copy the linklink copied!Chapter 5. Developing the Commission on Access to Information

copy the linklink copied!Measures to improve the CATI’s operation and the application of the ATIL that do not require legislative changes

Framing the CATI’s strengthened mandate

OECD recommendations for a national open government strategy to ensure better good governance outcomes in Kazakhstan frame the recommendations for the CATI’s strengthening. These recommendations include

  • “Developing a full-fledged open government strategy [on Open government] (a single document) that includes principles, long-term goals, medium-term objectives, strategy instruments or initiatives to be carried out to achieve the goals. The strategy could also include the challenges, risks and threats that the country may face when implementing an open government strategy.”

  • “Ensuring that the open government agenda is both officially and practically one of the key priorities of the newly established Ministry for Information and Communications and that there are necessary mechanisms, human and financial resources to support this task and ensure the co-ordination of the new Ministry of Information and Communications with the presidency and the Central of Government.”

  • “Strengthening the necessary institutions, mechanisms and provide the necessary human and financial resources to ensure that the qualities and functions of the Central of Government are properly operationalised in order to ensure that open government strategy is successful and sustainable in the long term”. (OECD, 2017a)

It is possible to make these principles operational by drawing up an action plan or roadmap which addresses the following sections:

  • Describing the background and the rationale for the action plan.

  • Defining goals, to clarify what is to be achieved by implementing these actions.

  • Listing and prioritising the foreseen activities to achieve the goals and objectives.

  • Defining which institution is in charge of the project and accountable for its implementation. Other actors who may be involved in implementing activities should also be specified.

  • What resources are available such, as the financial resources (the budget to finance implementation of activities) and human resources.

  • Setting start and end dates and specific milestones with deliverables.

  • Setting the criteria for success. These will validate the success of an activity, or highlight the necessary corrections and lead to a new decision, and to the evolution of the action plan.

The content of this action plan could gain from the lessons learned in OECD countries. For instance, the strategic plan of the United Kingdom Information Commissioner aims to increase the trust the public has in government, public bodies and the private sector, and trust in transparency, in the digital economy and in digital public service delivery (United Kingdom Information Commissioner web site: https://ico.org.uk/) .

Its strategic approach highlights a commitment to:

  • Lead the implementation and effective oversight of the GDPR and other live data protection reforms;

  • Explore innovative and technologically agile ways of protecting privacy;

  • Strengthen transparency and accountability and promote good information governance;

  • Protect the public in a digital world

The 2018-19 Corporate Plan of the Office of the Australian Information Commissioner contains detailed programming of the actions it will undertake to fulfil its mandate Box 5.1).

copy the linklink copied!
Box 5.1. Office of the Australian Information Commissioner

Corporate Plan 2018-19: Key deliverables for 2018-19

“These priority projects, initiatives and actions will help us to achieve our Purpose in the coming year. To help us promote and uphold privacy rights we will:

  • Continue to administer the Notifiable Data Breaches scheme, and work with key stakeholders to build business and government capacity to reduce the potential for and to respond to data breaches, and to assist individuals who are affected by a data breach.

  • Engage in the development and prepare for commencement of the Consumer Data Right and work collaboratively with the Australian Competition and Consumer Commission.

  • Work collaboratively with the National Data Commissioner to assist in the development of a new data sharing and release framework.

  • Work with credit providers, credit reporting bodies, consumers and external dispute resolution schemes to help ensure that changes to credit reporting under the proposed mandatory Comprehensive Credit Reporting regime are implemented in a way that protects the privacy of individuals and facilitates an efficient credit reporting system.

  • Update existing guidance where required and develop new guidance on privacy rights and obligations.

  • Use our discretionary regulatory powers in a proportionate and targeted way to ensure the protection of personal data.

  • Support compliance with the Australian Government Agencies Privacy Code.

  • Conduct targeted assessments in priority areas to monitor and improve privacy practices.

  • Promote Privacy Awareness Week 2019.To help us promote and uphold information access rights we will:

  • Continue the development of our early resolution process to improve the review time of Information Commissioner reviews and to further meet the objectives of providing an informal, non-adversarial and timely review process.

  • Update resources for applicants to help them understand the Information Commissioner review process.

  • Update resources for agencies and ministers to support best practice decision making.

  • Support FOI officers through the provision of communication materials, training and advice.

  • Continue to participate in the Open Government Forum, and contribute to the development and implementation of Australia’s next Open Government National Action Plan.

  • Review the administration of the Information Publication Scheme and disclosure logs by agencies and ministers.

  • Monitor agencies’ compliance with the statutory decision-making timeframes, as set out in the FOI Act.

  • Conduct a campaign for Right to Know Day

Source: Office of the Australian Information Commissioner Corporate Plan 2018–19, https://www.oaic.gov.au/resources/about-us/corporate-information/key-documents/corporate-plan-2018-19.pdf

The principles provided by the World Bank, presented in Box 5.2, could also serve as an example.

copy the linklink copied!
Box 5.2. 5 Principles of the World Bank’s New Access to Information Policy
  1. 1. Maximizing Access: Disclose any information in the Bank’s possession that is not covered by a list of exceptions. Most restricted information to be declassified over time.

  2. 2. Clear Exceptions: Deny access to information whose disclosure may harm “well-defined interests” that are identified in a set of exceptions.

  3. 3. Safeguarding Deliberative Process: While being “fully open” about decisions, results, and agreements, deliberations that lead to these outcomes are considered confidential.

  4. 4. Clear Disclosure Procedures: Routinely post as much information “as practical” to the Bank’s external website. Clearly defined procedures for requesting information and processing requests, including timelines.

  5. 5. Right to Appeal: Provide a two-stage appeals process for denied requests –an internal mechanism and a second, external body.

Source: World Bank http://www.bankinformationcenter.org/wp-content/uploads/2013/01/InfoBrief_Mar2010.pdf

Ensuring the functioning of the Commission

The ministry of information and communications’ capacity and functions concerning ATIL oversight and implementation

Meetings of the Commission are held as necessary. According to amendments adopted in June 2018, the regularity shall be no less than once in every quarter of the year. Thus, it is necessary to guarantee that the Ministry of Information and Communications can fulfil its responsibilities to the CATI. An evaluation should therefore be conducted on the staff available and of the administrative organisation dedicated fulfilling the functions entrusted to them

Establishing an annual CATI work programme and making it widely known

This document must present a political vision of the commission’s work, the actions it will lead, and the means it will use. It must also establish a work schedule, setting priorities and identifying the persons responsible for their implementation.

This document must be constantly updated and disseminated through the various means of communication available, for example, through the press or their websites, as done, for example, by the United Kingdom Information Commission.

Clarifying the CATI’s legal responsibility

In its activities, the CATI may commit acts harmful to third parties, for instance, due to incorrect information contained in its resolutions. The current liability regime for these acts is not clear. To ensure the CATI’s functioning in accordance with the rule of law it is recommended that the Kazakh authorities determine the conditions of engagement of the CATI’s liability and the court competent to rule on any disputes in this matter.

Improving the CATI's internal operating rules

The CATI is an administrative commission with an advisory purpose, but which is not authorised to rule on individual decisions regarding the refusal of access to information. It is therefore fundamentally different from the oversight bodies in OECD countries. However, while respecting the Resolution, to give more credibility to its action, its mode of operation could be brought closer to that of oversight bodies in OECD countries.

Hence, the CATI could:

  • adopt the principles of due process;

  • enact clear and stable rules of procedure, using an adversarial decision-making procedure, with a rapporteur who prepares the case under consideration, presents it and does not take part in the vote on the case;

  • publicise the schedule and programme of meetings in advance;

  • allow all stakeholders to intervene in the procedure;

  • produce opinions that include all the legal and factual elements necessary for dealing with the subject;

  • make the CATI’s opinions and opinions received on the decisions public and accessible to all citizens.

Creating a system to monitor the CATI’s decisions

The CATI should establish an inventory of these decisions. The holders of the information to whom these decisions are addressed should inform the CATI of the measures they have taken to carry out these acts. Depending on the responses it receives, the CATI may decide to reconsider the case and reformulate a new decision.

Drafting an annual activity report

Access to information institutions in the OECD countries are accountable to citizens and governments for their activities. They fulfil this obligation by various means, including annual activity reports. For instance, the German Federal Commissioner for Data Protection and Freedom of Information gives in his report an overview of the priority activities for the two-year period and a perspective on the key data protection issues that lie ahead.

It is recommended that CATI prepare an annual activity report. This document would provide statistics and analyses on the implementation of access to information legislation, review legislative and regulatory developments, report on the CATI’s activity and evaluate its performance, and address thematic issues of importance to the institution.

Making the legislation uniform across the public administration and facilitating its application by public institutions

OECD countries place the utmost importance on the uniform application of the law by the various institutions involved in the right of access to information. Access to information legislation is relatively new in Kazakhstan. It requires even more effort to disseminate and clarify its application, by coordinating and aligning the functions of different public institutions that are obliged to enforce the law.

In summary, the recommended actions are:

  • Making CATI opinions and recommendations publicly available, especially via the Internet. Nevertheless, the CATI should respect privacy principles, for example, by making published decisions anonymous.

  • Creating a database and statistics on the application of the Access to Information Act. The data base and statistics could include information items as described below:

    • For general cases managed by CATI, it is necessary to record the type of file (whether it is examination of a draft text, or a decree, or law); the nature of the referral to the CATI; author of the referral to CATI; the activity concerned by the referral; the region or city; the date of the CATI’s receipt of the referral; the date of the CATI’s resolution; and the nature of the CATI’s resolution.

    • For access to information requests, it is necessary to record: the author of the request; the administration concerned by the request; the activity concerned by the request; the response to the request (favourable, partially favourable, or the refusal of the request); appeal procedures against a decision of total or partial refusal of access to information (hierarchical appeal, ombudsman, or judicial); the decision of the appeal authority; the judicial appeal against the decision of the appealed authority; the judicial decision; and all dates.

  • Monitoring the case law of other bodies working in the field of access to information.

  • Establishing a method for classifying the case law of all actors involved in the field of access to information.

  • Drafting and publishing thematic fact sheets. These documents present important issues about access to information and emphasise key points concisely, using tables, bullet points and/or headings, on a single printed page. They must be updated periodically, to enable administrations to respond to requests for access to information.

  • Posting an access to information request form template on the CATI website, and for each public institution subject to the ATIL.

  • Preparing and updating government directives and instructions to the administration on the implementation of access to information legislation and, within its jurisdiction, on the preservation of archives and documents. These documents must explain how the law and other regulations must be applied, by giving examples and analysing concretes situations. It is also necessary to keep documents in good condition, to prevent them from being damaged or destroyed. Finally, there is a need for a method of classifying archives and documents so that they can be consulted and used.

  • Writing and publishing practical guides for information holders (public institutions) explaining how to respond to an access to information request.

  • Creating a web simulation tool that assists administrations and informs access requesters about the legislation in the domains where the access to information doctrine is well established. For example, the French CADA website offers a simple simulation tool that helps administrations and informs applicants about the communicability of administrative documents.

Facilitating the relationship with individuals and entities responsible for access to information

The ATIL does not provide for the obligation to establish structural units or authorised officials for the purposes of organising access to public information.

However, most OECD countries have designated permanent structures or officials to organise access to information, which have proved to be very useful. The Kazakhstan government should therefore instruct its administration to designate these permanent structures or officials in administrative units where they have not yet been established.

The CATI could establish a network with the units or officials identified. For example, the CADA in France has created and coordinates a network of persons responsible for access to administrative documents in French administrations. The main tasks of these persons are to simplify the exercise of the right of access and re-use by users, to enable the administration to be better informed of the responses to be given to communication requests addressed to it, and to be CADA’s points of contact for examining requests.

In Kazakhstan, these units or officials would become CATI correspondents for the access to information requests they receive. They could also seek its advice when they receive an access to information request. At the same time, they would be constantly informed by the CATI of the changes in law and practice, through regular information addressed to them. It is recommended to establish an Internet forum for making the network activities transparent, and to regularly organise training courses for network members.

Strengthening the CATI's links with its judicial and administrative partners

As explained in this report, several institutions are involved in the implementation of the right of access to information in Kazakhstan. It is therefore important to strengthen synergies between them to increase the efficiency of the system in the application of ATIL.

To this end, it is recommended to take the following actions:

  • While respecting the independence of the judiciary, reinforcing exchange of information between the CATI and the Ministry of Justice on the application of the ATIL, for instance, by the regular transmission of statistics on the application of the ATIL, discussions on its difficulties of application and the necessary changes in legislation.

  • Creating close relations between the CATI and the Ministry of Internal Affairs of Kazakhstan by organising joint actions, such as exchanges of information and experience.

  • Inviting a representative of the Ministry of Internal Affairs of Kazakhstan to CATI meetings.

  • Establishing on-going relationships with the Ombudsman for Human Rights in questions concerning access to information

Continuing to assess ATIL

It is necessary to continue, engaging with all the stakeholders, the evaluation of the text of the ATIL, its application and the challenges it raises. On the basis of this evaluation, it is recommended to draw up reform projects accompanied by impact assessments.

Reinforcing relations with civil society

In OECD countries, civil society organisations attach great importance to the right of access to information as an essential tool in their activities. It enables them, on the one hand, to understand the reasons for public action and to act on it, and, on the other, to act as a force for public proposals. At the same time, civil society and institutions responsible for access to information maintain a close dialogue. It is acknowledged that supporting each other creates value for both parties and contributes to common objectives, for example by disseminating legislation or by establishing joint training courses. Citizens are also mobilising and creating initiatives to monitor the implementation of the Access to Information and Data Protection Act in practice.

The CATI has already initiated exchanges with Kazakh NGOs working in the field of access to information. They should be continued and deepened, by organising exchange workshops, listening to their proposals and by making them aware of the government's projects in the field of access to information.

Bringing the CATI closer to Parliament

As important instruments for democracy, the bodies involved in exercising oversight of the right of access to information in OECD countries have close links with their parliaments. Some bodies are attached to parliament. All oversight bodies are subject to control by the legislature, either directly or through legislative oversight of the executive. In this way, the Portuguese CADA is subject to ordinary scrutiny by committees of the country’s parliament. Similarly, when preparing the annual finance law, the latter examines its functioning. The Italian information oversight access body submits a report to Parliament. The Information Commissioner of Ireland is required to publish an annual report, tabled in each House of the National Parliament. The Hungarian and United Kingdom Information Commissioners report to Parliament on their work. The activity reports of the German Federal Commissioner for Data Protection and Freedom of Information are discussed in the Bundestag. In subsequent resolutions, the Bundestag expresses its opinion on major issues relating to the right to information and data protection.

The CATI could therefore present its annual report to the Kazakh Parliament, which could examine it and periodically question this institution on the application of legislation on the right of access to information and the necessary developments in case law.

copy the linklink copied!Measures requiring legislative change

Considering the important differences between the oversight bodies for access to information in OECD countries and the CATI, some measures are recommended that require legislative changes.

Evolving the CATI’s status

This recommendation concerns amendments to the CATI as an institution without fundamentally changing the access to information legislation.

Membership

  • It is recommended to determine precisely the number of persons and categories they represent as members of the CATI;

  • It is recommended to better balance the composition of the CATI by engaging more members representing civil society, the academic sector, and the judiciary.

  • For the CATI to remain effective, its member count should not exceed fifteen.

Reinforcing the professional obligations of CATI members

The definition of the professional obligations and duties of CATI members are very general, while the definition of those of members of institutions in OECD countries are numerous and strict. Thus, it should be necessary to create for CATI’s members:

  • An ethics code on personal and professional conduct;

  • A declaration of interest and assets.

Rebalancing voting rules

Currently, the clear majority of CATI members belong to the government. As a result, the CATI’s decisions will likely follow the government’s wishes. In OECD countries, the significant presence of independent figures in access to information oversight bodies (professors, judges, or representatives from NGOs) moderate government influence of their decisions.

It would therefore be appropriate for the Government of Kazakhstan to consider giving greater participation to independent professionals in the CATI.

Clarifying hierarchy in the Commission

Today, the CATI is under the Ministry of Information and Communications and chaired by the Deputy Prime Minister. As explained above, the role of the CATI as a distinctly independent institution is not legally clear. Thus, the hierarchical relation should be reorganised.

Recommendations to apply best practice according to international standards

The following recommendations suggest that Kazakhstan establish a genuine oversight body for access to information in accordance with all the criteria followed by the OECD countries.

An autonomous oversight bodies for access to information

As outlined in this report, Kazakhstan needs a truly autonomous oversight body. To bring Kazakh legislation into conformity with international principles of the right of access to information: (a) appeals against an information holder’s decisions must be possible; (b) the appellate body should be independent and have the means to fulfil its task; it should have legal personality and operative, budgetary and decision-making autonomy; (c) this body could be a judicial or administrative structure; (d) if an administrative structure existed in addition to court procedures to ensure the rights, it would be preferable that this structure should be bound to report to the Parliament.

Currently, according to Kazakh legislation, the functions relating to freedom of information are listed as follows:

  • General application of the access to Information Act is a role held by the CATI;

  • Challenging refusals to respond positively to an access to information request can be carried out by way of hierarchical recourse and court proceedings;

  • Monitoring of the law on the protection of personal data is the responsibility of institutions responsible for internal affairs, in accordance with the Law on Internal Affairs of the Republic of Kazakhstan.

  • The complaint for an infringement of the Data Protection Act is addressed to the prosecutor’s office when the infringement occurs in Kazakhstan; it is addressed to the Ministry of Internal Affairs of Kazakhstan or its territorial departments when the violation happens abroad.

It is recommended that Kazakh authorities should clarify the functions, including:

  • Identifying precisely the information issues they wish to regulate. For example, one of the questions to be considered would be how to ensure, through a fair and independent procedure, the protection of the right of access to information of natural and legal persons.

  • Determining whether existing bodies working in the right of access to information have the necessary legal, material and human resources to fulfil their roles.

  • Considering whether the Commission’s mandate should be modified by entrusting it with new functions related to access to information, such as deciding on appeals in the event of a refusal of access to information.

  • Assessing the division of competencies regarding access to information between the institutions responsible for the protection of personal data and CATI, with a view to deciding whether it is appropriate to modify the powers of either of these institutions.

  • Considering setting up an independent body to monitor legislation on the protection of personal data.

Metadata, Legal and Rights

This document, as well as any data and map included herein, are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. Extracts from publications may be subject to additional disclaimers, which are set out in the complete version of the publication, available at the link provided.

https://doi.org/10.1787/3a8d6a0e-en

© OECD 2020

The use of this work, whether digital or print, is governed by the Terms and Conditions to be found at http://www.oecd.org/termsandconditions.