The Data Commissioner’s Workplace (ICO) has taken motion in opposition to two authorities departments for “persistent” failures to reply to Freedom of Data (FOI) Act requests.
The Division for Worldwide Commerce (DIT) was issued with an enforcement motion discover whereas the Division for Enterprise, Power and Industrial Technique (BEIS) was handed a follow suggestion after they failed to reply to FOI requests in time.
From January to March 2022, the DIT issued late responses to over 50% of requests, a breach of sections 1 and 10 of the legislation and the worst response figures of any central authorities division, in keeping with official statistics.
Response occasions declined final yr regardless of there being no enhance within the variety of FOI requests or famous useful resource issues on the DIT. Inner course of failings had been guilty, the ICO stated.
Beneath the phrases of the enforcement discover, the division should now reply to any excellent requests older than 20 working days, inside 35 calendar days of the enforcement discover. Additionally it is required to create and publish an motion plan formalizing measures to mitigate any future delays.
If it doesn’t comply, the DIT might be present in contempt of court docket.
BEIS additionally didn’t reply to many FOI requests inside the statutory time restrict, though it has skilled a 55% surge in requests since 2020.
Whereas its failings had been additionally down largely to poor inside processes, the division’s response was extra proactive than DIT’s. It engaged “positively” with the ICO and shared data on the steps it was taking to enhance efficiency.
Because of this, the regulator solely handed it a follow suggestion.
Though the advice will not be enforceable itself, failure to enhance efficiency within the coming months might result in an enforcement discover being issued.
That is the primary time in seven years the ICO has been compelled to subject an FOI enforcement discover and marks the beginning of a extra proactive regulatory regime, lately appointed data commissioner John Edwards stated.
“Accountability and transparency within the work of public authorities is key to democracy and it’s the ICO’s function to make sure that individuals’s proper to entry data is protected,” he added.
“I counsel public authorities to take be aware and be taught classes from the motion now we have taken at this time, as we shall be making better use of our powers underneath the act to drive good follow and compliance.”
The UK’s privateness and knowledge safety regulator is best identified for imposing the GDPR/Knowledge Safety Act 2018 and nuisance advertising laws.