2.5 Freedom of Information Act

This chapter deals with Freedom of Information Act requests.

Data Protection requests (i.e. requests for an individual's own personal data) must be dealt with within 40 days and should be passed to the officer responsible for administering these as soon as possible. There may be some restrictions on what can be accessed, particularly by parents, foster carers or other agents for a child. These will be dealt with by each agency in accordance with their own data protection procedures.


Operational Practice

1.1 The Freedom of Information Act 2000 (FOIA 2000), fully implemented on 01.01.05 amended but did not replace the Data Protection Act 1998 which continues to apply to requests by an individual for access to her/his personal records.
1.2 The Act reflects commitments to more openness made soon after the Labour government was elected in 1997 and every public authority is obliged to develop and publicise its publication scheme.

The FOIA 2000 confers on applicants to public authorities, a general statutory right to:

  • Be told whether or not the authority (e.g. social work, education and health services, police etc) holds recorded information, and if so;
  • Have that information communicated to them.

The FOIA 2000 specifies conditions which need to be fulfilled before an authority is obliged to comply with a request:

  • The applicant (an individual or an organisation) must describe what s/he wants;
  • If the organisation's policy requires it, pay, within 3 months of her/his request, a fee (no fee is chargeable for requests costing less than £450-00 of work).

The public authority must comply with its duty as follows:

  • Promptly and within 20 working days; or
  • Other period (not exceeding 60 working days) from receipt of request as per the Freedom of Information (Time for Compliance with Request) Regulations 2004;
  • It must respond by the method requested by the applicant as far as is reasonably practicable;
  • If it declines an application, it must provide reasons.

Many exemptions from the obligation to confirm the existence of and share information exist, relating to either:

  • A 'class' of information;
  • Application of a 'prejudice' test; or
  • Consequences of disclosure.

Exemptions may be:

  • 'Absolute', where the need to balance the public interest in disclosure against the public interest in maintaining the exemption does not arise; or
  • 'Relative', where the application must be balanced against the public interest in disclosure;
  • The following exemptions are likely to be of most relevance in the child protection context:
    • The information sought is available by other means anyway e.g. information leaflets or information which is intended to be published e.g. an annual report etc.;
    • Repeated or substantially similar requests from the same person (unless made at reasonable intervals);
    • Any information held at any time by a public authority for the purpose of a criminal investigation / criminal proceedings conducted by it;
    • Information relating to the obtaining of information from confidential sources (informers) if obtained or recorded for purposes of the authority's functions relating to criminal investigations or proceedings, those associated with law enforcement or civil proceedings arising from such investigations;
    • Information held by a public authority in documents filed with or placed in custody of court or served upon or by the public authority for purpose of court proceedings or which a court has created in proceedings;
    • Where disclosure would (in the reasonable opinion of a qualified person) prejudice or be likely to prejudice effective conduct of public affairs;
    • Where disclosure would or would be likely to, endanger the physical or mental health or safety of any individual;
    • Personal information relating to the applicant which is covered instead by the Data Protection Act 1998;
    • Information obtained from any other person if its disclosure would constitute a breach of confidence actionable by that or any other person (note though as indicated above, the common law duty of confidence itself provides that a duty of confidence does not arise having regard to public interest);
    • Any information covered by legal professional privilege;
    • Vexatious applications;
    • Where information is personal data of a third party and provision would contravene the data protection principles or cause damage or distress as defined by section 10 of the Data Protection Act 1998.
1.8 Management and legal advice should be sought for all FOIA 2000 requests.
This page is correct as printed on Friday 14th of August 2020 02:20:52 PM please refer back to this website ( for updates.