- 27 Mar 2019
Date received: 8 Mar 2019
Date responded: 26 Mar 2019
Please provide the following:
(A) any and all procedures, guidance, emails that set out the current role of Ministers and Special Advisers in responding to FOI requests and requests for internal review.
(B) a risk assessment that sets out the data protection compliance considerations associated with (A).
(A) Our current procedures/guidance setting out the role of Ministers and Special Advisers (and in fact, all Scottish Government civil servants) in terms of FOI(S)A handling can be found on our external SharePoint site here: https://foiguidance.sgworksite.org.uk/Guidance/The%20clearance%20process.aspx
You may be prompted for a username and password, the guest login available on our website is as follows:
However, you may be aware that the Scottish Information Commissioner has recently conducted an intervention investigation into Scottish Government’s handling processes and as a result of this, the role of Special Advisers/Ministers is currently being more clearly defined. Some information on this can be found here: https://www.gov.scot/publications/foi-improvement-project/
This page provides links to the Action plan, the Commissioners Intervention Report and the outline for the future criteria for decision making, which explicitly sets out the roles of, among others, Ministers and Special Advisers.
Under section 25(1) of FOISA, we do not have to give you information which is already reasonably accessible to you. If, however, you do not have internet access to obtain this information from the website(s) listed, then please contact me again and I will send you a paper copy.
I also attach a FOI(S)A awareness powerpoint presentation that was delivered to Junior Scottish Ministers last November. Whilst only slides 7-11 depict their duties in the process, I have decided to release the presentation in full.
(B) While our aim is to provide information whenever possible, in this instance the Scottish Government does not have the information you have requested.
As Scottish Ministers are the data controller for the purposes of the GDPR, we consider the Ministers require to decide whether or not a request is valid: as the Scottish Information Commissioner’s guidance points out (at paragraph 6), an authority is under no obligation to comply with an invalid request.
In order for the Ministers to make that decision, they require to process the applicant’s personal data. In our view, there is no other reasonable way by which the Ministers could assess the validity of a request for information in accordance with section 8(1) of FOISA. We therefore consider that processing is necessary for compliance with the Scottish Ministers’ legal obligation under section 1(1) of FOISA (which is engaged where they receive a valid request in terms of section 8(1)).
No distinction can be drawn between the Ministers (who are subject to the legal duties in the legislation) and their civil servants who assist them to comply with their duties. Special advisers are temporary civil servants appointed in accordance with Part 1 of the Constitutional Reform and Governance Act 2010. It is ultimately for the Ministers to decide how best to deploy their staff in order to ensure that they comply with their legal duties.
As Scottish Ministers are lawfully processing the data of which they are the Controller, we have not and do not deem a risk assessment necessary.
This is a formal notice under section 17(1) of FOISA that the Scottish Government does not have the information you have requested.
The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.
Please quote the FOI reference
Central Enquiry Unit
Phone: 0300 244 4000
The Scottish Government
St Andrews House