How Scotland Yard monitors prying bloggers and journalists

Photo credit - Metropolitan Police

'You MUST obtain approval from press office', Scotland Yard's Freedom of Information team ordered

Although the police were happy to turn a blind eye to phone hacking at the News of the World, they’re making a habit of keeping tabs on innocent journalists and bloggers.

When a Freedom of Information (FOI) request is made it is meant to be dealt with “applicant and motive blind”. But, Scotland Yard have a system in place where requests from journalists are flagged up. The ‘High Profile Request’ list is circulated to all internal departments in the police force, along with the full name of each requester.

The Met have admitted: “The list includes the applicant and if they are a known journalist that information is included”.

FOI staff are banned from releasing any information to journalists without getting express “approval” from the Met’s Press Bureau. It is unclear whether any disclosures have ever been denied because of pressure from the Bureau.

An email to staff  said: “You MUST obtain approval… before release if this request is from a journalist or identified as high risk.” It said that “high risk” FOI requests include “any request involving an identified member of the media.” It also includes requests from “VIP’s (MP’s etc)”.

Another email, sent in November, again reminded FOI officers of the policy. It said: “All High Profile FOIA requests – particularly those from journalists – continue to be of interest to DPA [Directorate of Public Affairs].” The message continued:  if “you feel a request is generating issues which could result in media coverage and you have not already been contacted by DPA please contact Ed Stearns, Chief Press Officer.”

In a phone conversation I had with Ed Stearns in November he defended this policy. “We’d have to be aware if something is likely to become high-profile,” he said. “I don’t think that would be unusual to have that sort of flagged up.”

But how far does the Met pursue its interest in journalists and bloggers? Three individuals, who have asked to remain anonymous, have told this blog that Scotland Yard informally “investigated” them after they asked questions to the force. In one case, the Police Central E-Crime Unit (PCeU) scrutinised articles written by a political blogger after he had  talked to a police officer about his work. He claimed he was never charged for a crime and says he “found out accidentally” about the (informal) investigation when an officer “confessed” to having personally investigated his website.  The PCeU said there had been no formal investigations into online media.

In my phone conversation with the Met’s Cheif Press Officer, Ed Stearns, I asked him whether the Met made a habit of investigating bloggers.

“Can you categorically say that it’s not regular practice of the Press Office to find out information about journalists?”  

Well, I mean… if… umm… it depends, it depends what – I mean obviously if a journalist has… I mean… In what way do you mean ‘find out information’?”

“I wouldn’t rule it out that we would search on something like Twitter or Google News.”

This is probably fair enough – it is a press office after all. But the question is, does this research into journalists and bloggers affect what information is disclosed – and how quickly? Is this one reason for the Met’s continual FOI delays? After all, “flagging” is one thing, but why does the press office need to give “approval”? What happens if the Press Office does not grant approval?

The Met have attempted to justify their policy on FOI, saying: “The process is not intended to hinder or delay the release of information but to ensure that we release consistent information and are properly prepared for any potential consequences of the release.”

The Information Commissioner’s Office, meanwhile, states: “The correct approach in considering requests for information and the application of the exemptions and exceptions should be on the basis that the application could have been made by anyone, anywhere in the world, for any (non vexatious) reason.”

10 ways to save money on FOIs – without changing the act

Freedom of Information under threat

FOI under threat // Photo: Mark van Laere

The Freedom of Information Act is currently being reviewed by the Justice Select Committee, which is likely to suggest changes to the law. One of the main criticisms of the act is that it is a “drain on resources”.

From my experience of using FOI, I don’t think the law needs changing at all. If the government want to spend less on FOI here’s ten ways they can do it without changing the law:

 

1.  Publish more
By far the best way to reduce time and resources spent on FOI is to simply make more information available online in the first place. Authorities are generally not compelled to publish most information they hold, so huge caches of data are withheld from the public , accessible only through FOI. Although making more information routinely available will never solve every would-be request, the effect on many organisations would be enormous. (So much money is spent on web development anyway – such as Norfolk Police who spent £250,000 redesigning their website – why not spend some of that uploading some actual content?)

2.   Make information more accessible
It’s in everyone’s interests for information to be in easy to find, read, search and use. A lot of places publish data in huge unsearchable PDF files, rather than searchable spreadsheets, so people are more likely to send in FOIs. Similarly, it’s not uncommon for organisations to print out FOI responses, scan them and email them as image files. This scanned response from a council is almost incomprehensible. If published data was more accessible there’d undoubtedly be fewer requests.

3.   Disclosure logs
When organisations disclose information under FOI, why are so many reluctant to keep this off their websites? Some places like Ofcom, keep a full disclosure log updated regularly. But most organisations don’t – and some, like the Department of Culture, Media and Sport, when asked to provide copies of past FOI disclosures, treat that as an FOI in itself!

4.   Provide data, don’t crunch pre-published data
Following on from the above, organisations can save resources by rejecting FOI requests if the information is already published, or is due to be published (this includes disclosure logs). It is not an FOI officer’s job to pull specific data from publicly-available documents, but this often happens regardless.

5.   Cut FOI bureaucracy
Some FOI officers send huge documents filled with legal mutterings and comments on the data. Others just send a short email. Why waste time and resources?

6.   Respond on time
The statutory deadline for FOI responses is continually neglected by authorities, wasting vast amounts of time and resources. For instance, in this particularly painful exchange the Charity Commission delayed their response by 16 months. As a result of bad practice, some 875 decision notices were issued by the Information Commissioner’s Office last year. Each one takes ages and involves piles of paperwork.

7.   Centralise data
A big obstacle for requesters comes when data is spread across hundreds of different institutions. For instance, to get a national picture relating to hospitals, police forces, councils, etc. it is often necessary to send bulk requests. If more data was centralised it would mean far fewer FOIs and would particularly help councils who receive the majority of requests.

8.   Stop treating informal requests as FOIs
Freedom of Information is a great thing, but lots of places now push all questions to their FOI team to be treated as “formal requests”. Press offices are far to keen to tell journalists “you’ll have to FOI that,” if the answers are not right in front of them. Even clarifications to FOIs are often treated as fresh requests, creating a whole stack more paperwork and bureaucracy. A greater willingness to answer questions and provide information would save time for everyone.

9.   Advise FOI requesters
Many organisations do not provide phone numbers for FOI officers and offer little advice not only on whether the information would be available under FOI, but also whether an FOI is needed at all.

10.   Cut links between FOI offices and press offices
FOI requests are meant to be dealt with anonymously, but it is common for authorities to coordinate FOI responses with press officers. Not only is this not in the spirit of the act, it also means more work for the organisation. (More on this dodgy practice soon.)

Of course, aside from all this, should we really be putting a price on transparency and accountability?

I’d suggest not.

Exclusive: Met Police website taken offline after AccessDocs exposes privacy breach

Offline: The Met website's disclosure log, after 105 files found with private data

Updated: 19/10/11

The Metropolitan Police has been forced to remove part of its website, after a mass privacy breach was exposed by this blog.

More than 100 documents had accidentally been published online containing confidential information in the files’ meta-data. This included names, email addresses and employment history of members of the public.

An “urgent investigation” has now been launched by police into the breach, and the entire section of the website has been taken down. The Information Commissioner has also launched its own investigation after receiving a number of complaints.

The documents had been online for months – free for anyone to read and find through Google. They were legitimately listed on a Freedom of Information disclosure log – but data within the files gave away people’s personal details.

The Met told AccessDocs: “The MPS has temporarily disabled the website whilst we carry out an urgent investigation. As an interim measure, we have removed all the PDFs that contain disclosure information from the server to ensure no further loss of personal information… We apologise for any inconvenience this may cause and aim to have the site restored as soon as possible.”

“NB – first indications show that email addresses may have been published.”

Police originally claimed to have “disabled” the website on Tuesday, but it later transpired that all the documents were still online. Instead of removing it, the home page of the information was simply moved. This meant that although old links to the data didn’t work, it could still be found through Google, or by editing the URL. This further error was reported on Tuesday evening, but it took around 12 hours to finally be taken offline.

Police also confirmed that one individual who had her personal details published has already registered a complaint. An email from the Met to the woman said: “It has been brought to our attention that your personal details have appeared on the Metropolitan Police Service website”.

Other people who had personal details published by the Met include an ex-policeman, a professor, a solicitor, an American student and a Daily Mirror journalist.

At least two people have now sent complaints to the Information Commissioner’s Office (ICO). A spokesman for the commissioner said: “We will be making enquiries into the circumstances of this alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken.” The ICO has the power to prosecute and impose penalties of up to £500,000 on organisations for private data breaches.

The Disclosure Log, which has been taken down as a result of the privacy breach, provides copies of the responses to Freedom of Information (FOI) requests that are sent to the Met.  Disclosure logs are a valuable and positive part of transparency – FOI campaigners will therefore be pleased that the Met have confirmed that this move is only a temporary one. A press officer for the police said that they would go through each of the hundreds of documents individually, if necessary – but that they would get the disclosure log back online as soon as possible. 

In future, Data Protection and Freedom of Information should not be an either/or. 

NB:  For all queries about this story, please contact me on mrw504@gmail.com , or see the ‘about’ page, or see my website.  

Exclusive: 100 private documents accidentally published on police website

File info showing name and email address of a member of public who had requested information from the police. (Here, the private details are blanked out, but they are still online on the Met's website).

Privacy breaches by the Metropolitan Police have left more than 100 documents online which contain confidential information.

Names, email addresses and employment details are among the private data which can still be viewed on the Met’s website.

Police publish all their responses to questions in an online disclosure log. But staff are routinely failing to remove personal information from the titles of files – leaving people’s details, and their questions, free to be found through Google and read by anyone.

The breaches include the details of an ex-policeman, a professor, a solicitor, an American student and a Daily Mirror journalist. In total, around 105 files contain privacy breaches, with a sharp increase in breaches since August.

Some of the documents also include whole paragraphs of personal information about the members of public making Freedom of Information (FOI) Requests. Police uploading responses to the internet have simply copied and pasted sections of correspondence which give personal information.

A rise in the number of privacy breaches follows record levels of FOI requests to the Met, suggesting that privacy is being overlooked. New figures show that requests rocketed this summer after the police force came under criticism over the hacking scandal and the August riots.

NB: Some people submitting FOI requests choose to make their information public by using whatdotheyknow.com, but a large number of requests are done confidentially for personal, journalistic or employment reasons. For instance, someone trying to gather information about an employer may not want to be ‘found out’ by future employers. 

See also:  ‘How police lost your personal data’ (from August 2011)

UPDATE: The Metropolitan Police have removed their entire online disclosure log as a result of this blog post. Several of the people who had personal details published have expressed their anger at the police. More updates to come. All enquiries to Martin Williams  – mrw504@gmail.com

BBC breaching transparency laws over Mark Thompson’s emails to Jeremy Hunt

Above the law: What does Mark Thompson have to hide?

The BBC is knowingly breaking Freedom of Information laws by refusing to release emails sent between the Director-General Mark Thompson and Culture secretary Jeremy Hunt.

The disclosure of communications was requested in June by AccessDocs, but the BBC has openly rejected transparency laws.

They said: “we need further time in which to consider the public interest in disclosing the information.” But, having already extended their response deadline by 20 days, they have now crossed the final legal deadline for response.

Despite warnings to the BBC stating that it’s intention to delay the disclosures would be a breach of the rules, staff remained defiant. “The BBC is of the view that the delay is justified,” a policy adviser said.

This was not the view of a source at the Information Commissioner’s Office (ICO) who said he couldn’t see how the behavior did not constitute a breach.

The ICO explain: “Public authorities should respond to a request for information within 20 working days. If they need to consider the public interest this may be extended to 40 working days, providing you have been informed.” More than a week has passed since the maximum 40-day deadline.

Exclusive: Care home inspections hit record low as CQC funding slashed

The Care Quality Commission has been forced to admit that it inspects far fewer care homes than ever before.

Figures released under the Freedom of Information Act show that there were only 5,331 inspections this year, compared to more than 48,000 inspections six years ago.

CQC inspection numbers are shown in the graph below.

A small proportion of the decline is down to changes in responsibility, that meant Ofsted took over inspecting certain institutions. But this doesn’t account for much.

The CQC has been damaged by budget cuts and, as a result, has shifted it’s approach to inspections. Rather than visiting lots of homes, inspectors will now visit far fewer homes but almost always (98% of the time) do so unannounced.

Although unannounced inspections are obviously more likely to catch problems, there are now so few inspections it is inevitable that the CQC will miss scores of serious issues. This was highlighted recently by Panorama’s exposure of abuse taking place in Winterourne View Care Home. In that instance, the CQC failed to pick up on the abuse despite a senior nurse, Terry Bryan, reporting the issues to the regulator. When the CQC failed to step in, Bryan contacted the BBC.

View the documents here:

Table of adult social care inspection activity from 2002 v1 (Word doc)

ASC services at 090910 (3) (Excel)