Confidentiality clauses - beware!

As you may have seen in the press, Kevin Dunion, the Scottish Information Commissioner, last week ordered the Scottish tourism governing body, VisitScotland, to disclose copies of a number of contracts that it has entered into with VisitScotland.com website operator, eTourism Ltd.

The decision, which accords with an earlier decision of the Information Tribunal (Derry City Council v Information Commissioner) under the corresponding provisions of the Freedom of Information Act 2000, has wide-ranging implications for public authorities and anyone contracting with them.

The VisitScotland.com website is run by eTourism, a joint venture company in which VisitScotland has an interest, along with a number of private sector companies. The commercial arrangements between VisitScotland and eTourism are underpinned by a number of contracts relating to the VisitScotland.com website.

An application was made under the Freedom of Information (Scotland) Act 2002 ("FOISA") by the chairman of a local association of accommodation providers to see these contracts in order that the association could assess whether the terms of the contracts affected VisitScotland's ability to give impartial advice and guidance to its participating members. VisitScotland contended that the contracts concerned were exempt from disclosure as they contained confidentiality obligations which provided that their contents were confidential and could not be disclosed without eTourism's consent (which eTourism was refusing to give).

Section 36(2) of FOISA states that information is exempt from disclosure where "(a) it was obtained by a Scottish authority from another person (including another such authority); and (b) its disclosure by the authority so obtaining it to the public… would constitute a breach of confidence".

From VisitScotland's perspective, however, there was a problem. As the contracts concerned had been drafted by VisitScotland's solicitors (as part of an OJEU tender) and then adjusted through negotiation with the other contracting parties, VisitScotland was unable to show that the information contained within the contracts had been "obtained" by it from these parties or, indeed, anyone else. The requirements of paragraph (a), therefore, had not been satisfied and the Commissioner ruled that the contracts could not be shielded from disclosure under section 36(2).

Clearly, this issue will arise in many contracts concluded with public authorities as the process described in this case for the creation and negotiation of contracts is extremely common. This is likely to mean that it will be very difficult in most cases to argue that contracts themselves can be shielded from FoI disclosure using the confidentiality provisions within them. Indeed, from the public authority's perspective, such provisions may be positively dangerous since they may effectively set up confidentiality obligations that the authority may not be able to honour.

It follows, therefore, that the confidentiality provisions of public sector contracts need to be drafted very carefully. If confidential information contained within a contract has genuinely been provided to a public authority by a third party, this fact needs to be carefully recorded, both in the contract itself and evidentially (for the benefit of submissions to the Commissioner).