Freedom of information

Copyright © 2025 LexisNexis

This subtopic contains a range of materials concerning freedom of information, focusing on the regime under the Freedom of Information Act 2000 (FIA 2000).

The freedom of information regime

In England, Wales and Northern Ireland the freedom of information regime is governed by FIA 2000, which grants a general right of access to information held by public authorities, while also placing an obligation on such authorities to make certain information available to the public proactively and regularly. The body responsible for enforcing the regime is the Information Commissioner's Office (ICO).

The regime in Scotland contains similar rights governed by different legislation. The Scottish Information Commissioner is responsible for enforcement in relation to Scottish public authorities. Public authorities that span the whole of the UK, such as the BBC or Ministry of Defence, are governed by the regime for England, Wales and Northern Ireland created by FIA 2000.

For introductory guidance on the freedom of information regime, see Practice Notes:

  1. Introduction to freedom of information

  2. Who is subject to the freedom of information regime

Rights and duties under the freedom of information

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Existing user? Sign-in TAKE A FREE TRIAL
Powered by Lexis+®
Latest Information Law News

ICO releases new guidance on anonymisation and pseudonymisation techniques

The Information Commissioner's Office (ICO) has published comprehensive guidance on anonymisation and pseudonymisation techniques on 28 March 2025, accompanied by a webinar scheduled for 22 May 2025. The guidance explains anonymisation and pseudonymisation concepts, outlines data protection obligations, and provides practical advice on implementing appropriate technical measures. It specifically addresses organisations using or considering anonymising personal data, including artificial intelligence developers, and details risk mitigation strategies for protecting individual privacy.

Automated decision-making and DSARs: right to access means a right to explainability (CK v Magistrat Der Stadt Wiendun & Bradstreet Austria GMBH)

Information Law analysis: The Court of Justice provided several clarifications around the scope of data subject access requests (DSARs) in the context of automated decision-making. The court held the determining factor for whether information constitutes ‘meaningful information about the logic involved’ under Article 15(1)(h) of the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) is whether the information enables the data subject to understand the logic involved in automated decision-making involving their personal data. The court also held disclosure by controllers should be underpinned by the principles of transparency, which requires information to be clear, accessible and intelligible, both in terms of content and form, from the perspective of data subjects. In the context of automated decision-making this doesn’t necessarily mean providing the exact algorithm, if it doesn’t help the data subject’s understanding of the ‘how’. The court confirmed DSARs do not mandate the disclosure of trade secrets, but this can only be decided by the relevant supervisory authority or competent court, after assessing all relevant information provided to them by a controller. The protection of trade secrets cannot be used as a blanket excuse by businesses to withhold certain information from individuals making a request under Article 15(1)(h) of the EU GDPR. Written by Marija Nonkovic, associate at Kemp IT Law LLP.

NCSC releases new principles for privileged access workstation implementation

The National Cyber Security Centre (NCSC) has published new principles for implementing privileged access workstations (PAWs). The principles provide organisations with guidance on establishing restricted workstations for accessing high-risk systems. The guidance emphasises that PAWs should be implemented as part of broader security controls, with focus on establishing trust through auditable systems and validated controls. The principles aim to help organisations protect against privilege escalation and reduce vulnerability to cyber attacks through administrative interfaces.

Information Law weekly highlights—27 March 2025

Welcome to this week’s edition of the Information Law weekly highlights: a hand-picked summary of news analysis, updates and new content related to laws governing the use and dissemination of information and personal data. Each week these highlights focus on developments in key topics such as data protection, ePrivacy, cybersecurity, breach of confidence, misuse of private information, and defamation.

View Information Law by content type :
News
Practice notes
Precedents
Q&As

Popular documents

Early leavers—preservation

Early leavers—preservationFORTHCOMING DEVELOPMENT: Section 10 of the Finance Act 2022 will increase the normal minimum pension age (NMPA) from 55 to 57 on 6 April 2028 (save for members of the firefighters, police and armed forces public service pension schemes).The Finance Act 2022 will also give

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

Brussels I (recast)—domicile (Arts 4 and 63) [Archived]

Brussels I (recast)—domicile (Arts 4 and 63) [Archived]ARCHIVED: This Practice Note has been archived and is not maintained.This Practice Note considers the general rule set out in Article 4 of Regulation (EU) 1215/2012, Brussels I (recast) when determining the relevance of a defendant’s domicile to

Contributory negligence in personal injury claims

Contributory negligence in personal injury claimsContributory negligence is a partial defence which can lead to a discount in damages.Other defences may also be relevant. See Practice Notes: Did the claimant consent to the risk of injury? and Was the claimant involved in an illegal activity?If a
Early leavers—preservation

Early leavers—preservation

Early leavers—preservationFORTHCOMING DEVELOPMENT: Section 10 of the Finance Act 2022 will increase the normal minimum pension age (NMPA) from 55 to 57 on 6 April 2028 (save for members of the firefighters, police and armed forces public service pension schemes).The Finance Act 2022 will also give

Late payment penalties—inheritance tax

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

Brussels I (recast)—domicile (Arts 4 and 63) [Archived]

Brussels I (recast)—domicile (Arts 4 and 63) [Archived]

Brussels I (recast)—domicile (Arts 4 and 63) [Archived]ARCHIVED: This Practice Note has been archived and is not maintained.This Practice Note considers the general rule set out in Article 4 of Regulation (EU) 1215/2012, Brussels I (recast) when determining the relevance of a defendant’s domicile to

Contributory negligence in personal injury claims

Contributory negligence in personal injury claims

Contributory negligence in personal injury claimsContributory negligence is a partial defence which can lead to a discount in damages.Other defences may also be relevant. See Practice Notes: Did the claimant consent to the risk of injury? and Was the claimant involved in an illegal activity?If a