Mr Y and Galway City Council
From Office of the Information Commissioner (OIC)
Case number: OIC-141229-B4C4Q7, OIC-141602-B9H4B5, OIC-141601-T2Z0C3
Published on
From Office of the Information Commissioner (OIC)
Case number: OIC-141229-B4C4Q7, OIC-141602-B9H4B5, OIC-141601-T2Z0C3
Published on
Note: This decision was appealed to the High Court by the Applicant on 04 January 2023.
Whether the Council was justified in refusing access to records containing the names of staff employed by service providers who carried out certain work on behalf of the Council on the basis that section 37(1) of the FOI Act applies and under section 15(1)(a) of the Act on the grounds that no such records exist or can be found after all reasonable steps were undertaken to locate relevant records
8 December 2023
This case concerns three separate FOI requests made by the applicant to the Council seeking the identity of engineers employed by service providers who were engaged in three specific road projects for Galway City Council. Given the similarities between the three FOI requests and the Council’s decisions on the requests, I have decided to issue a composite decision in respect of all three reviews.
In a request dated 16 December 2022, the applicant sought the full names, roles and job titles of certain individuals whose initials were set out in reports and drawings available on the Council’s website relating to a named road scheme project.
In a decision dated 10 January 2023, the Council refused the request under section 37(1) of the FOI Act 2014 on the basis that the information sought is personal information of staff working in the company that prepared the report/drawings. On 30 January 2023, the applicant applied for an internal review of the Council’s decision. On 20 February 2023, the Council varied its original decision, refusing the request under section 15(1)(a) of the FOI Act.
In a separate request dated 16 December 2022, the applicant sought a copy of a road safety audit report showing the names of the designers and of the road safety audit team which had been redacted in those records that were provided to him by the Council in response to a previous FOI request he had made.
In a decision dated 10 January, 2023, the Council refused his request under section 37(1) of the FOI Act, 2014. On 30 January 2023, the applicant applied for an internal review of the Council’s decision. On 20 February 2023, the Council affirmed its original decision.
In a further request dated 18 December 2022, the applicant sought the full names, roles and job titles of certain individuals whose initials were contained in a report and drawings available on the Council’s website relating to a separate named road project.
In a decision dated 10 January, 2023, the Council refused his request under section 37(1) of the FOI Act, 2014. On 30 January 2023, the applicant applied for an internal review of the Council’s decision. On 20 February 2023, the Council varied its original decision and refused the request under section 15(1)(a) of the FOI Act.
On the 6 August, 2023, the applicant applied to this Office for a review of the Council’s decisions in all three cases. The applicant said the matter concerns his requests to know the identity of professional engineers who engaged in roads design works for the Council under contract on three proposed road schemes.
During the course of this review, the Council provided this Office with submissions on its rationale for refusing the applicant’s requests under sections 37(1) and 15(1)(a) of the Act. In those submissions it said it realised that it had not provided the applicant with the name of a Council employee that it had originally redacted in the records released to the applicant. I understand that the Council has now provided this name to the applicant. This Office’s Investigating Officer wrote to the applicant with details of the Council’s submissions on both sections of the Act and invited him to make further submissions, which he duly did.
I have now completed my review in accordance with section 22(2) of the FOI Act. In carrying out my review, I have had regard to the correspondence outlined above, including the submissions made by both parties. I have also examined the records at issue and have had regard to them for the purpose of this review. I have decided to conclude this review by way of a formal, binding decision.
The Council initially refused all three requests by the applicant under section 37(1) of the FOI Act. It subsequently, refused access to records in cases OIC-141229 and OIC-141602 under section 15(1)(a) of the Act on the basis that it does not have records containing the names of the individuals whose initials are contained in the relevant records.
Accordingly, this review is concerned with whether the Council was justified in refusing, under section 37(1) of the FOI Act, records containing the names of the designers and of the road safety audit team which had been redacted in the records at issue in Case OIC-141601, and whether the Council was justified, under section 15(1)(a) of the Act, in refusing access to the full names of the individuals identified only by their initials in the records at issue in cases OIC-141229 and OIC-141602.
I will firstly consider the Council’s decision to refuse the names the individual staff members of the company which prepared the drawing and road safety audit report, in case OIC-141601.
Section 37(1) – Personal Information
Section 37(1) provides for the mandatory refusal of a request where the FOI body considers that access to the record concerned would involve the disclosure of personal information relating to an individual other than the requester. Personal information is defined in section 2 of the FOI Act as information about an identifiable individual that (a) would ordinarily be known only to the individual or to members of his/her family or to his/her friends, or (b) is held by an FOI body on the understanding that it would be treated by the FOI body as confidential. Furthermore, the Act details 14 specific categories of information that is personal information without prejudice to the generality of the foregoing definition, including: (iii), information relating to the employment or employment history of the individual.
Certain information is excluded from the definition of personal information. Paragraph II of the definition in Section 2 of the Act provides that where the individual is or was a service provider, the definition does not include the name of the individual or information relation to the service or terms of the contract or anything written or recorded in any form by the individual in the course of and for the purpose of the provision of a service. A similar exclusion for staff members of FOI bodies is found at Paragraph I. However, the exclusions to the definition do not exclude all information relating to staff members of FOI bodies or service providers. This Office takes the view that individual staff members are still generally entitled to the right to privacy.
In submissions to this Office, the Council said that the consultancy firm engaged by the Council is the service provider for the scheme/works that is the subject of the applicant’s request. The Council said that the personal information it redacted in the records at issue relates to the names of staff that are employed by the service provider, and who are not Council staff. In its submissions, the Council said it engaged the named consulting engineering company, not the individual employees of that company, to carry out the work on the project. For the sake of clarity, I accept the consultancy company is the service provider in this instance, and not its individual staff members.
Having consider the matter, I am satisfied that the names of the individuals at issue who work for the company providing the service to the Council are personal information within the meaning of the FOI Act. Accordingly, I find that section 37(1) of the Act applies to those names.
However, that is not the end of the matter as section 37(1) is subject to the other provisions of section 37.
Section 37(2)
Section 37(2) provides that section 37(1) does not apply in certain circumstances and I am satisfied that none of the circumstances provided for in section 37(2) apply to the information concerned. In his submissions to this Office, the applicant requested that the authors of the Road Safety Audit be approached to seek their consent. The Commissioner takes the view that, generally speaking, it is not appropriate for his Office to approach third parties to seek their consent to the release of their personal information. Notwithstanding the applicant’s views that consent should be sought, I do not consider this is necessary or warranted in this case.
Section 37(5)
Section 37(5) provides that a request that would fall to be refused under section 37(1) may still be granted where, on balance (a) the public interest that the request should be granted outweighs the right to privacy of the individual to whom the information relates, or (b) the grant of the request would benefit the person to whom the information relates. No argument has been made that the release of the relevant information would benefit the individuals at issue in this case, nor is it apparent to me how release would do so. I find that section 37(5)(b) does not apply.
Before I consider the applicability of section 37(5)(a), there are a number of important points to note. First, section 13(4) provides that, subject to the Act, in deciding whether to grant or refuse an FOI request, any reason that the requester gives for the request and any belief or opinion of the FOI body as to the reasons for the request shall be disregarded. In relation to the question of the public interest, this means that I cannot have regard to the applicant's motives for seeking access to the records at issue, except in so far as those motives reflect what might be regarded as true public interest factors in favour of release of the records, for example where matters raised in relation to the request may also be regarded as matters of general concern to the wider public.
Secondly, it is important to note that the release of records under the FOI Act must be regarded, in effect, as release to the world at large, given that the Act places no constraints on the uses to which a record released under the Act can be put. With certain limited exceptions provided for under the Act, which do not apply in this case, records are not released under FOI for any limited or restricted purpose. All of this means that in considering whether a right of access exists to records under section 37(5)(a) of the Act, any decision to grant access would be on the basis that there is an overriding public interest in the release of the records effectively to the world at large that outweighs the privacy rights of the third party individuals concerned.
On the matter of whether the public interest in granting access to the information at issue would, on balance, outweigh the privacy rights of the individuals concerned, I have had regard to the comments of the Supreme Court in The Governors and Guardians of the Hospital for the Relief of Poor Lying-In Women v. The Information Commissioner [2011] 1 I.R. 729, [2011] IESC 26) (“the Rotunda case”). In this regard, I note that a public interest should be distinguished from a private interest.
In considering where the balance of the public interest lies in this case, I have had regard to section 11(3) of the Act which provides that in performing any functions under the Act, an FOI body must have regard to, among other things, the need to achieve greater openness in the activities of FOI bodies and to promote adherence by them to the principles of transparency in government and public affairs and the need to strengthen the accountability and improve the quality of decision making of FOI bodies. However, in doing so, I have also had regard to the judgment of the Supreme Court in The Minister for Communications, Energy and Natural Resources and the Information Commissioner & Ors [2020] IESC 57 (“the Enet case”). In that case, the Supreme Court found that a general principle of openness does not suffice to direct release of records in the public interest and “there must be a sufficiently specific, cogent and fact-based reason to tip the balance in favour of disclosure”. Although the Court’s comments were made in cases involving confidentiality and commercial sensitivity, I consider them to be relevant to the consideration of public interest tests generally.
In this case, it seems to me that the applicant is effectively arguing that the names of the designers on the drawings and the names of the members of the road safety audit team ought to be identified so that they can be accountable for their work on public road projects.
The FOI Act recognises the public interest in the protection of the right to privacy both in the language of section 37 and the Long Title to the Act (which makes clear that the release of records under FOI must be consistent with the right to privacy). It is also worth noting that the right to privacy has a constitutional dimension, as one of the unenumerated personal rights under the Constitution. Privacy rights will therefore be set aside only where the public interest served by granting the request (and breaching those rights) is sufficiently strong to outweigh the public interest in protecting privacy. Moreover, even where an overriding public interest in granting the request exists, there is a discretionary element to the application of section 37(5)(a).
In his submissions to this Office, the applicant said “It seems to me that a reasonable person looking at the typical contracts and practice around the provision of engineering consultancy to local authorities would conclude that consent to being identified is assumed in the contractual agreements”. He said the same applies to Road Safety Audits. The applicant noted various examples of Road Safety Audits that have been published showing the names of the qualified personnel who conducted the audit. In his application to this Office, the applicant said his purpose in the FOI requests was to raise concerns with Engineers Ireland regarding technical aspects of the conduct of the designs. He said, professional engineers have their own professional regulatory body, Engineers Ireland, and that it does not treat the identities of its members as private information but makes them available to the public. The applicant said that when members of Engineers Ireland provide services they do so on the understanding that they may be identified and thus be subject to the rules and regulations of their own professional regulatory body. The applicant also referred to Road Safety Audit Guidelines published by Transport Infrastructure Ireland (TII), noting various requirements in those guidelines including that audit team members are specifically required to sign the reports they produce.
In its submissions to this Office, the Council said that the significance of these records lies in the content of the documents, not the creator, and that the public interest is served by the release of the content, which it has done. The Council said that it is the consulting engineer company that is the service provider, not its employees. The Council said that none of the individuals have given consent to the disclosure of the information and that they were not informed from the outset that their personal information would/could be released. The Council also said it is concerned about the risk of disclosing personal information of individuals working on behalf of the service provider and not directly for Galway City Council. The Council said that in carrying out its business, it relies on open market bidding and procurement and the trust of individuals, companies, and organisations. It said it fears that release of this personal information would discourage these companies from tendering and trust in the Council would be diminished as a result.
While I accept that the release of the identity of the individual engineers at issue may serve to somewhat enhance transparency around the particular project works, it seems to me that the degree of enhancement would be quite limited. In particular, I note the Council previously released a copy of the drawings and road safety audit report to the applicant. This, in my view, goes a long way towards serving the public interest in transparency and accountability in relation to the project works. Furthermore, while I have had regard to the applicant’s comments in regards to TII’s guidelines and the Code of Ethics for Engineers in Ireland, I do not accept these form a basis for me to find in favour of releasing the personal information at issue in the public interest.
As mentioned above, I am cognisant of the fact that the release of records under FOI is, in effect, regarded as release to the world at large, given that the FOI Act places no constraints on the uses to which the information contained in those records may be put. Having carefully considered the matter, and given the strong public interest in protecting the right to privacy, I do not consider the public interest in releasing the names of the relevant individuals outweighs the right to privacy of those individuals. I find therefore, that section 37(5)(a) does not apply. Consequently, I find that the Council was justified in refusing access to the withheld information under section 37(1) of the FOI Act.
Cases OIC-141229 and OIC-141602
As noted above, after it initially refused access to the information requested in cases OIC-141229 and OIC-141602 under section 37 (1) of the Act, the Council subsequently refused access under section 15(1)(a) of the Act on the basis that it does not have a record(s) containing the names of those individuals whose initials are contained in the relevant records.
The FOI Act is concerned with the provision of access to records that are actually held. The Act does not require FOI bodies to create a record if none exists, apart from a specific requirement to extract records or existing information held on electronic devices. In regard to records containing the full names of the individuals, the Council said it does not hold any such records. The Council also said that even if it held that information, it would consider the information exempt under section 37(1) of the Act. Details of the Council’s submissions in this regard were provided to the applicant.
Given my finding above in case OIC-141601 that the names of the individual staff members of the company providing the service to the Council in that case is exempt under section 37(1), I am satisfied that, even had that the Council located the information sought in cases OIC-141229 and OIC-141602, section 37(1) of the Act also applies to the names of the individual staff members of the service providers at issue in those cases. Consequently, I do not deem it necessary to consider the Council’s reliance on section 15(1)(a) of the Act any further.
Having carried out a review under section 22(2) of the FOI Act, I hereby affirm the Council’s decisions to refuse access to information sought by the applicant in his three requests under section 37(1) of the FOI Act.
Section 24 of the FOI Act sets out detailed provisions for an appeal to the High Court by a party to a review, or any other person affected by the decision. In summary, such an appeal, normally on a point of law, must be initiated not later than four weeks after notice of the decision was given to the person bringing the appeal.
Richard Crowley, Investigator