Croydon Council Hit With Enforcement Notice For FOI Fail

Written by

A London borough council could be found in contempt of court if it fails to address serious data compliance issues, according to the regulator.

The UK’s Information Commissioner’s Office (ICO) issued a withering rebuke to Croydon Council following its “repeated, systemic” failures to comply with the Freedom of Information (FOI) Act.

Read more on the ICO: UK to Revamp ICO as Part of Data Rules Reform

After a review last year, the ICO issued a “practice recommendation” to the council ordering it to improve its compliance posture, but on a subsequent assessment in June 2023, performance had declined further, the ICO said.

In short, the council is failing to deal with citizens’ requests for information, as is their right under the act.

“People have a legal right to be able to ask their council about its actions and receive an answer promptly. What we have seen with Croydon Council is repeated, systemic failures at complying with transparency legislation. They are failing their residents, and we are now compelling them to do better,” argued ICO head of FOI casework, Phillip Angell.

“Any public authority with poor Freedom of Information compliance levels may be subject to enforcement or practice recommendations as part of the ICO’s commitment to promoting openness, transparency and accountability.”

The ICO has now issued the council with an enforcement notice, which requires it to respond to all outstanding FOI requests over 20 working days old, no later than six months from the date of the notice. Croydon Council will also need to draw up and publish an action plan to tackle any future FOI delays, within 35 days from the date of the notice.

If the council does not comply, the ICO may write to the High Court under section 54 of the FOI Act. Depending on the court’s decision, Croydon Council may then be dealt with as if it had committed a contempt of court.

However, the council avoided a fine, under a new post-pandemic trial being run by the ICO in which the regulator takes a more conciliatory approach with erring public sector organizations.

What’s hot on Infosecurity Magazine?