Freedom of information (FOI) requests and spreadsheets – a new directive

The Information Commissioner has issued a critical advisory notice to public authorities urging them to discontinue the use of original source Excel spreadsheets when responding to Freedom of Information Act (FOI) requests.

The directive follows a series of high-profile data breaches that exposed personal information due to its inadvertent inclusion in spreadsheets shared as part of FOI responses.

The advisory notice outlines several key recommendations for public organisations, including the following.

Immediate cessation of original source spreadsheet uploads

Public authorities are urged to cease the practice of uploading original source spreadsheets to online platforms used for
responding to FOI requests.

Ongoing staff training

Regular training for staff involved in information disclosure is essential to maintain data security and privacy.

Embrace data management systems

Avoid using spreadsheets with extensive data sets and rows. Instead, invest in data management systems that uphold data integrity, thus reducing the risk of breaches.

The Information Commissioner’s call is driven by the imperative to safeguard personal data and enhance transparency in FOI responses, considering the recent breaches. Public authorities are encouraged to adhere to these recommendations for the safe and appropriate disclosure of information.

Read more: Information Commissioner calls on public authorities to stop using spreadsheets in FOI responses