The act allows members of the public access to information held by public authorities. It does this in two ways:
The act covers any recorded information that is held by a public authority in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland. We work with public authorities, government departments, police forces and other law enforcement bodies, local government, NHS, schools and colleges plus other organisations which hold information subject to the act.
There are two main ways in which the Freedom of Information Act (FOIA) leads to litigation, both of which stem from treating FOIA requests as “routine” applications which can lead to a tick box culture.
The inappropriate release of information in response to a request – this can be catastrophic and lead to criminal prosecution, misconduct action and data protection damages claims by those whose details have been wrongly disclosed.
Failure to respond to a request either in time, fully or at all.
Our experience and expertise
Our team are well placed to cover all aspects of litigation arising from FOIA breaches. We have unparalleled knowledge and experience in representing public authorities in all of the strands of litigation which may arise from a breach and can provide a comprehensive service for HRA and linked negligence claims, misconduct, resulting criminal prosecutions and employment issues.
Reputational damage is a key consideration where a public authority requires the trust and confidence of the public to operate effectively. We have decades of experience in dealing with cases where this is a key consideration. Additionally we have a unique combination of years of experience in highly sensitive work with the handling and protection of data at its heart.
Our barristers can help change the culture of treating FOIA requests as a “routine” exercise by providing policy advice, advisory and training roles to ensure that the systems and procedures minimise risk of data breaches and mitigate damage when it occurs.
Examples of recent Freedom of Information Act breaches
The most recent, and extremely high profile, example of a FOIA breach is the recent Police Service of Northern Ireland data breach. A FOIA request was made for broad statistical information e.g. overall numbers and percentage deployments in specific roles of officers and employees of PSNI. The information released was far too specific and included the personal details of over 4000 officers and staff. This is a significant breach and has far-reaching consequences. The security situation in Northern Ireland is such that many of those on the list will now be at physical risk of assault or death – they have Article 2 HRA claims and the costs of their protection measures will be huge. All have article 8 privacy claims which will result in damages – and there are 4,000 of them. The Chief has resigned and it is likely that those responsible for the breach will face criminal and/or disciplinary proceedings. There is justifiable concern about the adequacy of a system which allowed this disastrous breach to occur. This is a classic example of how a simple FOIA request, badly handled can have far reaching consequences. The scope for further litigation in this case is huge. Reports on 5th Sept 2023 indicated that the data breach could cost £240 million in security and legal costs. https://www.itv.com/news/utv/2023-09-05/police-data-breach-could-cost-240-million-in-security-and-legal-costs
In 2023 Norfolk and Suffolk Police forces jointly reported that the personal data of 1,230 data subjects, including victims and witnesses, was erroneously provided in response to FOIA requests between April 2021 and March 2022. A “technical issue” meant the raw data, which could be used to identify individuals and included descriptions of offenses, was included in files provided in response to requests for crime statistics between those dates. The information related to domestic abuse, sexual offenses, assaults, thefts and hate crime.
Cumbria Police experienced a huge breach of the data of all its officers and staff, when, in response to a FOIA request, it accidentally published the names and salaries of every one of its more than 2,000 employees. https://www.theguardian.com/uk-news/2023/aug/11/cumbria-police-admits-huge-breach-of-data-of-officers-and-staff. This type of breach could lead to litigation of substantial value.
For more information please contact our clerks.
Call +44 (0) 20 7410 2000 or click here to email
Call 1992 | Silk 2011
Call 1986 | Silk 2011
Call 1988 | Silk 2012
Call 2003 | Silk 2023