Home Decisions

Decisionn 218/2010

Decision 218/2010 Mr Michael Traill and South Lanarkshire Council

Gifts and hospitality

Reference No: 201001057
Decision Date: 20 December 2010

Summary

Mr Traill asked South Lanarkshire Council (the Council) for information about gifts and hospitality offered to, declined, and accepted by the Council.

The Council withheld the information under section 36(2) and section 38(1)(b) of the Freedom of Information (Scotland) Act 2002 (FOISA).The Council confirmed this decision after review and Mr Traill subsequently applied to the Scottish Information Commissioner for a decision.

The Commissioner found that the Council had correctly withheld some of the information under section 38(1)(b) of FOISA (being satisfied that it was personal data and that its disclosure would breach the first data protection principle) while other information had been wrongly withheld under both that exemption and the exemption in section 36(2) of FOISA.In relation to section 36(2), he was not satisfied that the information had been obtained from another person or that its disclosure would constitute an actionable breach of confidence.He ordered disclosure of the information which had been wrongly withheld under sections 36(2) and 38(1)(b).

Relevant statutory provisions and other sources

Freedom of Information (Scotland) Act 2002 (FOISA) sections 1(1) and (6) (General entitlement); 2(1)(a), (2)(c) and (2)(e)(ii) (Effect of exemptions); 36(2) (Confidentiality) and 38(1)(b), (2)(a)(i), (2)(b) and (5) (definitions of "the data protection principles", "data subject" and "personal data") (Personal information)

Data Protection Act 1998 (the DPA) section 1(1) (Basic interpretative provisions) (definition of "personal data"); Schedule 1 (The data protection principles) (the first data protection principle); Schedule 2 (Conditions relevant for purposes of the first principle: processing of any personal data) (condition 6)

The full text of each of the statutory provisions cited above is reproduced in Appendix 1 to this decision. The Appendix forms part of this decision.

Background

1.On 27 March 2010, Mr Traill asked the Council to provide "information relating to gifts and hospitality offered to, declined, and accepted by your organisation" for the period 2009, January 2010 and February 2010.He went on to specify that the information should include the following details:

who offered the gift/hospitality

its approximate value

why it was declined or accepted

who received it

the date of any events or trips relating to gifts/hospitality

what happened to the gift/hospitality (e.g. retained by employee, donated to charity).

2.On 23 April 2010, the Council wrote to Mr Traill advising that his request had been refused, as the information was considered exempt from disclosure under section 36(2) and section 38(1)(b) of FOISA.The Council explained how it had reached its decision.

3.Mr Traill then (also on 23 April 2010) asked the Council to carry out a review of the handling and outcome of his information request.He stated that other public authorities had provided similar information.

4.On 24 May 2010, the Council provided its response to Mr Traill's request for review.It confirmed that its decision to withhold the information under the exemptions previously cited had been upheld after review.

5.Mr Traill remained dissatisfied with the Council's response, and applied for a decision from the Commissioner on 24 May 2010.He stated that the majority of authorities to whom he had submitted a similar information request had concluded that it was lawful to provide the information, and queried the Council's decision to withhold it.

6.The application was validated by establishing that Mr Traill had made a request for information to a Scottish public authority and had applied for a decision from the Commissioner, in terms of section 47(1) of FOISA, only after asking the authority to review its response to that request.

Investigation

7.On 15 June 2010, the Council was notified in writing that an application had been received from Mr Traill and was asked to provide the Commissioner with any information withheld from him.The Council responded with the information requested and the case was then allocated to an investigating officer.

8.The investigating officer subsequently contacted the Council, providing it with an opportunity to comment on the application (as required by section 49(3)(a) of FOISA) and asking it to respond to specific questions, with particular reference to the exemptions it had cited earlier.

9.The Council was asked to comment on guidance from the Information Commissioner, who is responsible for data protection matters across the UK, on the disclosure of personal data relating to employees[1].In particular, reference was made to guidance indicating that Government departments should expect to disclose information under their publication schemes from the Register of gifts and hospitality provided to Ministers and senior personnel.[2]

10.In relation to section 36(2), the Council was asked for further comment on the claimed confidentiality of the withheld information, and in particular to reconsider whether information of this type should be considered confidential by virtue of the employer/employee relationship.

11.Finally, the Council was asked whether it would consider disclosure of the information in redacted form, e.g. with names, job titles and signatures removed.

12.The Council responded on 15 July 2010.Insofar as relevant, its response is considered in detail in the next part of this decision notice.In summary, in relation to the guidance from the Information Commissioner referred to above, the Council advised that it considered it to be of limited effect in the particular circumstances of this case, and provided further arguments in support of its position that disclosure would contravene the first data protection principle. The Council also explained why, in its view, disclosure of the information would comprise an actionable breach of confidence, and advised that it did not believe it would be possible to redact the information in any way which would enable it to be disclosed while complying with Council's obligations under the DPA.

13.The Council provided the Commissioner with a copy of its Code of Conduct for Employees (the Code), which includes guidance about its Register of gifts, hospitality and services (the Register).

14.The Council provided a further submission relating to condition 6 of Schedule 2 of the DPA, and whether it could be met in this case.As indicated above, the Council's arguments and conclusions are described and discussed in detail in the next part of this Decision Notice.

Commissioner's analysis and findings

15.In coming to a decision on this matter, the Commissioner has considered all of the information withheld and the submissions which have been presented to him and is satisfied that no matter of relevance has been overlooked.

Section 38(1)(b) of FOISA

16.Section 38(1)(b) of FOISA, read in conjunction with section 38(2)(a)(i) or (as appropriate) section 38(2)(b), exempts information if it is personal data and if its disclosure to a member of the public otherwise than under FOISA would contravene any of the data protection principles laid down in Schedule 1 to the DPA.

17.This particular exemption is an absolute exemption, so is not subject to the public interest test laid down by section 2(1)(b) of FOISA.

Is the information personal data?

18.Personal data is defined in section 1(1) of the DPA as data which relate to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller (see the Appendix for the full definition).

19.The Commissioner accepts that in terms of section 1(1) of the DPA, the information withheld contains personal data of the employee receiving the offer of a gift, hospitality or a service, and in some cases also contains the personal data of the individual making that offer.The individuals in question are identifiable from the information and, given its nature, the Commissioner is satisfied that it relates to them.

Would disclosure of the information breach the first data protection principle?

20.The Council argued that disclosure of the information would breach the first data protection principle.The first data protection principle requires that personal data shall be processed fairly and lawfully and, in particular, shall not be processed (in this case, disclosed) unless at least one of the conditions in Schedule 2 to the DPA is met and, in the case of sensitive personal data (as defined by section 2 of the DPA), at least one of the conditions in Schedule 3 to the DPA is also met.The Commissioner is satisfied that the withheld information does not fall into any of the categories of sensitive personal data listed in section 2 of the DPA.

21.The Commissioner has considered the conditions in Schedule 2, and takes the view that only conditions 1 or 6 could potentially be applicable in this instance.

22.Condition 1 of Schedule 2 is met if the data subject has given his consent to the processing (in this case, the disclosure of the information).Condition 1 is not applicable in this case, as consent to disclosure was neither sought nor given by the data subjects (the data subjects being the persons to whom the withheld information relates).The Council took the view that consent would be unlikely to be given, and the Commissioner accepts in this case that the Council was under no obligation to seek it.

23.Condition 6 allows personal data to be processed if the processing is necessary for the purposes of legitimate interests pursued by the data controller or the third party or parties to whom the data are disclosed, except where the processing is unwarranted in any particular case by reason of prejudice to the rights and freedoms or legitimate interests of the data subject.It is clear from the wording of this condition that each case will turn on its own facts and circumstances.

24.The Commissioner considers that there are, therefore, a number of different tests which must be satisfied before condition 6 can be met. These are:

a.Does Mr Traill have a legitimate interest in obtaining these personal data?

b.If yes, is the disclosure necessary to achieve these legitimate aims? In other words, is the disclosure proportionate as a means and fairly balanced as to ends, or could these legitimate aims be achieved by means which interfere less with the privacy of the data subjects?

c.Even if the processing is necessary for the legitimate purposes of Mr Traill, would the disclosure nevertheless cause unwarranted prejudice to the rights and freedoms or legitimate interests of the data subjects? This will involve a balancing exercise between the legitimate interests of Mr Traill and those of the data subjects. Only if (or to the extent that) the legitimate interests of the Mr Traill outweigh those of the data subjects can the personal data be disclosed.

25.The Council takes a different approach to condition 6 of Schedule 2, and argues that it is necessary for a legitimate public interest to outweigh the right to privacy of the individuals concerned before there can be disclosure.After following this approach, the Council could not identify an appropriate public interest in obtaining the information sought by Mr Traill, noting in particular the absence of controversy or dispute about the receipt of gifts or hospitality by its employees.

26.Mr Traill was asked about his legitimate interests in requiring the information.He took the view that there was a general public interest in making information available about the "pay and perks" received by public sector employees, and that it was reasonable to expect such information to be available.

27.The Commissioner accepts that both Mr Traill and the public in general have a legitimate interest in the disclosure of information which would increase transparency in relation to the gifts, hospitality and services offered to Council employees.The Council itself has identified a public interest in ensuring that its employees undertake their duties without a perception of corruption, or actual corruption, as a result of inappropriately receiving and accepting gifts etc.The Commissioner takes the view that disclosure of the information in the Register would demonstrate the Council employees' probity and, through increased openness and transparency on this matter, would demonstrate the Council's willingness to be publicly accountable in relation to the gifts, hospitality and services offered to its employees and the duties and decisions which those employees undertake and make on behalf of the Council.

28.In this particular case, while noting the Council's comments on the absence of specific controversy relating to the receipt of gifts or hospitality offered to Council employees, the Commissioner does not believe that the absence of such controversy will necessarily remove any legitimate interest in disclosure of the requested information.In any event, general public perception of inappropriate conduct in this area is hardly uncommon.In the circumstances, he is satisfied that there is a legitimate interest in the disclosure of information which would serve the ends he has identified.

Is disclosure of the information necessary in order to meet those legitimate interests?

29.The Commissioner must now consider whether disclosure of the personal data is necessary in order to satisfy the legitimate interests identified above.In doing so, he must consider whether these interests might reasonably be met by any alternative means.

30.In this case, the Commissioner takes the view that the legitimate interests identified require disclosure of such information as would show the nature of the gift, hospitality or service offered, and would throw light upon the relationship between the donor and the person receiving the offer or gift.

31.In relation to private individuals and named individuals representing corporate donors, the Commissioner has not found any reason in this case why disclosure of the personal data of these individuals is required in order to satisfy the legitimate interests identified in this case.It would suffice to know that the donation came from a private individual or from a corporate donor (company names are not, of course, personal data). Consequently, he finds that condition 6 of Schedule 2 to the DPA cannot be met in relation to this information, in the circumstances of the current case, and that it was correctly withheld under section 38(1)(b) of FOISA.

32.However, the Commissioner also finds that disclosure of the personal data of the individual Council employees who received the gift or hospitality, or the offer of such, is necessary in terms of the legitimate interests identified in paragraphs 27 and 28 above, in order to demonstrate full accountability: he can identify no less intrusive alternative which would fulfil these interests.The Commissioner will therefore go on to consider whether condition 6 of Schedule 2 of the DPA can be met in relation to the withheld personal data of Council employees.

Would disclosure cause unwarranted prejudice to the legitimate interests of the data subjects?

33.The Commissioner has considered carefully the information withheld from Mr Traill.The completed forms in the Register cover a variety of matters.Some relate directly to the professional working life of the officer concerned, such as an invitation to attend a work-related event.Others are less closely related to the officer's working life, such as the record of a personal gift from a private individual.In some cases the officer concerned was of some seniority within the Council; in other cases this was not so.

34.The Council takes the view that the seniority of the employees is irrelevant, given the confidentiality of the withheld information.

35.The Council has submitted that the information withheld does not relate to activities or events associated with the employees' professional duties and the business activities of the Council, but to their actions as private individuals.

36.The Commissioner does not accept this argument.He finds that the information was recorded in the Register by employees of the Council acting as employees and not as private individuals, under obligations laid down in the Code, which governs the actions of Council employees.The form which requires to be completed for each Register entry is entitled "Register of Gifts, Hospitality and Services Officer Entry" (Commissioner's italics) and the first box to complete is "Name of Officer".Completion of the form is required under the Council's policy on the declaration of gifts, hospitality and services, as described in section 12 of the Code.It is evident that completion of the form is an activity required of Council employees, whether or not the matter recorded on the form relates to their private life.

37.The Commissioner takes the view that the Register is a record of gifts and hospitality which were (in most if not all cases) offered or given to an individual as a consequence of that individual's employment by the Council and which, in all cases, were recorded in the Register because the Council has recognised that such donations can give rise to allegations of improper behaviour in relation to professional duties and business activities, and has required (in its policy on the declaration of gifts, hospitality and services) that all such offers over a certain value or which are more than a token gesture should be recorded.

38.The Commissioner therefore takes the view that the personal data of Council employees recorded in the Register relates to their professional duties and standards and the business activities of the Council.

39.The Information Commissioner, who is responsible for enforcing and regulating the DPA throughout the UK, has published guidance on the disclosure of personal data of public authority employees (referred to previously in this decision notice).The guidance sets out key questions for the public authority to consider, the first of which is:

"Is the information requested about an employee's professional or personal life? The threshold for releasing professional information will generally be lower than that for releasing truly personal or sensitive information e.g. that found in an employee's occupational health record."

The same guidance states:

"In general, more senior staff and those carrying out public functions should expect more information about them to be disclosed."

This is reflected in the (Scottish) Commissioner's own guidance on the section 38(1)(b) exemption.[3]

40.The Commissioner therefore finds it necessary to consider separately the nature of the prejudice which disclosure would cause, firstly to Council employees who cannot be considered senior officers, and secondly to senior officers of the Council.

Non-senior Council employees

41.In relation to employees who are not senior officers of the Council (see paragraph 44 below), the Commissioner accepts that these individuals would have a reasonable expectation (supported by statements in the Council's Code) that such personal data would not be disclosed.The Commissioner takes the view that disclosure of the personal data relating to non-senior employees, against their reasonable expectations, would prejudice the data subjects' interests to a degree which (in the circumstances of this particular case) would outweigh the applicant's legitimate interest in disclosure of the withheld personal data.

42.The Commissioner therefore finds that condition 6 of Schedule 2 of the DPA cannot be met in relation to the personal data of non-senior employees.For the reasons he has identified above, he would also consider disclosure to be unfair and, in the absence of a condition permitting disclosure, unlawful.Consequently, he is satisfied that the information was correctly withheld under section 38(1)(b) of FOISA.

43.The Commissioner also considers that if the personal data (that is, names, job titles and signatures) relating to non-senior employees is redacted from the forms in the Register which they completed, the remaining information in those forms will be effectively anonymised and therefore no longer personal data.The Commissioner considers later in this decision notice whether the remaining information is exempt from disclosure under section 36(2) of FOISA, also cited by the Council.

Senior Council employees

44.As noted previously, in terms of meeting the legitimate interests identified, the Commissioner finds it would be necessary to disclose full details of any gifts, hospitality and services offered to or received by senior Council officers.By "senior Council officers", the Commissioner means the Council's Chief Executive and Executive Directors.He considers the legitimate interest he has identified in disclosure to be all the stronger in relation to these officers, given the considerable delegated authority they will exercise and also their role in advising Councillors on key decisions.

45.With this in mind, and also in view of the guidance referred to in paragraph 39 above, the Commissioner finds that disclosure of information relating to senior Council officials' professional lives would not cause unwarranted prejudice to their rights, freedoms or legitimate interests, and therefore that condition 6 of Schedule 2 to the DPA can be met in relation the disclosure of such information.

Would disclosure be fair and lawful?

46.Having reached the conclusion that condition 6 of Schedule 2 of the DPA can be satisfied in respect of certain of the personal data withheld (that relating to senior Council officers), the Commissioner has gone on to consider whether disclosure would be fair and lawful, as required by the first data protection principle.

47.The Council argued that disclosure would be unfair, because it had given certain express undertakings to employees regarding their private information.Council employees had been advised that they would be allowed to see their own entries at any time, but that no access to other entries would be permitted, giving rise (in the Council's view) to an expectation of privacy.Given these undertakings, it did not consider relevant the Information Commissioner's guidance in relation to similar registers maintained by central Government.

48.The Commissioner accepts that, in general, Council employees have an expectation of privacy in relation to information recorded in the Register.However, section 12 of the Council's Code states that information within the Register may be released to other parties in line with the principles of the DPA.The Commissioner considers that, given their seniority and need to be accountable for decisions they make, it is likely that senior Council officials' reasonable expectations of privacy in this regard will be limited and that disclosure would be fair, for the reasons already outlined in relation to condition 6.

49.The Council also argued that disclosure would be unlawful because the Council is subject to a duty of confidentiality in relation to information in the Register.The Commissioner does not accept the Council's arguments on this point.The Council has provided no evidence of an express obligation of confidentiality; and in relation to any implied obligation, the Commissioner considers that senior Council officers could not reasonably expect that the information recorded about them in the Register would be treated as confidential, given their senior status, decision-making powers and accountability, and given that the Council's Code explicitly provides for the possibility that information may be disclosed in line with the DPA.

50.The Council argued that it was bound, through undertakings provided to employees and at common law, not to disclose private information provided to it by employees.It argued that the courts had accepted that an employer could be bound by confidentiality in relation to information provided by an employee, both contractually and at common law.The Council referred to the case Dalgleish v Lothian and Borders Police Board 1992 SLT 721 and believed the correct approach was to ascertain whether a duty of confidentiality existed and then look to see whether there was a public interest defence, should the duty exist.

51.The Commissioner rejects the argument that the Council is bound by an over-arching duty of confidence in relation to all information arising out of the employment relationship.His understanding is that the employer is required to avoid acting in a way likely to cause serious damage to the relationship of mutual trust and confidence on which the employment relationship is based: that may preclude the disclosure of confidential information, but the usual tests of confidentiality would still require to be met.As noted previously, the Commissioner believes that the withheld information does not relate to the employees' private lives, but to their professional lives; given the seniority of the employees in question and the level of accountability expected of senior officers, it would be difficult to argue that the disclosure of information relating to their professional lives would seriously damage the relationship of mutual trust of confidence between employee and employer.

52.In all the circumstances, therefore, the Commissioner can identify no reason why disclosure would be unlawful.He therefore finds that disclosure of the withheld personal data of senior Council officers would not contravene the first data protection principle, and that this information was wrongly withheld under section 38(1)(b) of FOISA.

53.The Commissioner has gone on to consider whether the exemption in section 36(2) of FOISA was correctly applied to senior officers' personal data, and to the information remaining after redaction of the non-senior officers' personal data (as discussed in paragraph 43 above).

Section 36(2) of FOISA

54.The Council applied the exemption in section 36(2) of FOISA to all information withheld from Mr Traill.The Commissioner will consider it only in relation to the information not found to be exempt from disclosure under section 38(1)(b) of FOISA.

55.Section 36(2) of FOISA exempts information from disclosure if it was obtained by a Scottish public authority from another person (including another such authority) and its disclosure by the authority so obtaining it to the public (otherwise than under FOISA) would constitute a breach of confidence actionable by that person or by any other person. Section 36(2) is an absolute exemption and is not, therefore, subject to the public interest test in section 2(1)(b) of FOISA, but it is generally accepted in common law that an obligation of confidence cannot apply to information the disclosure of which is necessary in the public interest.

56.As noted previously, the Council argued that the courts had accepted that an employer could be bound by confidentiality in relation to information provided by an employee, both contractually and at common law.The Council referred to the case Dalgleish v Lothian and Borders Police Board 1992 SLT 721 and believed the correct approach was to ascertain whether a duty of confidentiality existed and then look to see whether there was a public interest defence, should the duty exist.

57.The Council argued that it was bound, through undertakings provided to employees and at common law, not to disclose private information provided to it by employees.It considered that the information withheld related to the private life of the employee concerned, and was information which was provided by the employee.It was not information created by the employee through their employment with the Council, but rather related to the employee's interactions with others as private individuals (in case that interaction should conflict with their duties as employees).

58.The Council submitted that it viewed the Register as an extension of the personnel file of the employee making the declaration, to be used as a reference document should any controversy arise.It indicated that the Register was rarely inspected by the Council, but that this would happen if allegations of inappropriate behaviour had been made or could be made against a particular employee, in relation to the acceptance of gifts or hospitality.

59.The Council advised that it had been mindful of the (UK) Information Commissioner's decision Hull City Council (FS50073305)[4].The Council stated that the Information Commissioner had found in favour of a local authority which had refused to provide personal data of its Head of Legal Services.While that case related to the Declaration of Interests by employees of a local authority, the Council believed that the matters raised in that decision applied to the information withheld from its own Register.

Does section 36(2) apply?

60.Section 36(2) contains a two stage test, both elements of which must be fulfilled before the exemption can be relied upon. Firstly, the information must have been obtained by a Scottish public authority from another person. "Person" is defined widely and includes another individual, another Scottish public authority or any other legal entity, such as a company or partnership. The second part of the test requires that the disclosure of the information by the public authority would constitute a breach of confidence actionable either by the person who provided the information to the public authority or by any other person.

Was the information obtained from another person?

61.As noted previously, the Council submitted that the information in the Register was provided by its employees in their capacity as private individuals, in case their interaction with others, as private individuals, should conflict or apparently conflict with their duties as employees of the Council.The Council stated that the withheld information was not information regarding any work undertaken by the employee for the Council.It contended that the gift or hospitality was not being offered as part of the person's employment and the employee was not in that context a representative of the Council, otherwise the gift etc. would be made to the Council and not the individual.The focus of the declaration, the Council argued, was on the gift/hospitality etc. by a third party and not on any tasks performed by that employee.

62.In relation to the question of whether the information was "obtained" from another person, the Commissioner takes a different view to that put forward by the Council.As indicated above (see paragraphs 36 to 38 inclusive), he finds that the information was recorded in the Register by employees of the Council acting as employees and not as private individuals, under obligations laid down in the Code, which governs the actions of Council employees.Although the Council has argued that the information withheld relates to gifts or hospitality offered to an individual in their private capacity, the Commissioner takes the view thatthe requirement to record that offer (as indicated above) relates to the individual's responsibilities as an officer of the Council.

63.For this reason the Commissioner does not accept that the information has been obtained by the Council from "another person", but rather finds that it was created by Council employees as part of their normal duties.Consequently, the first test required in order to show that section 36(2) of FOISA can apply to the information has not been met.

Would disclosure of the information constitute an actionable breach of confidence?

64.For the sake of completeness, however, and in the event that the Commissioner is wrong on this initial point, he has gone on to consider whether disclosure of the information by the Council would constitute a breach of confidence actionable either by the person who provided the information or by any other person, as would be required in order for the exemption in section 36(2) of FOISA to apply.

65.The Commissioner takes the view that "actionable" means that the basic requirements for a successful action must appear to be fulfilled.

66.There are three main requirements which must be met before a claim for breach of confidentiality can be established.These are:

the information must have the necessary quality of confidence;

the public authority must have received the information in circumstances which imposed an obligation on the authority to maintain confidentiality; and

there must be a disclosure which has not been authorised by the person who communicated the information but which would cause damage to that person.

67.In paragraphs 49 and 51 above, the Commissioner deals with the Council's arguments on confidentiality insofar as they relate to the Council's senior officers.He believes the same considerations apply in respect of the information on non-senior officers, redacted as described in paragraph 43 above.As noted previously, the Code states that information within the Register may be released to other parties in line with the principles of the DPA.This shows that the Council has entertained the possibility that information in the Register might be disclosed.Given that statement, together the absence of any explicit requirement that the information will be held in confidence, and having considered the content of the information under consideration here (i.e. the information the Commissioner does not consider to have been properly withheld under section 38(1)(b) of FOISA), the Commissioner cannot accept that the information could considered to have been received in circumstances which imposed an obligation on the authority to maintain confidentiality.

68.The Commissioner does not accept that, even if the information withheld in this case was provided by another person, that it is information which, if disclosed, would give grounds for a successful breach of confidence action.He therefore finds that the exemption in section 36(2) of FOISA was wrongly applied to the information in question.

69.The Commissioner has also considered the extent to which the Information Commissioner's decision in the case of Hull City Council (FS50073305) might have implications in relation to the current case, as argued by the Council.He has found the issues raised in the Hull City Council case to be significantly different from those raised by the case currently under consideration.The information in the current case relates to gifts, hospitality and services offered to Council employees (and not necessarily accepted by them) during the course of their employment, whereas Hull City Council was asked for information about pre-existing personal interests registered by a senior officer upon taking up a new appointment.

70.The Commissioner considers that the information recorded in the Register serves a different purpose to the information recorded as a potential conflict of interest in the Hull City Council case.The Council's Register is as much a record of the approaches made by third parties as it is a record of gifts and hospitality accepted by Council staff.The Commissioner also considers that there is a notable difference, in terms of degrees of intrusion into personal privacy, between disclosure of personal data about events and circumstances in an employee's private life which only later take on relevance in relation to the employee's professional duties; and personal data which, even if "private" in some notional sense, is directly related to, and has been created as a consequence of, events and circumstances in the employee's working life.

Conclusion

71.The Commissioner requires the Council to provide Mr Traill with the information withheld from the Register, after redacting the names and addresses of private individuals or individuals representing corporate bodies, the names and job titles of all Council employees apart from those of senior officers, and any signatures appearing on the forms.

DECISION

The Commissioner finds that South Lanarkshire Council (the Council) partially failed to comply with Part 1 (and in particular section 1(1)) of the Freedom of Information (Scotland) Act 2002 (FOISA) in responding to the information request made by Mr Traill.

The Commissioner finds that the Council was not justified in withholding certain information under the exemptions in section 38(1)(b), although the exemption was correctly applied to the other information withheld under that exemption. The Commissioner also finds that the Council wrongly applied the exemption in section 36(2) of FOISA to all of the information withheld.

The Commissioner requires the Council to provide Mr Traill with the information specified in paragraph 71 of this decision notice.This information must be provided no later than 45 calendar days after the date of intimation of this decision notice, that is by 8 February 2011.

Appeal

Should either Mr Traill or South Lanarkshire Council wish to appeal against this decision, there is an appeal to the Court of Session on a point of law only.Any such appeal must be made within 42 days after the date of intimation of this decision notice.

Kevin Dunion
Scottish Information Commissioner
20 December 2010

Appendix

Relevant statutory provisions

Freedom of Information (Scotland) Act 2002

1General entitlement

(1)A person who requests information from a Scottish public authority which holds it is entitled to be given it by the authority.

?

(6)This section is subject to sections 2, 9, 12 and 14.

2Effect of exemptions

(1)To information which is exempt information by virtue of any provision of Part 2, section 1 applies only to the extent that ?

(a)the provision does not confer absolute exemption; and

?

(2) For the purposes of paragraph (a) of subsection 1, the following provisions of Part 2 (and no others) are to be regarded as conferring absolute exemption ?

?

(c) section 36(2);

?

(e) in subsection (1) of section 38 ?

?

(ii) paragraph (b) where the first condition referred to in that paragraph is satisfied by virtue of subsection (2)(a)(i) or (b) of that section.

36 Confidentiality

?

(2)Information is exempt information if-

(a) it was obtained by a Scottish public authority from another person (including another such authority); and

(b) its disclosure by the authority so obtaining it to the public (otherwise than under this Act) would constitute a breach of confidence actionable by that person or any other person.

38Personal information

(1) Information is exempt information if it constitutes-

?

(b) personal data and either the condition mentioned in subsection (2) (the "first condition") or that mentioned in subsection (3) (the "second condition") is satisfied;

?

(2) The first condition is-

(a) in a case where the information falls within any of paragraphs (a) to (d) of the definition of "data" in section 1(1) of the Data Protection Act 1998 (c.29), that the disclosure of the information to a member of the public otherwise than under this Act would contravene-

(i) any of the data protection principles; or

?

(b) in any other case, that such disclosure would contravene any of the data protection principles if the exemptions in section 33A(1) of that Act (which relate to manual data held) were disregarded.

?

(5) In this section-

"the data protection principles" means the principles set out in Part I of Schedule 1 to that Act, as read subject to Part II of that Schedule and to section 27(1) of that Act;

"data subject" and "personal data" have the meanings respectively assigned to those terms by section 1(1) of that Act;

?

Data Protection Act 1998

1Basic interpretative provisions

In this Act, unless the context otherwise requires ?

?

"personal data" means data which relate to a living individual who can be identified ?

(a)from those data, or

(b)from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller,

and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual;

?

Schedule 1 ? The data protection principles

Part I ? The principles

1.Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless ?

(a)at least one of the conditions in Schedule 2 is met, and

(b)in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.

?

Schedule 2 ? Conditions relevant for purposes of the first principle: processing of any personal data

...

6(1)The processing is necessary for the purposes of legitimate interests pursued by the data controller or by the third party or parties to whom the data are disclosed, except where the processing is unwarranted in any particular case by reason of prejudice to the rights and freedoms or legitimate interests of the data subject.

?

[1] http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/freedom_of_information_-_access_to_information_about_public_authority_employees.pdf

[2] http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/government_departments_v2.pdf

[3] http://www.itspublicknowledge.info/nmsruntime/saveasdialog.aspx?lID=3085&sID=133

[4] http://www.ico.gov.uk/upload/documents/decisionnotices/2006/fs50073305_dn.pdf