Being asked to delete emails to evade FOI request in the future.

[Slaps16]

This is not a situation I am in however, a friend of mine is.

My friend works for a civil service department, my friends line manager has asked my friend by email to delete certain emails relating to a case file the line manager is building against another member of staff. In the email from the line manager they clearly instruct my friend to delete all emails relating to the third person, quote "you know what FOI is like". As a result my friend has serious concerns about this if an FOI resquest was to be made in the future by the third person whom the case file is being built against. Surely this conduct is not on by the line manager in question? My friend is quite worried and a bit stressed about the hole thing.

From a legal viewpoint, the conduct by the line manager can't be right, can it?

 

[newtothis]

I think your friend would be well advised to get some independenrt advice from a trade union, HR expert or similar.

Without knowing the details, I'd say it's impossible to give advice on whether they should comply with the request or not. At one end of the scale, emails are deleted all the time and it may be perfecltly fine for someone to make a request like this. At the other end, it could amount to a criminal act of destroying evidence if there's an ongoing inbestigation. It all depends on circumstances. As I said, best to take advice from someone independet who can be and is fully briefed on the background.

 

[PMU]

Your friend should print down and store a copy of the e-mail. He/she should also store a hard copy, initialed and dated, on the relevant paper file. E-mails relating to official business are departmental records within the meaning of the National Archives Act 1986 and should not be disposed of otherwise than asprovided for by legislation or departmental regulations. And civil servants are required to comply with the constraints of the law. Your friend should familiarize him/herself with the Civil Service Code of Standards and Behaviour, in particular, section 7 Disclosure of Information which, inter alia, says that members of the public enjoy a legal right of access to information held by Government Departments/Offices and other public bodies, and that particular care should be taken to safeguard certain types of information. So if he destroys e-mails that contain such information he is frustrating citizens rights under the FoI legislation, and is potentially in breach of the Code, which forms part of his terms of employment, and which he is expected to apply at all times.

So your friend is up the creek. If he destroys the information and it is discovered (and there are back-ups remember) he is putting his career on the line, and if he doesn't, his superior could also screw up his career. If he goes to the Personal Officer, the superior will just deny it or talk his way out of it.

 

[huskerdu]

This doesn't make sense.

What is official policy in the Civil Service and this department on keeping emails. If there is then this person just needs to obey the policy and ask for clarfication on that policy in this circumstances.

I know someone in a Public service organisation that is subject to FOI, and all emails are archived at source so they are not dependent on individuals deciding what to keep.

Any organisation who is subject to FOI should not be depending on individuals to decide what to keep or be dependent on individuals email folders , in the future for FOI requests , especially where the relevant staff may have left.

 

[Leper]

There is a lot more to this than just a couple of posts here. Undoubtedly, there is quite a story of which we will never even come near.

 

[Slaps16]

There is a lot more to this than just a couple of posts here. Undoubtedly, there is quite a story of which we will never even come near.

You are right there is more to it, however it would be akin to a soap opera which my friend wouldn't inflict on anyone! The line manager in question has made it clear that they want 'get' the third party disciplined through building a case file etc. Now my friend gets on ok with the third party, however the line manager is determined to see this through by using my friend to do the dirty work and receive the credit. My friend is getting hassle from the line manager in other respects but is looking to basically show the line manager for what they are. By the way my friend will be moving departments shorty anyway apparently.

My friend is looking at the protective disclosure option

There's a whole other cascade of stuff with other employees and this line manager apparently, that story defies belief on its own.

 

[DeeKie]

Your friend should investigate whistleblower protection in that organisation and think about a protected disclosure

 

[Leper]

I got involved in a Freedom-of-Information debate here some months ago with an apparent naive poster here. He had a management position in the Public Service. It descended into a personal type of situation which resulted in the posts being deleted and the Poster hasn't posted since. (He might have been banned). Whistleblower Protection is another area where the protection is seldom what it says on the tin.

From where I sit, (i) I suggest the relative emails be forwarded to his/her home email address and stored there for whenever they might be needed. I suggest this should be done immediately and any further "evidence" sent the same way. And later (ii) Demand written instruction from the Line Manager regarding any deleting of emails.

Over my working life in the PS, I've seen too many Line Managers throwing their weight around in ways that are suspect. There is not enough evidence here for me to comment on what is happening in Slaps-16 situation.

 

[Leper]

I have posted several bits of advice on he forum where the person should contact his/her trade union. This is not a thread on which I would give the same advice. I bet the Line Manager and the staff are members of the same trade union.

Most Public Service/Civil Service managers are very PC and know their jobs. However, there is a minority of management dinosaurs who couldn't balance a mouse turd on a malt shovel.

Savvy needed here as the Line Manager intelligence seems to be in short supply.

 

[Slaps16]

I bet the Line Manager and the staff are members of the same trade union.

The line manager is not in any trade union I've been told.

 

[Bronte]

Leper it might be against some Civil Service rule to forward the emails to the home address. I think they would be better off printing them and scanning them into one file and putting it on a memory stick (two copies). Or save them into one file and put on a memory stick.

Slaps16, did the Line manager order the email destruction orally or by email?

 

[Slaps16]

Slaps16, did the Line manager order the email destruction orally or by email?

Via email

 

[Bronte]

Well if they did that either they are stupid or they are being above board.

 

[Leo]

Leper it might be against some Civil Service rule to forward the emails to the home address.

True, and if they have data loss prevention software in place it may be picked up and become a more immediate problem.

 

[Slim]

@OP: This is complex issue and it will be governed by his/her organisation's records management practice, in particular, its attitude to emails and archiving them. In many cases, email is only a conduit for information and only rarely does the email contain any original information which must, in itself, be preserved. In fact, as the email is generated by 1 officer, sent to another and possibly cc'd to others, there can be several copies/version of the email in existence. Even if deleted, the servers will retain a copy of the email for up to a year, maybe more. These backups are not usually subject to Data Protection or FOI access requests, though. Another question is the nature of the emails themselves and your friend's role in them. Did your friend receive or provide information about the 3rd party in these emails? What is the effect of these emails and what would be the impact of their disclosure to the 3rd party? Is there some wrongdoing/conspiracy afoot in HR terms? It may be that sensitive, personal information is circulating on email and the risk of a data breach is high, so the HR manager wishes to reduce this risk for the protection of the organisation and/or the 3rd party. If the organisation reaches a decision in relation to the 3rd party, the FOI legislation compels them, if asked, to provide a statement of reasons for same. This is in addition to the usual IR processes and court as a last resort.

As the HR manager has given these instructions in an email, I would be inclined to give (him) the benefit of the doubt here but retain the instruction for future protection. Your friend needs to ask him/herself if the destruction of the emails could be detrimental to the 3rd party and fair play in relation to his/her employment. Your friend could always do nothing, for now. Once an FOI request is received for the information, it would be an offence to delete it then, up to €4,000 fine.

 

[Slaps16]

@OPid your friend receive or provide information about the 3rd party in these emails? What is the effect of these emails and what would be the impact of their disclosure to the 3rd party? Is there some wrongdoing/conspiracy afoot in HR terms? It may be that sensitive, personal information is circulating on email and the risk of a data breach is high, so the HR manager wishes to reduce this risk for the protection of the organisation and/or the 3rd party. If the organisation reaches a decision in relation to the 3rd party, the FOI legislation compels them, if asked, to provide a statement of reasons for same. This is in addition to the usual IR processes and court as a last resort.

As the HR manager has given these instructions in an email, I would be inclined to give (him) the benefit of the doubt here but retain the instruction for future protection. Your friend needs to ask him/herself if the destruction of the emails could be detrimental to the 3rd party and fair play in relation to his/her employment. Your friend could always do nothing, for now. Once an FOI request is received for the information, it would be an offence to delete it then, up to €4,000 fine.

My friend supplied a report based on a disagreement she had with the third party, which they since patched things up and there are no issues there. The line manager of my friend whom has it in for the third party, instructed my friend to delete all emails relating to this report in order to 'protect' my friend however it appears the line manager is not being genuine in this approach. If the third party was to make an FOI request and it was discovered the line manager displayed intent to cover their tracks by instructing others to delete emails, surely the third party could take a grievance and have grounds for complaint here against the line manager?

 

[cremeegg]

A fascinating insight into the world of work, for those of us who do our own thing.

 

[PMU]

. These backups are not usually subject to Data Protection or FOI access requests, though.

This is incorrect. If you look at the reports of the Office of the Information Commissioner you will see cases where the Commissioner has ruled if a public body has taken all reasonable steps to ascertain the whereabouts of a record, and this includes searching for and recovery from backups. Likewise the Data Protection Commissioner has ruled e.g. where an organization has a legitimate interest in monitoring staffs' use of IT systems this can include monitoring backups.

From where I sit, (i) I suggest the relative emails be forwarded to his/her home email address and stored there for whenever they might be needed. I suggest this should be done immediately and any further "evidence" sent the same way.

This would possibly constitute a breach of the Official Secrets Act 1963, in that the person is retaining an official document or official information where he has no right to retain it or is not required to retain it by his duties as a public servant.

 

[Slim]

This is incorrect. If you look at the reports of the Office of the Information Commissioner you will see cases where the Commissioner has ruled if a public body has taken all reasonable steps to ascertain the whereabouts of a record, and this includes searching for and recovery from backups.

Where a record cannot be found, the search must be adequate and, in some cases, may be extended to 'backups'. A backup record is not covered by the Data Protection legislation.

I would agree that emailing the records to home email would be a breach of confidentiality and a possible disciplinary matter for you.

"If the third party was to make an FOI request and it was discovered the line manager displayed intent to cover their tracks by instructing others to delete emails, surely the third party could take a grievance and have grounds for complaint here against the line manager?"
This doesn't tally with the HR manager's purported purpose of 'protecting your friend'. If the email in question was of your construction, you can keep a copy of it on your work drive and delete it from your emails. You can always produce it if an FOI comes in. In the circumstances, I believe you would have a right to refuse to delete it as it constitutes both your and you friend's personal information and was part of a personal interaction you had with the friend. If you think that the deletion of the email would prejudice your friend's employment, perhaps do nothing or keep a copy for future reference.

 

[PMU]

A backup record is not covered by the Data Protection legislation.

They are, and the legal definition of a backup is provided in the legislation. While you do not have right of access to a backup record under DP legislation, they are within the remit of the legislation and the Data Protection Commissioner has treated backups in both guidelines and decisions. Also the DP legislation is not irrelevant to this case. If the e-mails contain personal information, the friend is arguably a data processor and possibly a data controller within the meaning of the Acts and therefore had certain legal responsibilities related to this role.