Decision 069/2013 | Scottish Information Commissioner

Home Decisions

Decision 069/2013

Decision 069/2013 Mr William Cordiner and the Scottish Fire and Rescue Service

Information generated as a result of specified communications

Reference No: 201202457
Decision Date: 19 April 2013

Summary

On 21 May 2012, Mr Cordiner asked Tayside Fire and Rescue Service for information that had been generated as a result of communications which he had submitted to Tayside Fire and Rescue Board or to Perth and Kinross Council.

Mr Cordiner was told that the information was not held.

Following an investigation, the Commissioner found that Mr Cordiner's request for information had not been dealt with in accordance with Part 1 of FOISA, in that there had been a failure (1) to identify and locate the requested information and (2) to inform Mr Cordiner that the information was exempt from disclosure under section 38(1)(a) of FOISA. However, the Commissioner was satisfied that the information was exempt from disclosure under section 38(1)(a), on the basis that it was Mr Cordiner's personal data.

Relevant statutory provisions

Freedom of Information (Scotland) Act 2002 (FOISA) sections 1(1) and (6) (General entitlement); 2(1)(a) and (2)(e)(i) (Effect of exemptions); 38(1)(a) and (5) (definitions of "data subject" and "personal data") (Personal information)

Data Protection Act 1998 (the DPA) section 1(1) (Basic interpretative provisions) (definition of "personal data")

The full text of each of the statutory provisions cited above is reproduced in the Appendix to this decision. The Appendix forms part of this decision.

Background

1. The Scottish Fire and Rescue Service (the Service) is the statutory successor to Tayside Fire and Rescue Board (the Board). Until 1 April 2013, the Board was, in its own right, a Scottish public authority for the purposes of FOISA.

2. This decision is concerned with the actions of the Board, which was the joint board serving as the fire authority for the local authority areas of Perth and Kinross, Dundee and Angus.

3. Before 1 April 2013, the day to day running of the fire service in Tayside was carried out by Tayside Fire and Rescue (TFR) on the Board's behalf. This included corresponding with Mr Cordiner on the Board's behalf in relation to his information request. All references in this decision to correspondence with the Service is in fact a reference to correspondence which took place with the Board and TFR on the Board's behalf.

4. On 21 May 2012, Mr Cordiner emailed the Service requesting all information that had been generated as a result of certain specified communications which he had submitted previously to the Board or to Perth and Kinross Council.

5. The Service responded on 14 June 2012. It informed Mr Cordiner that a meeting had taken place regarding one of his communications, but that no minutes or notes had been taken. Therefore, the Service informed Mr Cordiner that it did not hold any recorded information falling within the scope of his request. However, this response concerned only information held by TFR and not the Board.

6. On 22 June 2012, Mr Cordiner emailed the Service requesting a review of its decision. Mr Cordiner indicated that he would have expected detailed minutes to have been taken of any meetings or discussions. Consequently, he expected to be provided with them as a result of his request for information.

7. Following an application to the Commissioner in relation to its failure to respond, the Service notified Mr Cordiner of the outcome of its review on 8 October 2012. The response sought to distinguish TFR from the Board and again informed Mr Cordiner that TFR did not hold any recorded information relating to the request.

8. On 27 November 2012, Mr Cordiner wrote to the Commissioner, stating that he was dissatisfied with the outcome of the Service's review and applying to the Commissioner for a decision in terms of section 47(1) of FOISA.

9. The application was validated by establishing that Mr Cordiner had made a request for information to a Scottish public authority and had applied to the Commissioner for a decision only after asking the authority to review its response to that request. The case was then allocated to an investigating officer.

Investigation

10. The investigating officer subsequently contacted the Service, giving it an opportunity to provide comments on the application (as required by section 49(3)(a) of FOISA) and asking it to respond to specific questions. The Service was asked to justify its reliance on any provisions of FOISA it considered applicable to the information requested.

11. The Service subsequently responded, providing its explanation of the matters raised in Mr Cordiner's application. The Service stated that it did hold information covered by Mr Cordiner's request, but it considered the information to be exempt from disclosure in terms of section 38(1)(a) of FOISA.

Commissioner's analysis and findings

12. In coming to a decision on this matter, the Commissioner has considered all of the submissions made to her by both Mr Cordiner and the Service. She is satisfied that no matter of relevance has been overlooked.

Section 38(1)(a) - Personal information of the data subject

13. Section 38(1)(a) of FOISA contains an absolute exemption in relation to personal data of which the applicant is the data subject. The fact that it is absolute means that it is not subject to the public interest test set out in section 2(1)(b) of FOISA.

14. This exemption exists under FOISA because individuals have a separate right to request their own personal data (commonly known as a "subject access request") under section 7 of the DPA. This ensures that such information is disclosed to the data subject (rather than to the world at large, which is the effect of disclosure under FOISA) under a regime designed for such purposes.

15. "Personal data" are defined in section 1(1) of the DPA as data which relate to a living individual who can be identified a) from those data, or b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller (the full definition is set out in the Appendix).

16. In this case, the Service submitted that all of the information sought by Mr Cordiner comprised his own personal data and was therefore exempt from disclosure under section 38(1)(a) of FOISA.

17. During the investigation, the investigating officer viewed the withheld information at the Service's headquarters. The Commissioner is satisfied that the information comprises Mr Cordiner's own personal data in its entirety. The information concerns matters in which Mr Cordiner was involved. The individual to whom the data relates is Mr Cordiner and he can be identified clearly from that data.

18. In the circumstances, the Commissioner is satisfied that the Service is correct to withhold the information under section 38(1)(a) of FOISA. As noted above, the exemption in section 38(1)(a) is an absolute one and the Commissioner is therefore not required (or entitled) to go on to consider whether the public interest lies in the information being disclosed or withheld.

19. However, the Commissioner finds that, in responding to Mr Cordiner's information request and requirement for review, the Service failed to comply with Part 1 of FOISA by not relying on section 38(1)(a) of FOISA in respect of the requested information.

Has all relevant information been identified and retrieved?

20. As noted above, in its initial response to Mr Cordiner and its response to his requirement for review, TFR advised him that it did not hold any relevant recorded information. It was not clear whether this response included any relevant information held by the Board.

21. In its submissions to the Commissioner, the Service acknowledged an administrative deficiency between the Board and TFR in the handling of this request. The Service stated that steps had been taken to rectify these problems.

22. The Service explained that all of the information sought by Mr Cordiner was contained within a file that had been the subject of a previous information request by Mr Cordiner. The Commissioner is satisfied that all of the information sought in the request that is the subject of this decision was contained within the file to which the Service referred. As noted above, the investigating officer has viewed the withheld information.

23. The Commissioner is satisfied that the Service has now identified all relevant information falling within the scope of Mr Cordiner's request. In failing to identify and locate this information at the time of Mr Cordiner's request, the Commissioner finds that the Service failed to deal with the request in terms of section 1(1) of FOISA.

DECISION

The Commissioner finds that the Scottish Fire and Rescue Service (the Service) failed to comply with Part 1 of the Freedom of Information (Scotland) Act 2002 (FOISA) in responding to the information request made by Mr Cordiner. By failing initially to identify and locate the information sought by Mr Cordiner, the Service failed to comply with section 1(1). The Commissioner also finds that the Service failed to comply with Part 1 by not relying on section 38(1)(a) of FOISA in responding to the request.

The Commissioner does not require any action to be taken in respect of these failures in response to Mr Cordiner's application.

Appeal

Should either Mr Cordiner or the Scottish Fire and Rescue Service wish to appeal against this decision, there is an appeal to the Court of Session on a point of law only. Any such appeal must be made within 42 days after the date of intimation of this decision.

Margaret Keyse
Head of Enforcement
19 April 2013

Appendix

Relevant statutory provisions

Freedom of Information (Scotland) Act 2002

1 General entitlement

(1) A person who requests information from a Scottish public authority which holds it is entitled to be given it by the authority.

(6) This section is subject to sections 2, 9, 12 and 14.

2 Effect of exemptions

(1) To information which is exempt information by virtue of any provision of Part 2, section 1 applies only to the extent that -

(a) the provision does not confer absolute exemption; and

(2) For the purposes of paragraph (a) of subsection 1, the following provisions of Part 2 (and no others) are to be regarded as conferring absolute exemption -

(e) in subsection (1) of section 38 -

(i) paragraphs (a), (c) and (d); and

38 Personal information

(1) Information is exempt information if it constitutes-

(a) personal data of which the applicant is the data subject;

(5) In this section-

"data subject" and "personal data" have the meanings respectively assigned to those terms by section 1(1) of that Act;

Data Protection Act 1998

1 Basic interpretative provisions

(1) In this Act, unless the context otherwise requires -

"personal data" means data which relate to a living individual who can be identified -

(a) from those data, or

(b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller,

and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual;