Details of advice given, and internal correspondence, in relation to to IPSA's decision on pooled service providers


I request the following information under the Freedom of Information Act:

All advice received, internal correspondence and notes regarding IPSA’s decision as to whether information provided to “pooled service providers” met the necessary quality of confidence to meet the conditions required under that exemption under S.41 of the Freedom of Information Act.


“17. IPSA further commented in response to the IC raising the issue of the s41(1) FOIA exemption (that disclosure would be an actionable breach of confidence):- “As part of our decision whether or not to disclose the information in response to Ms Corderoy’s FOI request, we considered whether the s.41 exemption applied, but concluded at the time that our undertaking to the ERG and other Pooled Service Providers does not meet the necessary quality of confidence to meet the conditions required under that exemption.”


IPSA holds the information that you request.

By way of background, IPSA received a Freedom of Information Act request for the European Research Group (ERG) materials which it reviewed as part of its assurance review into the pooled services in 2016.

As part of its processes, IPSA will ordinarily consider whether any exemptions apply before disclosing information.

Regarding this particular request, IPSA initially applied s.43 FOIA (commercial interests) in withholding the information. However, this was subject to challenge and at internal review, we considered the s.41 (information provided in confidence) exemption, and in particular whether the information possessed the necessary quality of confidence, in accordance with the Information Commissioner’s guidance.

For the s.41 exemption to apply, the requirements under both s.41(a) and s.41(b) must be met.

At s.41(b), whether or not information possesses the necessary quality of confidence is subject to the confidence test. In this regard, the requested information does not possess the necessary quality of confidence on the basis that the information contained in those materials is already in the public domain.

The ICO’s guidance states that: ‘’For information to be 'confidential' it must also be ‘inaccessible’ in the sense of not being in the public domain or a matter of public knowledge. Information that is already in the public domain won’t possess the necessary quality of confidence. This reflects the position taken by Judge Megarry in Coco v A N Clark (Engineers) Limited [1968] FSR 415 where he stated:

“…there can be no breach of confidence in revealing something to others which is already common knowledge.” 

The materials were produced from information in the public domain. Therefore the confidence test did not pass the first hurdle. On that basis, we exempted the information under s.36 FOIA (Prejudice to the effective conduct of public affairs) instead.

The internal communications on this issue accompanies this response. We have withheld some information in accordance with the exemption under s.40 FOIA (Personal Information). Further details on the application of this exemption can be found below.

Exemptions applied

Section 40 – Personal information

Information relating to an identified or identifiable natural person is ‘personal data’, as defined by the General Data Protection Principle (GDPR).

Section 40(2) of the FOIA provides that personal information is exempt information if:

(a) it constitutes personal data; and

(b) the condition set out in s. 40(3A)(a) of FOIA is satisfied, namely that disclosure to a member of the public would contravene any of the data protection principles in the GDPR.

In our view (a) is satisfied because the information sought by you relates to an identifiable, living individual, and (b) is also satisfied because disclosure would breach the first data protection principle in Article 5(1)(a) of the GDPR, which requires that personal information is processed fairly, lawfully and in a transparent manner; processing includes disclosure. In relation to fairness, IPSA is required to process personal data in a manner in which people, would reasonably expect.

We do not consider it within the reasonable expectations of IPSA staff below directors’ grade, that their personal information would be disclosed in response to a Freedom of Information Act request, which is deemed to be disclosure to the world at large.

As such, we are obliged to withhold the information from disclosure under section 40(2) of the FOIA.

This part of the section 40 exemption is an absolute exemption and so no consideration of public interest arguments for and against disclosure is required.

This concludes our response to your request.

26 July 2019
Exemptions Applied:
Section 40