Re: Or maybe..
> The only contact Ive had with the ICO that looked anything like work was a vexatious request for data that never existed from someone I eas taking to court.
I have found the ICO's department that deals with FOI Request complaints to be slightly better than the department that deals with Data Protection complaints. However I was told the other day that they've got a 13 weeks backlog of dealing with FOI Complaints...
I forsee having to raise yet another FOI Complaint with ICO regarding a particular Public Authority who are once again "taking the piss" regarding dealing with a FOIR I raised 4.5 months ago:
- they first did their usual trick (i.e. they have done this for EVERY FOIR I've submitted over the years) of emailing me *on* the 20th working day (the last day of the statutory response timeframe) after my submission to say their response would be delayed: "Although we are unable to confirm a date at this time, please be assured we will try to expedite this matter on your behalf".
- they then responded almost 1 month after that to (a) provide *some* of the information I requested, (b) to refuse to provide some information that I never actually asked for (people's names in a specific group) and didn't provide what I did actually ask for (people's job titles in a group), (c) to also refuse to provide some other information I did ask for by using the "cost limit" refusal, and (d) completely ignored some other information that I asked for.
- I then narrowed the scope of the information that they refused in point (c) above.
- 1 month after their (b) refusal to provide info that I never actually requested they sent me the result of a review where they upheld their decision not to provide me with the information that I never actually asked for (peoples' names) in the first place and decided to instead provide me with some of the information (peoples' job titles in a group) that I *did* actually originally request.
- 2 months after their initial response (and from when I narrowed the scope) they then did actually provide the information from the narrowed scope of (c) above.
- however as there was still no sign at all of the information requested in (d) above I chased them again. I had 2 back-and-forth email exchanges where I clearly explained the precise information in my original request that had *never* been provided and both times that person referring me to their most recently provided information which was nothing to do with the missing (d) information. Both times I clearly pointed out what was outstanding yet that person repeatedly parroted the same line about the previous review response having supplied this.
- On my 3rd attempt the person finally referred the matter back to the "review committee" who had provided the previous response. 2 weeks later they provided *some* of the outstanding information from (d) but refused to provide the rest again using the "cost limit" excuse.
So I'm now 4.5 months into a FOIR and only now have they (for the 2nd time) produced the "cost limit, go away" magic card. So I'll have to narrow the scope of that part of the request to get any of that specific information I wanted and then that'll go through another 1-2 months time period to get information back (assuming they don't find another excuse to reject the narrowed scope).
On top of that the information they eventually provided for (c) has been excessively redacted (I suspect they went "overboard" on redacting to obscure some problematic, for them, information). So I'll now have to write to them contesting some of the redacting (some of the "redacted" info is obvious from either the context or from other documents I have and is not info I believe they have a valid excuse to redact).
I forsee a long complaint to the ICO about this org once again failing to provide requested information within the statutory timeframe, ignoring portions of FOI Requests, "inventing" reasons to refuse to provide information, finally using "cost limit" excuses weeks or months after the statutory timeframe has elapsed, etc. This is an org where my worst record for a FOI Request from start-to-finish was a total of *two years* (which included them dripfeeding some of the info to ICO after they became involved and then the ICO finally issued an "Information Notice" to them which is basically a formal threat of "if you don't provide the info specified in this document within the specified timeframe then that automatically becomes a contempt of court matter").
In the past when the ICO have questioned them about using the "cost limit" excuse their answer has basically been along the lines of "well we don't have that info in our Document Management System so we'd have trawl through everyones email going back years to try and find it which wouid take weeks of effort" - in the past the ICO "accepted" that sort of explanation.
However the "Code of Practice on the Management of Records issued under section 46 the Freedom of Information Act 2000" covers how Public Authorities should manage the information that they possess. It covers both storing information that needs to be kept and deletion/destroying information when it is no longer needed. Why are documents going back 10+ years being kept by staff in their email rather than either (a) being placed in a Document Management System, or (b) being deleted if not longer required?
This organisations' "non management" of information appears to be a conscious methodology to avoid providing it via FOI Requests (it is purposely "expensive" to sift through staffs' large mailboxes going back years to find documents).
Unfortunately based on past experience I'm not expecting ICO to tackle the above organisation's blatent disregard for the FOI Act and the Code of Practice.