• Contact Us

Freedom of Information Requests During the Coronavirus Pandemic

on Friday, 15 May 2020.

The coronavirus (COVID-19) pandemic means information requests are likely to be low-priority for higher education institutions, but it is important to understand what the ICO has said about its approach to regulation and what this means in practice.

The ICO's Statement on Freedom of Information Requests

The ICO has formally stated that whilst, as a regulator, it is unable to formally extend time limits under the GDPR and Freedom of Information Act, it is taking a more relaxed approach to time limits. It expects that it might take public authorities longer than the statutory timescales to respond to requests and it will not necessarily take regulatory action where this is unavoidable.

What Does This Mean for HEIs?

This means that the ICO is still expecting HEIs to deal with requests - including those made under the GDPR and Freedom of Information Act. However, if the impact of the current situation means that you are unable to respond within a month if it is a GDPR request, or 20 working days if it is a non-personal data information request, then the ICO will not penalise you for this. Your legal obligation to respond remains - all the ICO has said is that it will not penalise you if you are outside of the usual time limits.

If you are struggling to keep up with requests, it is important to keep the requestor updated. Explain that you are unlikely to be able to deal with their request within the usual timescale, and try and give a realistic estimate as to when you might be able to respond. It will assist you to have collated some evidence to support your estimate and ensured that it is both reasonable and realistic.

If you are relying on the need to answer outside of the time limits, the ICO is likely to expect to see the following:

  • A genuine lack of capacity on behalf of the HEI. You will need some evidence to show that the diversion of resources means that there is a lack of expertise and capacity to deal with the request in the usual timescale.
  • Regular reviews of the situation and capacity so that requests are responded to as soon as possible.
  • As soon as you are able to deal with a request, the ICO will expect you to deal with it promptly - meaning as soon as possible.

It is likely that you will be receiving requests about your response to the crisis and how you have acted and dealt with particular situations. Whilst responding to these questions inevitably takes time and resource, you should consider the public interest in the information that you are being asked to provide and whether that public interest means that you should prioritise a response. We recommend that you have a system of triage, so that you can identify the more routine requests, and requests that are not time sensitive, and prioritise requests on that basis.

Coronavirus Legal Advice

Why Can't We Refuse to Deal with Requests?

There is no scope within the legislation for you to refuse to deal with a request because of resource issues, or unprecedented demand on services. This means that you have a legal obligation to deal with any requests that you receive. Technically, you are still required to deal with them within the timescales given - the ICO does not have the power to extend or amend these. All it can do is relax its regulatory approach where it is convinced that an HEI was genuinely unable to deal with a request within the time limit specified.


  • The legal obligation to deal with any information request that you receive remains in place and you are required to provide a response.
  • If you are genuinely struggling to deal with requests because of a lack of resources, you do have longer to deal with requests, but you will have to justify why the request took longer with reference to your specific circumstances.
  • You will have to deal with the requests that you receive at some point, so it may be worth considering whether you can triage requests and deal with the more urgent ones first.

If you need specialist advice on your legal obligations for responding to information requests, please contact Vicki Bowles in our Information Law team on 0117 314 5672, or complete the form below.

Get in Touch

First name(*)
Please enter your first name.

Last name(*)
Invalid Input

Email address(*)
Please enter a valid email address

Please insert your telephone number.

How would you like us to contact you?

Invalid Input

How can we help you?(*)
Please limit text to alphanumeric and the following special characters: £.%,'"?!£$%^&*()_-=+:;@#`

See our privacy page to find out how we use and protect your data.

Invalid Input