Background

Freedom of Information Act

The act allows members of the public access to information held by public authorities. It does this in two ways:

  • public authorities are required to publish certain information about their activities; and
  • members of the public are entitled to request information from public authorities.

The act covers any recorded information that is held by a public authority in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland. We work with public authorities, government departments, police forces and other law enforcement bodies, local government, NHS, schools and colleges plus other organisations which hold information subject to the act.

There are two main ways in which the Freedom of Information Act (FOIA) leads to litigation, both of which stem from treating FOIA requests as “routine” applications which can lead to a tick box culture.

Read more

The inappropriate release of information in response to a request – this can be catastrophic and lead to criminal prosecution, misconduct action and data protection damages claims by those whose details have been wrongly disclosed.
Failure to respond to a request either in time, fully or at all.

Our experience and expertise

Our team are well placed to cover all aspects of litigation arising from FOIA breaches. We have unparalleled knowledge and experience in representing public authorities in all of the strands of litigation which may arise from a breach and can provide a comprehensive service for HRA and linked negligence claims, misconduct, resulting criminal prosecutions and employment issues.

Reputational damage is a key consideration where a public authority requires the trust and confidence of the public to operate effectively. We have decades of experience in dealing with cases where this is a key consideration. Additionally we have a unique combination of years of experience in highly sensitive work with the handling and protection of data at its heart.

Our barristers can help change the culture of treating FOIA requests as a “routine” exercise by providing policy advice, advisory and training roles to ensure that the systems and procedures minimise risk of data breaches and mitigate damage when it occurs.

Examples of recent Freedom of Information Act breaches

The most recent, and extremely high profile, example of a FOIA breach is the recent Police Service of Northern Ireland data breach. A FOIA request was made for broad statistical information e.g. overall numbers and percentage deployments in specific roles of officers and employees of PSNI. The information released was far too specific and included the personal details of over 4000 officers and staff. This is a significant breach and has far-reaching consequences. The security situation in Northern Ireland is such that many of those on the list will now be at physical risk of assault or death – they have Article 2 HRA claims and the costs of their protection measures will be huge. All have article 8 privacy claims which will result in damages – and there are 4,000 of them. The Chief has resigned and it is likely that those responsible for the breach will face criminal and/or disciplinary proceedings. There is justifiable concern about the adequacy of a system which allowed this disastrous breach to occur. This is a classic example of how a simple FOIA request, badly handled can have far reaching consequences. The scope for further litigation in this case is huge. Reports on 5th Sept 2023 indicated that the data breach could cost £240 million in security and legal costs. https://www.itv.com/news/utv/2023-09-05/police-data-breach-could-cost-240-million-in-security-and-legal-costs

In 2023 Norfolk and Suffolk Police forces jointly reported that the personal data of 1,230 data subjects, including victims and witnesses, was erroneously provided in response to FOIA requests between April 2021 and March 2022. A “technical issue” meant the raw data, which could be used to identify individuals and included descriptions of offenses, was included in files provided in response to requests for crime statistics between those dates. The information related to domestic abuse, sexual offenses, assaults, thefts and hate crime.

Cumbria Police experienced a huge breach of the data of all its officers and staff, when, in response to a FOIA request, it accidentally published the names and salaries of every one of its more than 2,000 employees. https://www.theguardian.com/uk-news/2023/aug/11/cumbria-police-admits-huge-breach-of-data-of-officers-and-staff. This type of breach could lead to litigation of substantial value.

Our clerking team would welcome the opportunity to talk to you about our barristers experience in this area and help you find the right people to deal with your need.

For more information please contact our clerks.

Call +44 (0) 20 7410 2000 or click here to email

Freedom of Information Act Barristers

King's Counsel

Jason Beer KC

Call 1992 | Silk 2011

Fiona Barton KC

Call 1986 | Silk 2011

Anne Studd KC

Call 1988 | Silk 2012

Francesca Whitelaw KC

Call 2003 | Silk 2023

Charlotte Ventham KC

Call 2001 | Silk 2024

Juniors (10+ years)

Andrew Waters

Call 1987

Russell Fortt

Call 1999

Beatrice Collier

Call 2004

Mark Thomas

Call 2006

Georgina Wolfe

Call 2006

Jonathan Dixey

Call 2007

Emma Price

Call 2007

Saara Idelbi

Call 2008

Robert Cohen

Call 2009

Robert Talalay

Call 2010

Alex Ustych

Call 2010

Catriona Hodge

Call 2012

Aaron Moss

Call 2013

Juniors (under 10 years)

John Goss

Call 2015

Peter Laverack

Call 2015

Aimee Riese

Call 2016

David Messling

Call 2017

Jennifer Wright

Call 2018

Conor Monighan

Call 2019

Paige Jones

Call 2021

Jack Palmer

Call 2022

Latest News & Events

View all

Edmund Garnett – instructed by Northumbria Police – has been successful in resisting an appeal…

Discover more

Spotlights

Portfolio Builder

Select the practice areas that you would like to download or add to the portfolio

Download    Add to portfolio   
Portfolio
Title Type CV Email

Remove All

Download


Click here to share this shortlist.
(It will expire after 30 days.)