of one year under the terms of the Anti-Social Behaviour Etc. (Scotland) Act 2004. On 15 July 2005, I understand that allegations were made to the effect that Mr M had breached the terms of this ASBO, and Council employees attended the scene in order to investigate this matter.
2. On 15 August 2005, Mr M wrote to the Council, under the heading “Complaint”. Mr M’s letter included requests for the following information relating to the events of 15 July:
a) The name of the driver of a vehicle who was present at the scene.
b) The identity of the person who had reported the alleged breach.
In this decision, I will refer to the two identities requested by Mr M as “the Council employee” and “the complainant” respectively.
3. The Council responded to these requests in a letter dated 12 September 2005, which stated that the identities of the Council employee and the complainant were exempt from release under FOISA.
4. The refusal notice stated that the name of the Council employee was considered exempt under section 38(1)(b) of FOISA, because it was not Council policy to disclose the identity of officers. The identity of the complainant was withheld under the terms of sections 34(3), 35(1)(h), and 36(2) of FOISA. The Council also explained it reasons for judging that the public interest in maintaining the exemptions outweighed that in disclosure in this instance.
5. Mr M wrote to the Council on 5 October 2005 to seek a review of this decision. In further correspondence dated 16 October 2005, he clarified further that he wanted the matter to be reviewed in full.
6. The Council notified Mr M of the outcome of its review in a notice dated 21 November 2005. This confirmed that the review panel had decided to uphold the initial decision to withhold the identities of both the Council official and the complainant. The Council’s notice provided a detailed explanation of the rationale for the application of exemptions to this information.
7. The reasons specified for withholding information following the review differed slightly from those given when the Council first responded to these requests. The exemptions in sections 34(3), 35(1)(h) and 38(1)(b) were relied upon in relation to the identity of the complainant following the review. Section 36(2) appeared no longer to be relied upon; while section 38(1)(b) had previously only been cited in relation to the identity of the Council employee.
8. Mr M’s application for a decision by me was received by my Office on 12 December 2005. This expressed dissatisfaction with the Council’s handling of his request for information, and the subsequent review.
9. Mr M also provided background information to my Office setting out his wider complaint in relation to the Council. For the avoidance of doubt, I want to note that these wider matters fall outside my remit, which in this context is solely to consider whether the Council respond to Mr M’s requests for information in terms of the statutory requirements of FOISA. This decision will be based solely on the matters, and will not address or comment upon Mr M’s wider dispute with the Council.
Investigation
10. Mr M’s application was allocated to an investigating officer and then validated by establishing that Mr M had made a valid information request to a Scottish public authority (i.e. the Council) under FOISA and had appealed to me only after asking the Council to review the response to the requests.
11. The investigating officer wrote to the Council on 6 January 2006 informing it that an appeal had been received and that an investigation into the matter had begun. The Council was invited to comment on the case in terms of section 49(3)(a) of FOISA.
12. The Council was also asked to supply a range of information to inform my consideration of this case, including:
a) background information relating to the events of 15 July 2005;
b) information about the role of the Council employee;
c) details of the Council’s normal practice when responding to requests for the names of officials in relation to their duties;
d) further details in relation to the application of the various exemptions relied upon in relation to the information under consideration; and
e) further information on the Council’s consideration of the public interest in relation to this case.
13. The Council’s response to this request was received on 30 January 2006. A request for further information was submitted to the Council on 29 March 2006, and a response received on 28 April 2006.
The Commissioner’s analysis and findings
14. In coming to a decision on this matter it is more useful to consider first whether the Council should have disclosed the identity of a person who reported to the Council that Mr M was breaching the terms of his ASBO.
15. Following the receipt of this report, the Council has advised me that two Community Wardens were sent to the scene to establish whether a breach had taken place and to act as professional witnesses. The Council employee whose identity was also requested by Mr M is one of these Community Wardens, and the second matter to consider is whether the Council should have disclosed that employee’s identity.
16. Although the information under consideration in this case is simply two names, the context in which they have been requested means that quite different considerations must be addressed in reaching my decision in relation to these.
17. In withholding this information, the Council has relied upon three exemptions in FOISA. Below, I will consider the application of these in turn. I will first consider sections 34(3) and 35(1)(h), which have only been applied to the identity of the complainant, before considering section 38(1)(b), which has been relied upon in relation to both names.
Section 34(3)
18. This exemption has four strands, each of which must be satisfied in order for it to apply in any particular case:
a) The information must have been obtained or recorded for the purposes of an investigation;
b) The investigation must have been carried out by virtue of Her Majesty’s prerogative or under statutory powers;
c) The investigation must have been carried for one or more of the purposes listed in section 35(2) of FOISA; and
d) The information must relate to the obtaining of information from confidential sources.
19. Under the Anti-Social Behaviour Etc (Scotland) Act 2004, any breach of the terms of an ASBO is a criminal offence. As such, the power to investigate such matters rests with the Police. Although the Council has the power to seek an ASBO against a specified person, and to share information with the Police where necessary and expedient for the purposes of the Act, I do not believe that the Council “investigation” that is relevant to this case is of a type that satisfies the terms of section 34(3) of FOISA. Indeed, the Council’s submissions to my Office confirmed that its actions on 15 July 2005 were undertaken in terms of providing support and advice rather than any specific investigation.
20. I note further that the purpose of section 34(3) of FOISA is not, as I understand it, to protect information gathered from confidential sources, or necessarily the confidentiality of the source itself. It concerns information relating to the obtaining of information from those sources. In other words, information about the process of gathering the information, for example (to quote my own briefing on the exemption) “about how such information is gathered, how informants are recruited and how information obtained from confidential sources is transmitted”. Even if the identity of the complainant had been recorded for the purposes of a relevant investigation, I do not believe it is information of a type that would be protected by this exemption.
21. I do not find that the exemption in section 34(3) has been appropriately applied in this instance.
Section 35(1)(h)
22. This exemption applies where release of information would or would be likely to prejudice substantially any civil proceedings brought and arising out of any investigations conducted for one of the purposes set out in section 35(2), by a public authority or Scottish public authority under either Her Majesty’s prerogative or statutory powers. The purposes cited by the Council as relevant in this case are:
a) To ascertain whether a person has failed to comply with the law
b) To ascertain whether a person is responsible for conduct which is improper; and
c) To ascertain whether circumstances which would justify regulatory action in pursuance of any enactment exist or may arise.
23. I do not dispute that the Council’s actions on 15 July 2005 were taken with these purposes in mind following the receipt of a complaint in relation to Mr M’s activities. The Council has expressed concern that members of the public would be less likely to provide similar information in future should the names of complainants be made publicly available. This may well be the case, but I do not consider section 35(1)(h) to be an appropriate exemption in the particular circumstances of this case. This exemption applies only where release would be substantially prejudicial to civil proceedings arising out of an investigation; it is not intended to apply where release would have a detrimental impact on an investigation but not on any current, pending or contemplated civil proceedings.
24. The Council’s submissions have confirmed that the civil action that resulted in an ASBO being granted against Mr M was already complete at the time when the complainant contacted the Council, and Mr M subsequently requested confirmation of the complainant’s identity. At this point, therefore, no further civil action was pending or anticipated; any further action (should Mr M have been found to be in breach of the ASBO) would be in relation to a criminal offence.
25. I cannot accept that release would be likely to be substantially prejudicial to any civil proceedings in these circumstances. Therefore, I find that the Council has wrongly applied the exemption in section 35(1)(h) in this case.
The public interest
26. The exemptions in sections 34(3) and 35(1)(h) are both qualified exemptions. Where they are judged to apply, it is necessary to consider whether the public interest in maintaining these outweighs the public interest in disclosure of exempt information. Having concluded that neither of these exemptions applies in this instance, it is not necessary for me to consider the public interest in this case.
Section 38(1)(b)
27. Under section 38(1)(b) of FOISA (read in conjunction with section 38(2)(a)(i)), information is exempt information if it constitutes personal data and the release of the information would breach any of the data protection principles contained in the Data Protection Act 1998 (DPA).
28. In this case, the Council has argued that the release of the identity of the complainant and the Council employee would breach the first data protection principle, which states that personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless at least one of the conditions in Schedule 2 is met and, in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
29. I am therefore required to consider two separate matters: firstly, whether the information which the Council refused to supply to Mr M is personal data and, if so, whether the release of the information to Mr M would breach the first data protection principle.
30. It must be borne in mind that this particular exemption is an absolute exemption. This means that it is not subject to the public interest test contained in section 2(1) of FOISA.
31. “Personal data” is defined in section 1(1) of the DPA as “data which relate to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller, and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.”
32. The definition of what amounts to “personal data” for the purposes of the DPA was considered in the case of Durant v Financial Services Authority [2003] EWCA Civ 1746. In that case, the (English) Court of Appeal decided that whether or not data constituted “personal data” for the purposes of the legislation depended on the relevance or proximity of the data to the data subject. The court considered that the information required to be biographical in a significant sense and that the information should have the subject as its focus.
33. In my view, the identity of the complainant in this case clearly falls under the definition of personal data.
34. In this case, confirming the identity of the Council employee would also confirm that this person was present in the vicinity of Mr M’s home on 15 July 2005 for the purposes of investigating whether he had acted in breach of the terms of his ASBO. In the circumstances, I accept that the name of the Council employee should be considered personal data.
35. Having concluded that the identities of both the complainant and the Council employee are personal data, I must now go on to consider whether the release of the information would breach any of the data protection principles. In this case, the Council has argued that release of the information would breach the first data protection principle.
Would release of the indentities of the Council employee and/or the complainant breach the first data protection principle?
36. The first data protection principle states that personal data must be processed fairly and lawfully and, in particular, shall not be processed unless at least one of the conditions in Schedule 2 of the DPA is met and, in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met. (I have considered the definition of “sensitive personal data” in section 2 of the DPA and do not consider that any of the information sought by Mr M falls into this category.)
37. According to guidance from the Information Commissioner (“Freedom of Information Awareness Guidance 1”, which can be viewed at http://www.ico.gov.uk/documentUploads/AG%201%20personal%20info.pdf), the assessment of fairness includes looking at whether the third party would expect that his/her information might be disclosed to others and/or whether the third party would expect that his/her information would be kept private.
38. Mr M has stated that he requires the information he has requested in order to exercise and defend his legal rights.
39. However, I find that in this case, the complainant would have contacted the Council only in the expectation that their identity would not be passed on. In the context of this case, I am satisfied that it would be unfair for the identity of this person to be disclosed, and so doing so would breach the first data protection principle.
40. Given that I have found that the release of the identity of the complainant to Mr M would be unfair, I find that this information is exempt in terms of section 38(1)(b) of FOISA.
41. The Council employee’s presence in the vicinity of Mr M’s home was prompted by his duties as a Community Warden. This is a uniformed role, and Wardens carry identification on display at all times, and which is shown on request
42. In Mr M’s account of the events of 15 July 2005, he claims that the Council employee refused to confirm his name and covered his identification badge. The Council does not accept that the identification badge was concealed by its employee.
43. Whether or not Mr M’s account of events is correct, it is clear that the Council employee did not disclose his identity to Mr M on 15 July 2005.
44. The Council has argued that disclosure of the employee’s name would, in the circumstances, be detrimental to their safety and well-being. In support of this assertion, it has noted that there have been a handful of assaults on community wardens in recent years. However the Council have not provided me with any reason to believe that this particular warden would be at risk if his name was now released.
45. In general, having considered the role of a Community Warden, I do not see how a person holding that post could or should expect that their name would not be available to members of the public should this be requested after any events in which they played a role.
46. In reaching this decision, I note that the Warden was carrying identification at the time of the incident. I understand that the identification card which Wardens carry shows both their name and photograph. If this was not concealed by him (as the Council has stated), then, to all intents and purposes his identity was available to Mr M at that time. Further, by acting as a witness in this matter, it is likely that this person would have been identified and given evidence in court had criminal proceedings been pursued following from the alleged breach.
47. It seems to me to be central to the role of Community Wardens that their identity is available to members of the community with whom they come into contact; and this includes those who are the subject of investigation with regard to an alleged breach of an ASBO.
48. I have concluded that such release would be in pursuit of the legitimate interests of Mr M (and, by extension, the public), as a member of the community served by the Council and its Community Wardens. I do not consider there to be any overriding interest of the data subject (i.e. the Council employee) such as would prevent release. For the purposes of Schedule 2 of the DPA, I find that the condition in section 6 would be met in this case should the Council release the employee’s name to Mr M.
49. Therefore, I find that in relation to the identity of the Council employee, there would not be any breach of the first data protection principle, and I see no reason for the Council to withhold this person’s name now under the terms of section 38(1)(b) of FOISA.
Decision
I find that South Lanarkshire Council (the Council) acted in accordance with the requirements of Part 1 of the Freedom of Information (Scotland) Act 2002 (FOISA) by refusing to provide the name of the complainant sought by Mr M in his request of 15 August 2005.
I found that the Council had correctly applied the exemption in section 38(1)(b) of FOISA to this information. However, I did not find that the exemptions in section 34(3) or 35(1)(h) applied to this information.
I find that the Council acted in breach of section 1(1) of FOISA by refusing to provide the name of the Council employee sought by Mr M in his request of 15 August 2005.
In the circumstances, I have found that disclosure of this individual’s identity would not breach any of the data protection principles. Therefore, I find that the exemption in section 38(1)(b) of FOISA was inappropriately applied to this information.
I now require the Council to provide the name of this employee to Mr M within 6 weeks of the receipt of this decision.
Kevin Dunion
Scottish Information Commissioner
29 June 2006
Link to PDF file of decision 103/2006 (64.1 kb)