The UK Freedom of Information Act 2000 (FOIA) is a legislative act that came into effect on 1st January 2005, which, along with the Environmental Information Regulations, gives the public rights of access to all archived information of public interest – including text messages and voice calls held by public authorities.
With this law, public agencies, including government bodies, education institutions, and even NHS doctors, nurses, surgeons, dentists, etc. are responsible for properly managing and public record archiving text messages, voice calls, and other mobile communications that are created in connection with the transaction of official business.
The Act covers all public agencies in England, Wales, Northern Ireland. Public agencies in Scotland aresubject to different legislation – the Freedom of Information (Scotland) Act 2002. In this post, we will focus on the FOIA 2000,andit’s recordkeeping requirements by which the government agencies in the UK must comply.
Agencies That Must Comply
Public authorities that must comply with FOIA 2000 include government departments, local authorities, the NHS, state schools and police forces.
However, the Act does not necessarily cover every organization that receives public money. For example, it does not cover some charities that receive grants and certain private sector organizations that perform public functions.
Click here to see the full list of all the public sector organizations that must comply with FOIA request.
Records That Must Be Archived and Provided In a Request
The public can request all recorded information held by public officials. These aren’t just limited to just official documents such as memorandum but also include text messages, voice calls, emails, CCTV recordings, notes, etc.
While the Act requires public agencies to archive information – even those that include personal data – it does not grant people the rights to access their own personal data. If a person wants to access their personal data that a public authority holds, they should make a subject access request under the Data Protection Act 2018.
When the information requested includes someone else’s personal data, the organization must carefully assess the case for transparency and openness under the FOIA 2000 against the data subject’s right to privacy under the Data Protection Act in deciding whether they can grant the access request without breaching the data protection and privacy regulations.
Period of Retention
The Advice on retention by National Archives states that information, including archived mobile communications, should be retained as long as it is needed for business, legal, or historical purposes. Agencies should also devise and apply a retention policy to all information held to ensure that it isdestroyed or returned in a timely manner.
For mobile communications that include personal data, the FOIA 2000 abides by the requirements of GDPR Article 5(1)(e), which states that personal data should only be kept for no longer than necessary for the stated purposes for which the personal data are processed. However, in accordance with Article 98(1) of GDPR, personal data may be stored for longer periods as long as it will be processed solely for archiving purposes in the public interest, scientific, or historical research or statistical purposes.
Record Management Standards
The Codeissued by The National Archives says that it should be possible to show that records possess the following qualities:
- Authenticity – It is what it says it is.
- Reliability – It can be trusted as full and accurate.
- Integrity – It has not been altered since it was created or filed.
- Usability – It can be retrieved, read, and used.
In order to meet these qualities, it is important for agencies to invest in a mobile archiving solutionthat can capture and record text messages and archive voice callsand that is capable of providing audit trails of who has accessed and/or amended the archived records of such communications within the system.
This solution should also be capable of searching and retrieving archived text messages and voice call records quickly as the section 10 of the FOIA 2000 states that authorities must comply with a request no later than 20 days after the date of receipt of the request.
With TeleMessage, public agencies and institutions in the UK can effectively comply with FOIA 2000. Message Mobile Archiver is an enterprise messaging app effectivelyaddressingcompliance, regulatory, eDiscovery response requirements and which reduces risk across the UK public sector.
TeleMessage captures and records mobilecontent, including SMS, MMS, Calls, and Chats from corporate or BYOD mobile phones. Messages are securely and reliably retained within TeleMessage servers or forwarded to an archiving data storage vendor of your choice.
Our mobile archiving products securely recordcontent from mobile carriers and mobile devices for a variety of ownership models (BYOD, CYOD, and employer-issued). With our multiple archiving solutions, you can always find the right tools or blend for your requirements: