Total number of complaints (left) and complaints normalised by staff size (right) made to the Information Commissioner’s Office between 01/2020 to 09/2023. (St Mary’s has been omitted from rightmost plot as it is off the scale!)   

The Freedom of Information (FOI) Act gives anyone the right to request information from colleges and universities. This might include statistics on bullying, non-disclosure agreements, sexual or racial harassment. It might also include access to policy documents or minutes of meetings in which controversial decisions are taken.

Universities have to comply with the act, but they often do so grudgingly, violating time limits and using over-zealous redactions. They can cite costs or operational reasons for failing to provide information. Recent FOI requests to the University of Aberdeen on the decision to scrap single degrees in modern languages received the inexplicable response that “on balance, the public interest is better served by withholding the information”.

Under FOI, the 21 Group has recently written to all Russell Group universities asking for data on bullying & harassment over the last 5 years. Some universities (Bristol, Exeter, Glasgow, Manchester, Liverpool, Sheffield & Queen Mary College, London) gave prompt and complete responses. Others responded to the identical request with a point-blank refusal to give anything.

If you make a FOI request and it is denied — even after appeal – then you have the right to bring the matter to the Information Commissioner’s Office (ICO) who will examine the case.

General Data Protection Regulations (GDPR) give you the right to request information held about you — for example, meeting minutes about your promotion, pay, complaints or even just malicious emails naming you. 

You may be unhappy about how your University has handled your own personal information. For example, a Professor at Russell Group University found that the HR department was continuing to circulate a defamatory report about him, long after it was withdrawn as untrue. The ICO is the last resort when Universities behave recklessly with your data and don’t comply with GDPR.

If an employer breaches data access or protection laws, then the ICO can use its teeth. The University of Greenwich was fined £120,000 in 2018 after a substantial data breach involving the misuse of personal information of nearly 20,000 students. On the whole, the ICO rarely bites Universities. There are no serious consequences for Universities that routinely violate information laws.

The number of complaints to the ICO is a proxy for a University’s culture, attitude to transparency and information management. The more complaints, the more secretive and obstructive the attitude to disclosure. It may also be an indicator of a cavalier attitude to protecting employees’ personal data, or even to generating such data in the first place. A University with transparent  processes and procedures, open and responsive to requests for information should not be the object of large numbers of complaints to the ICO. 

So, which universities are secretive? We analyse the data on complaints, scraped from the ICO website for the period 01/2020 to 09/2023, shown in the accompanying graphic.

In the Russell Group, Oxford University is the worst performer, with the largest absolute number of complaints. University College, London and Cambridge follow. The ‘Golden Triangle’ is joined by Southampton which — given its size — generates a large number of ICO complaints.

When considering all universities, it is helpful to normalise by total staff. The performance by St Mary’s, Twickenham is by some way the worst of any university in the UK, given its tiny size. The next five — London Metropolitan, East London, Birkbeck College, Brunel and Northampton — all generate more complaints to the ICO than Oxford once employee numbers are taken into account.

Looking at the most serious complaints in which the ICO takes action, then it is Cambridge University which comes out top.

Just 2% of UK employers account for half of all complaints raised with the ICO. The ‘usual suspects’ are all present — our political parties, high street banks, social media providers such as Google, Facebook and Twitter, and health authorities.  But, it also includes some of our Universities, including both Oxford and Cambridge. 

Why are two of the greatest places for learning, for world class research and inspirational teaching not open about the data they manage and generate?

The last decade has seen the growth of a powerful managerial class in Universities which has little scrutiny or oversight. It is often disconnected from the Statutes and Ordinances that govern University institutions. The consequences are soaring senior management pay, opaque finances, widespread use of non-disclosure agreements and corrupt grievance procedures. FOI is crucial in holding the untrammelled executive to account.

Categories: Blog

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *