Emails sent from private accounts - decision of the Information Commissioner


The Information Commissioner's Office (ICO) published a decision on 1 March 2012, concluding that information contained in emails sent from a private email account of the Secretary of State for Education (SSE), Michael Gove, amounted to the business of a public authority and was to be classed as being held for the purposes of the Freedom of Information Act 2000 (FOIA).

In the decision, available here, the ICO recognised that the issues raised by this specific case are novel and may not have been envisaged at the time FOIA gained Royal assent. It is the first decision where the content of emails sent from a private account has been considered, although guidance on this matter was issued by the ICO in December 2011 (the ICO Guidance). The decision comes in the wake of a Financial Times investigation into the use of private email accounts and disclosure of information within government departments.

Background to the ICO's findings

An unnamed complainant made an information request to the Department of Education (DfE) for details of the subject headings of emails sent by the SSE to a number of named recipients over a period of just over one month. The DfE refused to comply with this request on the grounds that providing the specified information would exceed the appropriate financial limit in terms of FOIA.

Following the DfE's refusal, the complainant refined his request by limiting the recipient list to only one individual, named as Dominic Cummings, and by limiting the date range to a five day period in December 2010. The DfE responded to this second request by informing the complainant that it did not hold the information requested.

Along with the complaint submitted to the ICO, the complainant provided a copy of an email dated 29 December 2010 (a date within the specified five day period) which had been sent to Dominic Cummings, amongst others, from a private email account of the SSE. In the course of the ICO's investigations, the DfE explained that, by not searching Michael Gove's private emails at the time of the complainant's request, they were following guidance from the Cabinet Office which stipulated that government departments did not have authority to search the personal email accounts of their staff. The searches carried out by the DfE pre-dated the ICO Guidance which specifically identified official business held in private email accounts as being subject to FOIA.

Decision of the ICO

The DfE contended that the email produced by the complainant was a political discussion and as such was not subject to FOIA, whilst the complainant argued that so long as any part of the email amounted to government business it should be considered subject to FOIA in its entirety. The ICO discounted both views and instead emphasised that the correct approach was to consider the purpose of the email and whether the majority of its contents amounted to the business of the department.

There were a number of persuasive factors in the ICO's determination:

The recipients included a civil servant and special advisers to the SSE. Although some of the work of special advisers relate solely to 'party political' matters, large portions of their work also relate to government policy. The ICO decided that the distinction drawn by the DfE between 'official' and 'political' information was artificial and should be disregarded.
The content of the email was essentially an action plan and list of key events in the work of the DfE for January 2011. The ICO did not consider that such information could be regarded as anything other than government business.
The email asked routine questions of civil servants, such as asking for further details on the progress of departmental policy. Again, the ICO did not consider that such information could be regarded as anything other than government business.

In the decision, the ICO commented:

'The use of private email accounts instead of departmental accounts for the conduct of official business is a matter of concern to the Commissioner for a number of reasons. Adherence to good records management practice should be encouraged to promote data security, to preserve the integrity of the public record and to ensure effective compliance with access to information obligations'.

ICO Guidance

The decision highlights considerations for public authorities when dealing with information requests in relation to emails. Although specific guidance on this matter has not been issued by the Scottish Information Commissioner (and indeed, this subject has not yet been raised in a Scottish decision), the ICO Guidance provides risk-management information on steps public authorities might take in such situations.

Key points outlined in the ICO Guidance include:

where an individual's email account may include official information which is not contained elsewhere, the individual should be asked if their account can be searched;
public authorities should remind staff that deleting or concealing information with the intention of preventing disclosure is a criminal offence under FOIA; and
where a private email address is used for public authority business, an authority email address should be copied in for completeness.