Mr Joseph Millbank requested information from Dundee City Council (the Council) relating to criminal convictions of employees in its Criminal Justice Social Services department. The Council refused to supply the information requested on the basis that it was personal data, disclosure of which would breach the first data protection principle. As such, the Council maintained that it was exempt under the terms of section 38(1)(b) of FOISA. Having considered this case, the Commissioner issued a decision on 18 July 2007, in which he concluded that the information requested by Mr Millbank was not personal data, and so it was not exempt in terms of section 38(1)(b) of FOISA. The Commissioner required the Council to supply the withheld information to Mr Millbank.
The Council appealed that decision to the Court of Session, on the grounds that the Commissioner was wrong to find that the information requested by Mr Millbank was not personal data. On review, the Commissioner considered that he had not applied the correct tests to determine whether the information was in fact personal data and he conceded the appeal. The Court subsequently granted a motion seeking to have the appeal allowed, the decision quashed, and the decision remitted for reconsideration by the Commissioner.
Following further investigation, the Commissioner found that the information requested by Mr Millbank was personal data and, since it related to offences committed by the individuals concerned, that it was also sensitive personal data. He found that disclosure of this sensitive personal data would breach the first data protection principle, and so it was exempt from disclosure in terms of section 38(1)(b) of FOISA. He therefore concluded that the Council had acted in accordance with Part 1 of FOISA when responding to Mr Millbank’s information request.
[2007] ScotIC 115 – 2007
Bailii
Scotland
Information
Updated: 22 November 2021; Ref: scu.434077