Case number: OIC-135085-J7L4Y5
15 September 2023
In a request dated 1 December 2022, the applicant sought access to copies of credit card statements for all cards held by personnel, units, or offices at Garda HQ from 1 January 2021 to the date of receipt of the request. On 3 January 2023, AGS issued its decision on the request. Referring to Schedule 1, Part 1(n) of the FOI Act, it said that only administrative records that relate to human resources, finance or procurement must be considered. It said credit cards are held by the Office of the Garda Commissioner, the Office of the Chief Administrative Officer, and by its Finance Section. It released copies of the relevant statements with certain information redacted under sections 32(1) and 37(1) of the Act.
The applicant sought an internal review of that decision on 6 January 2023, following which AGS affirmed its original decision. On 2 February 2023, the applicant applied to this Office for a review of the decision of AGS.
During the course of the review, AGS cited further grounds as a basis for redacting certain information from the records at issue, specifically sections 42(b)(v) and 32(1)(a)(ix). The applicant was informed of these new sections and had no substantive submissions to make on the matter.
I have now completed my review in accordance with section 22(2) of the FOI Act. In carrying out my review, I have had regard to the correspondence between the applicant and AGS as outlined above and to the correspondence between this Office and both parties on the matter. I have also examined the records at issue. I have decided to conclude this review by way of a formal, binding decision.
When processing the applicant’s request, AGS redacted, pursuant to Schedule 1, Part 1(n) of the Act, hand-written annotations that had been added to the March 2022 Finance Section credit card statement. During the course of the review, it accepted that Schedule 1, Part 1(n) did not apply and it has agreed that the annotations in question are not exempt and can be released. Accordingly, as this was the only information withheld pursuant to Schedule 1, part 1(n), I do not need to consider that provision further in this review.
Similarly, AGS revised its position in respect of three other redactions and accepted that the transactions in question can be released, namely the details of a web hosting service and an online marketplace redacted from the Finance Section credit card July 2021 statement and details of a healthcare provider redacted from the Finance Section credit card April 2021 statement.
Moreover, while AGS redacted certain information such as credit card numbers, account numbers, and credit limits under section 37(1) of the Act, the applicant confirmed during the review that he was not seeking access to such information. Accordingly, I do not need to further consider section 37 in this review.
Accordingly, the review is concerned solely with whether AGS was justified in redacting, under sections 32(1)(a), 32(1)(b) and 42(b)(v) of the FOI Act, information relating to the following transactions:
i. transaction dated 22 January 2021 (Finance Section credit card statement, page 1 of 3, statement date 15 February 2021),
ii. transaction dated 28 February 2022 (Finance Section credit card statement, page 2 of 4, statement date 15 March 2022),
iii. the identity of a storage facilities provider redacted from a series of transactions on the Finance Section credit card statements,
iv. the identities of various hotels, a restaurant, and certain currency conversion rates, redacted from a series of transactions on the Finance Section credit card statements, and
v. the identities of various hotels, restaurants, transport companies and other details, and currency conversion rates redacted from a series of transactions on the Garda Commission credit card statements.
As section 42 provides that the Act does not apply to certain records, I will consider the applicability of section 42(b)(v) first.
Schedule 1, Part 1(n) of the Act restricts the right of access to records held by AGS to administrative records relating to human resources, or finance or procurement matters. Section 42(b) restricts that right of access even further. It provides that the Act does not apply to various categories of records held by AGS, notwithstanding the fact that they may be administrative records relating to human resources, or finance or procurement matters.
Section 42(b)(v) provides that the Act does not apply to a record held or created by AGS that relates to the Security and Intelligence Section. AGS argued that section 42(b)(v) applies to an item of expenditure (dated 22 January 2021) from the Finance Section credit card statement dated 15 February 2021 and an item of expenditure (dated 28 February 2022) that was redacted from the Finance Section credit card statement dated 15 March 2022 (items i and ii above). It said the redaction from the February 2021 statement was for specialist equipment purchased by the Security and Intelligence Section and that the transaction redacted from the March 2022 statement was in respect of the attendance of members of the Security and Intelligence Section at a counter terrorism conference. I accept the submissions of AGS, that both redactions relate to the Security and Intelligence Section, and I find that section 42(b)(v) applies.
In its submissions to this Office, AGS argued that the identity of a storage facilities provider to whom various payments were made is exempt from release under subparagraphs (i) and (ix) of section 32(1)(a).
Section 32(1)(a) provides for the refusal of a request where the FOI body considers that access to the record sought could reasonably be expected to prejudice or impair any of the matters identified in subparagraphs (i) to (x). Where an FOI body relies on section 32(1)(a) to withhold information, it should identify the potential harm to the matters specified in the relevant sub-paragraph that might arise from disclosure and having identified that harm, consider the reasonableness of any expectation that the harm will occur. A mere assertion of an expectation of harm is not sufficient. The FOI body should show how release of the particular record could reasonably be expected to result in that harm. The contents of the record are important and consideration should be given to what it reveals.
I should explain at this stage that under section 25(3) of the Act, this Office is required to take all reasonable precautions in the performance of its functions to prevent the disclosure of exempt information or matter that, if it were included in a record, would cause the record to be an exempt record. Accordingly, the details I can give of the submissions made by AGS in this case and of my reasons for my conclusions are necessarily limited.
The essence of the submissions made by AGS is that;
While AGS has explained why it considers that such harms could reasonably be expected to arise as a result of the release of the information at issue, I do not propose to repeat those details here, in light of the requirements of section 25(3).
Subparagraph (i) of section 32(1)(a) provides for the refusal of a request where the FOI body considers that access to the record sought could reasonably be expected to prejudice or impair the prevention, detection or investigation of offences, the apprehension or prosecution of offenders or the effectiveness of lawful methods, systems, plans or procedures employed for the purposes of the matters aforesaid.
Subparagraph (ix) of section 32(1)(a) provides for the refusal of a request where the FOI body considers that access to the records sought could reasonably be expected to prejudice or impair the security of a building or other structure or a vehicle, ship, boat or aircraft. The exemption serves to ensure that the security of the various structures or crafts is not prejudiced or impaired. Such prejudice or impairment might occur, for example, if a record was released that disclosed a weakness in the security of a building.
I do not accept the arguments of AGS that the disclosure of the information at issue could reasonably be expected to give rise to the harms outlined in subparagraph (i) or (ix). The disclosure of the information would disclose nothing more than the fact that AGS made payments to a particular service provider that operates in a particular service sector. There is nothing in that information that might give rise to prejudice or impairment to the security of any premises of that service provider. I would add that the fact that the disclosure of the information might increase the possibility of an attempt to in some way interfere with the premises of the service provider, does not mean that the security of that premises is prejudiced or impaired.
Nor do I accept the related arguments of AGS that release could reasonably be expected to impair the investigation of offences and the prosecution of offenders, given that its arguments as to how the harms in question might arise are dependent upon me accepting that the release of the information could prejudice or impair the security of any premises of that service provider.
Moreover, while I note the related argument that release of the information could reasonably be expected to lead to individuals employed at the premises of the service provider to be subjected to intimidation or other harms, it seems to me that this argument is more properly an argument that section 32(1)(b) applies. That section provides for the refusal of a request where the FOI body considers that access to the record concerned could reasonably be expected to endanger the life or safety of any person.
Section 32(1)(b) is not a commonly used exemption. This Office takes the view that the exemption should not be applied without careful consideration having been given as to whether the expectation set out in the subsection is a reasonable one in all the circumstances and that it should only be invoked in circumstances of the most serious nature. An assessment of the expected consequences of releasing particular records in terms of endangering life or safety is required. It is not necessary, or indeed possible, to establish that such physical harm will occur, but there must be a reasonable expectation of such harm arising.
As I have outlined above, the disclosure of the information at issue would disclose nothing more than the fact that AGS made payments to a particular service provider that operates in a particular service sector. In the absence of any further details such as, for example, the precise nature of that service, I do not accept that the disclosure of such information could reasonably be expected to give rise to the harm identified. I find that none of the subsections of section 32(1) cited by AGS apply to the information at issue.
AGS redacted the identities of various hotels, restaurants and transport related details, such as the name of a train company, taxi company etc., all under section 32(1)(b) of the Act. As I have outlined above, that section provides for the refusal of a request where the FOI body considers that access to the record concerned could reasonably be expected to endanger the life or safety of any person.
In its submissions, AGS argued that the release of information that could clearly identify the accommodation frequented by the Garda Executive, including the Garda Commissioner, both nationally and internationally, presents a potentially harmful risk to their safety if the information was to be used for criminal purposes. It argued that access to such information presents a risk to their ability to conduct security related functions confidentially. It said locations utilised to accommodate or meet with victims and witnesses is also often booked via the various credit cards. It argued that to reveal the location of premises used by AGS for such purposes poses a potentially harmful threat to parties involved. It said the release of such information presents an unnecessary and potentially harmful risk to these Gardaí personally, those they are in contact with, and the success of their functions.
In response to the applicant’s comments, as set out in his application for internal review, that similar travel or accommodation information about the Taoiseach and the Minister for Justice are routinely published, AGS said it does not necessarily follow that similar information must be published under FOI in respect of other office holders or individuals. In said that in considering whether the information at issue should be released, it must do so based on the particular security risk assessment surrounding the Garda Commissioner and other senior Garda members and as such, decisions taken by other public bodies in relation to other office holders and individuals can have no bearing on the decision made in relation to the specific records. It said accommodation locations may be frequented more often than seems apparent from the credit card statements alone and that the release of these locations into the public domain would represent significant intelligence to those wishing to cause harm to senior Gardaí.
AGS added that the Garda Commissioner, in conjunction with being the Head of Policing Services, is also the Head of the Security Service of the State. It argued that any information regarding the security of the Commissioner especially in his capacity as Head of Security, as well as the activities of other Gardaí in the execution of State Security functions, should not be placed into the public domain for operational and security reasons. It said details around his movements are of heightened sensitivity, with the potential for harm against the Commissioner of particular concern. It argued that the release of the amounts expended alone, without the release of specific locations, is reasonable in these circumstances and meets the obligations of AGS to release administrative records regarding finance matters.
In respect of the credit cards attached to the Garda Commissioner and the Chief Administrative Officer, AGS said the holder of the card is clearly named and therefore identified as the person staying at particular locations. Regarding the Finance Section credit cards, it said that whilst the individual staying in the hotel is not necessarily named, the fact that particular hotels are utilised on regular occasions across both years gives rise to the security concerns raised above.
I note that during the review, AGS suggested that while certain information relating to the various hotels could be partially released, such as ‘Hotel Galway’, it remained of the belief that the release of the full hotel name and location presents a risk to AGS members and those they are engaging with. The investigator informed the applicant of this suggestion, which he rejected.
In considering the arguments of AGS, I have considered what specific information would be disclosed by the release of the information at issue. It seems to me that release of the redacted information would disclose the fact that certain payments were made to various identified hotels, restaurants, transport companies etc. for services availed on specified dates in the past. I also accept that the release of such details that are redacted from the cards held by the Office of the Chief Administrative Officer and by the Garda Commissioner would also potentially disclose the details of who availed of the various services and when.
The essential argument made by AGS is that the disclosure of the relevant information into the public domain would represent significant intelligence to those wishing to cause harm to senior Gardaí. I do not accept that argument. As I have outlined above, for section 32(1)(b) to apply, there must be a reasonable expectation of the release of the information at issue endangering the life or safety of any person. Having examined the various redactions, it seems to me that the disclosure of the information could not possibly allow for the estimation, with any reasonable degree of accuracy, of when and where such services might be availed of again in the future or by whom. Notwithstanding the argument of AGS that accommodation locations may be frequented more often than seems apparent from the credit card statements alone, the transactions in question are relatively infrequent and across a range of service providers. No discernible patterns of usage can be identified, in my view, that might provide reliable and accurate information as to when any particular service may next be availed of, by whom, or for what particular purpose. I find that that the release of such historic information could not reasonably be expected to endanger the life or safety of any person. I find, therefore, that section3 1(1)(b) does not apply to any of the redactions at issue.
For the sake of completeness, I would like to comment on an additional argument made by AGS, namely that records in relation to the work of the Garda Commissioner as Head of the Security Service of the State are exempt from the provisions of the FOI Act under Section 42 of the Act and that records in respect of the work of any other Garda member attached to the Units/Sections detailed at Section 42 are also exempt from release. Section 22(12)(b) of the Act provides that a decision to refuse to grant an FOI request shall be presumed not to have been justified unless FOI body concerned shows to the satisfaction of the Commissioner that the decision was justified. As I have outlined above, AGS identified certain transactions that relate to its Security and Intelligence Section and I have found the related redactions to be exempt pursuant to section 42(b)(v). It was open to AGS to identify any other transaction and to identify any relevant subparagraph of section 42(b) that might apply but it did not do so. I find that AGS has not justified its refusal of any other information redacted from the credit card statements under any unspecified provision of section 42(b).
Having carried out a review under section 22(2) of the FOI Act, I hereby vary the decision of AGS. I affirm its decision to refuse access, pursuant to section 42(b)(v) of the Act, to details of a transaction dated 22 January 2021 on the Finance Section credit card statement dated 15 February 2021 and details of a transaction dated 28 February 2022 on the Finance Section credit card statement dated 15 March 2022. I find that it was not justified in redacting any of the other remaining information at issue and direct the release of that information.
Section 24 of the FOI Act sets out detailed provisions for an appeal to the High Court by a party to a review, or any other person affected by the decision. In summary, such an appeal, normally on a point of law, must be initiated by the requester not later than eight weeks after notice of the decision was given, and by any other party not later than four weeks after notice of the decision was given.