OG 405 Sharing information with other public authorities under the Charities Act 2011

Last reviewed:
14 March 2012
Last updated:
20 December 2013

Policy Statement/Overview

Every time we liaise with other public authorities we need to think about the nature of the information we receive and pass on and how that information comes within the provisions of sections 54 to 59 of the Charities Act 2011. It is important that we understand these provisions and how we treat information given to us and what we can or cannot disclose. This applies to all of our casework and not only compliance work.

This guidance explains when we can and cannot receive and pass on information to other relevant public authorities under the Charities Act 2011 and how we define disclosure, information and confidentiality in this context. It also considers how we satisfy ourselves that disclosures:

  • enable us or the other public authority to discharge our respective functions;
  • are necessary for the proper discharge of our functions;
  • are proportionate to a legitimate Human Rights Aim and in the public interest;
  • are being transmitted to a named person; and
  • is adequate and relevant (and not excessive), accurate and up-to-date to the best of our knowledge. 

Summary of the guidance

Section E1 Legal/Policy/Accountancy Framework highlights the different elements of the Act. Section E2 looks more closely at what we mean by information, public interest and confidentiality in the context of our work and the considerations that are relevant in deciding whether or not to disclose information under sections 56 and 57.

Section B1 Casework Guidance sets out why it is important for us to consider disclosure of information as part of our work and provides the criteria we need to consider when accepting and disclosing information. Section B2 considers the principles involved when we are involved in making disclosures to other relevant public authorities and how such disclosures might engage issues of human rights and have implications for processing personal data.

At section C1 there is a checklist for disclosures under sections 56 to 57.

Section F sets out the common questions we ask about confidentiality in the context of the Act, which link to the answers within the guidance.

OG Contents (Site map)

Casework Guidance

B1 Disclosure of information: background

In the course of its work, the Commission acquires very considerable amounts of information. The extent to which it can disclose that information to third parties is governed by a number of legal rules. Some of those rules exist to promote privacy and confidentiality. Others tend towards making the processes of government more transparent.

In the course of carrying out its statutory functions, the Commission makes information available (now mainly through its website) about individual charities, about charity law and practice, and about the work of the Commission. Where individuals or organisations approach us for information that we don't usually publish, their requests are likely to be governed by the Data Protection Act or the Freedom of Information Act (and our response will need to comply with the Human Rights Act and any other relevant legislation). Guidance about such requests and what information we are able to provide is contained in OG 720 (Data Protection). Human Rights Act 1998 guidance can be found can be found in OG 71.

This operational guidance looks at the rather narrower question of what information the Commission is able to pass to and accept from other public authorities to enable them to carry out their functions. It also looks at the circumstances in which other public authorities are able to disclose to the Commission to enable it to carry out its statutory functions. The legal framework which creates the 'gateway' through which information passes between the Commission and other public bodies is contained in sections 54 to 59 of the Charities Act.

lawyer_referWe should bear in mind that other public authorities may also have a statutory 'gateway' for information and that it may be possible to rely on that gateway instead of, or as well as, sections 54 to 57. Legal advice must be taken where it is our intention to rely on the legislation of another regulator.

In many cases we manage our relationships with other regulators and agencies for the exchange of information by use of Memoranda of Understanding, which set out the parameters for when and how information is exchanged within our, and their, legal remit. The Compliance Intelligence Unit manage the Single Point of Contact (SPOC) relationships with other regulators and agencies. Disclosures between us and other agencies are made under the Act. We may also make disclosures using FIN-NET (Financial Intelligence Network) - these too fall within the Act.

bewareThe Intelligence Unit records and audits all exchanges under the Act they will also provide advice on who to contact in other agencies. It is important that when a caseworker makes initial contact with another regulator or agency that the Intelligence Unit is informed so that they can make a record of the exchange. Compliance Intelligence Unit need also to be kept informed of ongoing dialogues. 

Other regulators do not always understand the Charity Commission's role as a regulator and can be reluctant to share information. Liaising with them via the SPOC helps to reassure them of our professional and joined up approach to handling information and enables us to keep proper records of disclosures.

Top of page 

B.2 What we consider when we make disclosures to other relevant public authorities

This section looks at the practical issues we need to address before we provide information to another relevant public authority. This applies to cases where we decide to make a disclosure as well as when we receive requests for information. See checklist at C1.

B2.1 What we need to consider for disclosure under sections 54 to 59

Unlike applications for information under Data Protection Act and the Freedom of Information Act we have discretion about what information (if any) we provide under sections 54 to 59. We may therefore consider whether we wish to:

  • disclose all information;
  • disclose particular pieces of information;
  • not disclose anything;
  • provide a summary only.

lawyer_referHowever, seek legal advice if the police are seeking information under these sections in relation to a money laundering or terrorism offence as a criminal offence may be committed if we do not provide the information.


On receipt of a request for information under sections 56 and 57 we should consider the following questions.

Overarching Question

What do we need to think about?

What do we need to do?

Do we have a written request for information?

Section E2.1 explains what we mean by "information" for the purposes of the Act.

Section E1.1 explains what we mean by "disclosure" under the Act and confirms that we have discretion about the information we disclose.

Not all requests come in writing, often we can be asked to disclose information in meetings where we might be uncertain whether it is appropriate.

We might also consider making a disclosure to another regulator without any request from them.

Before any meeting with other regulators, case officers need to be familiar with any Memorandum of Understanding or other information sharing arrangement we have with that particular regulator and decide which information it may be necessary or appropriate to disclose at the meeting. They should take advice from legal and the SPOC beforehand.

Where a verbal request is made for information and we are unsure if it can be disclosed we should ask for a written request. For example it would not be sufficient for the police to ask us for "everything you know about x". We need to know what sort of information they want and why in order to respond proportionately.

Where we take the decision to make an unsolicited disclosure to another regulator it should be done with legal advice and recorded with the Intelligence Unit.   

Does the individual or organisation making the request fall within the definition of a relevant public body?

Public bodies are defined in section 54(3) &56 (4) of the Act.

Section E1.5 sets out what constitutes a relevant public body.

The most obvious public bodies we deal with are the police, other government departments and local authorities.

A useful starting point is whether we have a Memorandum of Understanding with that organisation or whether the Intelligence Unit can provide any information about them.

If we don't know we should ask. The internet is a useful source of background information but legal advice should be taken where there is uncertainty. 

What functions are carried out by the requesting organisation or individual?


If this is an organisation we don't know a lot about looking at its functions will help us decide whether it is a public body and whether we can share information.

Section E1.5 sets out what we need to find out about organisations that are not established by statute.

If we don't know what an organisation does we must ask, and in particular, how will this information help them to carry out their functions (see the next question).  

Will disclosing the information enable or assist the relevant public authority to discharge any of its functions or how otherwise is the information relevant to the discharge of its functions?


We need to make sure that the information we provide is for the purposes set out in section 54. See section E1.3.

We must not provide more information than has been requested without good reason. Any additional unrequested information would need to fall within section 54. 

We must ask if we are uncertain how this information will help in discharging the functions of that organisation or how it is relevant to them.

Will disclosing the information enable or assist the Charity Commission to discharge any of its functions?


We need to consider how disclosing the information to the relevant public body will further our functions or objectives. It will generally not be difficult to conclude that assisting another regulator when seeking compliance with the law will (directly or indirectly) promote our statutory objectives. If you have any doubt seek legal advice.

Are we certain about what information is being requested?



We need to be precise about the information being requested. This will help us make a decision on what, if anything, we disclose. There may also be other considerations that give us reason not to disclose particular information.

See the next section which sets out our considerations on human rights and data protection, and section E2 which explains what we mean by "public interest" and "confidentiality" under the Act. 

Where we decide that we can proceed with the disclosure we need to identify the material in our possession which is relevant to the request.

When identifying material we need to keep a record of what we will disclose and why and what information we have considered and the reason for non-disclosure. This provides an audit trail for the decision making process.


Top of page


B2.2 Consideration of human rights when making disclosures under the Act 

Any time a public body shares information about an individual or legal entity (which may include a charity) human rights are likely to be engaged. The Human Rights Act gives effect to the rights and freedoms guaranteed under the European Convention on Human Rights and the Commission, as a public authority, must not act in a way which is incompatible with Convention rights. We must seek to find a fair balance between the protection of individual rights and the interests of the community at large. According to the European Court for Human Rights case law, any restrictions on individual rights must be strictly proportionate to the legitimate aim they pursue and must not go beyond what is necessary to achieve that purpose. This means that the extent of the information we decide to disclose must be a proportionate response to the request and a proper use of our powers.


What we need to consider

Example or action needed 

Does the request or disclosure involve information about individuals?

If so:

Is the disclosure for a legitimate aim? (See OG71 A2  Convention Rights)


Is the disclosure proportionate to this aim? (See OG71 B2 How Human Rights affects the Charity Commission)

Our consideration will not be limited to our own functions but also to those of those of the organisation with whom we are sharing information. What is legitimate will depend on which convention right is engaged, for instance, Article 8 the prevention of crime or national security is a legitimate aim where we supply information to the police about criminal activity we have uncovered and economic well-being of the country in respect of disclosures to HMRC. 


Proportionality would cause us to think about how much information we give to ensure that we are disclosing only the narrowest set of information in order to meet the request.  It would also give us cause to think about who information is given to, for instance is it proportionate that it should be given to FIN-NET where the information is disseminated amongst all its members. 

Are safeguards in place to minimise the interference with the rights of the individuals in question?

We would need to ensure that data is transmitted in a secure way and to a named person. See departmental protocols about sending information securely.

We have arrangements with some regulators or agencies about exchange of information and procedures for any exchange. These arrangements are set out in memoranda of understanding (MOUs). Consult the SPOC if you are uncertain about exchanging information. 

Are there any other repercussions that could cause harm (including reputational) to the individual/charity concerned?

If yes; 

Is the disclosure in the public interest and proportionate to the public interest? - see section E2.2.

The level of what we disclose in the public interest will depend upon which convention right is being engaged.

Examples of where our compliance work might impact on human rights principles can be found in section 3 of OG117 A1. These examples may easily apply to other work within the Commission.

Where information relates to more than one charity separate requests will be needed for each charity and we should take care not to disclose information about a second charity for which no request has been received.

Top of page


B2.3 Confidentiality and disclosure

We need to take particular care with information we regard as 'Confidential' as we may not be able to disclose it. Confidential will not always mean 'sensitive' personal information (for instance previous convictions or medical information), which is considered in the first instance under data protection principles set out in B2.4 below. To avoid inappropriate disclosure of confidential information we need to think about the following issues.


What we need to consider

Example or action needed

Is the information we are considering for disclosure confidential?

What is the nature of the information?

Why do we have it in the first place? 

In general terms correspondence with the Commission (letters, emails, details of phone calls or meetings) is not confidential.  Information is treated as confidential only where there is good reason for doing so.

Section E2.2 onwards sets out the circumstances where we treat information as confidential.

Section E2.6 sets out the type of information that would be considered confidential.


Do the circumstances in which the information was given or requested make it confidential?

Who gave us this information?  

What was the reason it was given to us or why did we ask for it?  

Are there any legal restrictions on that information that make it confidential?

Is the information given to us expressly or impliedly to us in confidence?  

Does the information relate to actual or intended legal proceedings? 

Is it internal legal advice (including the original request for advice)?  

Does the information allege misconduct or any kind of criminality?  

Does the information contain personal data?

Does the information contain material which, for any other reason, seems inappropriate to disclose?

The following circumstances are likely to give rise to confidential information:  

  • Protected disclosures given to us by a whistleblower. The Public Interest Disclosure Act 1998 (PIDA) gives statutory rights and protections to whistle blowers. The Commission is a 'prescribed person' for receipt of disclosures under PIDA. As such we have responsibilities towards a whistleblower and therefore we need to be very careful before revealing a whistleblower's identity.  
  • Information received by us "in confidence" in connection with our functions - see section E2.3 which sets out relevant factors for agreeing to receive information subject to a duty of confidentiality. 
  • The information was obtained using our statutory powers, or threat of them, under section 52 or 53 of the Charities Act. 
  • Information that contains defamatory statements or sensitive personal data.
  • Charity auditors or independent examiners have rights and obligations of disclosure to us in certain circumstances. See Web guidance CC32 which explains matters of 'material significance' to be reported by independent examiners. OG15 Charity Accounts and Reports considers the legal basis for making reports by charity auditors and what must be reported. Similarly we need to take care about revealing any such disclosure in information we provide.

Should we disclose information that is confidential?

Even where information is confidential we need to ask:  

Is it in the public interest that we disclose it?  

Are we required by law not to disclose it?  

Are we required by law to disclose it?

For legal reasons we will not disclose generally (although in some cases we may be able to if it is in the public interest - always seek legal advice):

  • Legal advice taken by a charity and copied to us but with no suggestion that legal privilege is being waved.  
  • Internal legal advice including the original request for advice.  
  • Information provided to us under the Act on terms that we cannot by law disclose it, eg from HMRC. 
  • Information obtained under Part 1 of the Regulation of Investigatory Powers Act 2000 (RIPA). An example may be where we find out about a previous conviction. However, we must disclose RIPA information about money laundering or terrorism even where it is confidential.

For legal reasons we must disclose:

  • Information about money laundering or suspected terrorist activity.

Top of page 

B2.4 Consideration of data protection principles when making disclosures

The provisions of the Data Protection Act 1998 will apply in considering whether we can disclose information under the Act and we must pass personal data to another relevant public authority only where we can comply with the data protection principles, in particular, the first data principle about processing information lawfully and fairly.

So that we may conform to those principles we need to ask the following questions.

Top of page

Question What we need to consider Example or action needed

Does the information contain 'personal data' or 'sensitive personal data' for the purposes of the Data Protection Act?

We must identify the nature of the information that may be disclosed and whether it is 'personal data' or 'sensitive personal data' as set out in OG720.

Examples of this type of information may be where:

  • a PNC disclosure reveals an alleged criminal offence; or
  • where the disclosure indirectly reveals a person's religion (by confirming someone is a trustee of a religious charity where religious membership is a prerequisite to trusteeship).

Where we are dealing with 'personal data' or 'sensitive personal data', what are the relevant data protection principles we must apply in disclosing the information?

We must ensure that the information is:

  • accurate and up-to-date;
  • ·         will be transmitted in a secure manner;
  • will not go outside the European Economic Area;
  •     necessary to enable the public authority to perform its function;
  •      contain only adequate and relevant (and not superfluous) information.

Also, the disclosure must satisfy:

  • ·         one condition in Schedule 2 of the DPA – see OG720;

and if it is 'sensitive' personal data:


  • ·         one condition in Schedule 3 of the DPA – see OG720.

If there is any uncertainty about the nature of information or what should or should not be included legal advice must be taken.

Information for transmission beyond the European Economic Area will require additional checks, advice should be taken from Compliance Intelligence Unit.

Schedule 2 allows for us to 'process' data where we have consent or agreement or it is necessary to process the data for specific reasons.

Consent does not have to be in writing, where we do not have written consent we need a clear record that consent has been given.

Schedule 2 sets out what is deemed to be necessary. An example in the context of our work may be that it is necessary to process data for the administration of justice (passing of information to the Police where that particular piece of information would be instrumental in preventing a crime).

Schedule 3 relates to sensitive personal data about:

  • racial or ethnic origin;
  • political opinions;
  • religious belief (or beliefs of a similar nature);
  • trade union membership;
  • physical or mental health;
  • sexual life;
  • commission or alleged commission of any offence by the person;
  • proceedings (or results of proceedings) relating to any offence committed or alleged to have been committed by the person.

Schedule 3 allows us to process data where:

  • we have permission that is explicitly given; or
  • where processing the information is necessary for specific reasons which are set out in OG720.  

We also need to ensure that we mark sensitive personal data appropriately so that it will not be used for onward transmission or used for any purpose other than those stated. 

Top of page

B2.5 Minimising risk of an action for defamation

In passing on information we need to take care to minimise any risk of an action for defamation from those who may be named within it. 

Question What we need to consider Example or action needed

How do we avoid disclosing potentially damaging information?

We must identify anything that may be defamatory.

A test for this would be to ask "would the reputation of those named be lowered in the estimation of right-thinking members of society in general?"

Where there is something that is potentially damaging but which we consider should be disclosed for us to reasonably perform our function, the disclosure must be supplied:

  • in the belief that the information is true; 
  • in good faith; 
  • in the public interest.

Legal advice must be taken on any issues of what may or may not be disclose

We need to look closely at any information of a confidential or personal nature to check whether the content is potentially damaging.

Defamatory information might include a description of misconduct/mismanagement or an indication of an adverse interest in a person by the Commission or even an inference of this.


Section C1 contains a checklist for disclosures under sections 54 to 57. 


lawyer_referYou must take legal advice on any issues of what can or cannot be disclosed.


Top of page

B2.6 Reporting criminal activity to the police

Our conduct as Civil Servants in this respect is set out in guidance maintained by the Ministry of Justice. Commission staff are bound to notify the police if they come into possession of information which indicates that a crime has been or is about to be committed. You should report evidence of criminal or unlawful activity to the police or other appropriate authority. These reports should be made in accordance with sections 54 to 59  disclosure and include cases where we compile detailed information packs to report potential criminal or regulatory concerns outside the Commission's jurisdiction to another regulator (usually the police). We have a Memorandum of Understanding with ACPO (Association of Chief Police Officers) that sets how we report matters on a local basis.  

In reporting matters to the police we must ensure that we adhere to the principles set out in this guidance and we must be clear about what we know and what we have been told. In cases where a loss to a charity is trivial, or where we uncover offences that are very old, staff should consult the Intelligence Unit to obtain a view on whether we should provide information to the police in order to properly discharge our duties.

Occasionally trustees of charities may approach us to ask whether they might forgo reporting a crime that has taken place within a charity on the basis that they have been offered restitution in return for an undertaking not to report the offence to the police.

Our guidance to charities is that they should inform the police and the Commission of any suspected criminal activity within or involving the charity as soon as possible after the incident. This includes where an individual may have committed an offence that calls into question their suitability to be involved in a charity, whether as a trustee, member of staff or volunteer.

If we are approached by the trustees for advice on whether to report the matter, we are bound to pass information to the police if the trustees fail to do so but we must make clear that we are passing on information and have no direct knowledge of the alleged offence.

Reporting matters that might be of relevance to other public authorities is not bound by the same Civil Service Code and relies solely on sections 54 to 59 when making the decision whether to disclose but subject, of course, to confidentiality issues -  see 2.3 above.

Top of page

B2.7 Witness statements

lawyer_referWe are bound by law to provide a witness statement to the police when asked. Some of the information that will be put in the statement may have come to us under the provisions of the Act and potentially will be subject to disclosure under criminal evidence rules and other disclosure obligations under criminal law. Therefore, it is important to discuss the wording of the statement with a legal advisor before and during the drafting process. Where any information included in the statement was not generated from within the Commission or is subject to any restrictions (including protective markings), this should be made clear to the legal advisor.

The SPOC should also be informed of the disclosure and a proper audit trail maintained as described below.  

Top of page

B2.8 Recording disclosures 

The Intelligence Unit is responsible for recording all disclosures under the Act made by the Commission. This is part of their general work of maintaining contacts with other government departments, regulators and agencies. Consulting the SPOC before making disclosures ensures that they have oversight of working relationships between the Commission and other public bodies.Top of page

Charts and Checklists

C1 Checklist for Section 56 and 57 Disclosures

Decision making guidance


Initial considerations 

  • Do we have a written request?
  • Is it a public authority?
  • Do we know the relevant functions for which the information is requested?
  • Is the disclosure enabling or assisting the public authority to discharge these functions, or it is otherwise relevant to those functions?


Human Rights

  • Does the disclosure involve information about individuals?
  • If so, is the disclosure for a legitimate aim within Article 8 (e.g. prevention of crime, or national security), and
  • Is the disclosure proportionate to that aim (e.g. are we disclosing only the narrowest set of information to meet the aim)?
  • Are safeguards in place to minimise the interference with the individuals in question (e.g. is the data being transmitted securely, and only to a named person)?
  • Are there any other repercussions that could cause harm to the individual / charity concerned (including reputational)? If so is the disclosure in the public interest, and proportionate to the public interest?



  • Check the information is not legally privileged, nor obtained from a whistle-blower, nor obtained from another public authority under the Charities Act.
  • Was the information obtained using our statutory powers of compulsion (s.47 or s.53) - if so are we satisfied that disclosure is in the public interest?


Data Protection

  • Does the information contain 'personal data' or 'sensitive personal data' for the purposes of DPA?
  • If so, are the relevant data protection principles / DPA schedules complied with by the disclosure? E.g. is the information: accurate and up-to-date, to be transmitted in a secure manner, not going outside of the EEA, necessary (i.e. reasonably required) to enable the public authority to perform its function, contains only adequate and relevant (and not excessive) material?



  • Is the information defamatory (i.e. would it tend to lower those named in the estimation of right-thinking members of society in general)?
  • If so is the information supplied either true, or supplied in good faith without malice and in the public interest? 


Commission's Privacy Statement [1]

  • Is one of the following conditions satisfied in relation to the disclosure?   
    • we have the data subject’s consent; or
    • we are legally obliged to disclose; or
    • it is necessary for the proper discharge of our statutory functions; or
    • is necessary in compliance with our function as regulator of charities; or
    • it is to a relevant public authority and is both necessary and subject to an overriding public interest

[1] This Policy, agreed by the Board, although not itself reflecting a legal requirement, should also be taken into account in our decision making in this context, and the reason for any departure from it should be carefully recorded.

Top of page


Legal/Policy/Accountancy Framework

E1 Disclosures under sections 54 to 59 

This section sets out the legal nature of disclosure within section 10.

E1.1 What is disclosure?

In the context of sections 54 to 59 of the Charities Act, disclosure is the process of giving and receiving information between the Commission and other public authorities.

These provisions authorise disclosure of information, not the transmission of documents or other evidence (although information will often be provided in the form of a copy document or a witness statement setting out facts). Legal advice must be taken where we are required to make witness statements. 

Sections 54 to 59 of the Charities Act 2011 provide us with the legal basis for disclosure. Unlike applications for information under the Data Protection Act or the Freedom of Information Act we have a degree of discretion about what information (if any) we provide unless other legal obligations apply such as where the information is being requested by the police in connection with money laundering or terrorism offences or by the court in litigation proceedings. 

Top of page

E1.2 Sections 54 and 55 disclosure of information to the Commission

Sections 54 and 55 deal with disclosure of information made to the Commission. Any 'relevant public authority' [See 1.5 below.] may disclose information to the Commission if the disclosure is made for the purpose of enabling or assisting us to discharge any of our functions.

Our objectives, general functions and duties are set out in sections 14, 15 and 16 of the Charities Act 2011. Amongst other things, we promote compliance by charity trustees with their legal obligations to control and manage their charity. We encourage and facilitate better administration of charities and identify and investigate apparent misconduct or mismanagement, taking remedial or protective action as appropriate. We do these things to increase public trust and confidence in charities and it is within this context usually that we may need to disclose information..

A disclosure may be subject to additional restrictions, for instance, on how it may be kept and used. about the type of information we can receive and how it might be stored and used. Section 10 also sets out particular limitations on the information disclosed to us by HM Revenue and Customs (HMRC).

Top of page

E1.3 Sections 56 and 57 disclosure of information by the Commission

Section 56 and 57 is concerned with disclosure of information by the Commission to other relevant public authorities. Subject to sections 56(3) and 57(1) & (2) we may disclose to any relevant public authority any information which:

  • has been received by us in connection with our functions; AND
  • the disclosure is made for the purpose of enabling or assisting the relevant public authority to discharge any of its functions; OR
  • the information so disclosed is otherwise relevant to the discharge of any of the functions of the relevant public authority.

Section 56(3) provides that our power to disclose information is subject to any express restriction placed upon the information when it was disclosed to us. This section does not apply to information from HMRC, which is dealt with under section 57(1) & (2).

Section 57(1) & (2) prevents disclosure of information provided under section 52(1) by HMRC. Any information disclosed to us by HMRC can only be disclosed with the express consent of HMRC. Contravention of this section is an offence by the person responsible for the disclosure.

Section 57(3) to 57(8) set out the penalties for illegal disclosure, the defences for an illegal disclosure and the definition of a 'responsible person'.

We cannot use our powers under sections 47 or 52 of the Charities Act 2011 for the purpose of obtaining and transmitting information to other organisations even if the onward disclosures are intended to be made under sections 54 to 59.

Top of page

E1.4 Section 58 disclosure to and by principal regulators of exempt charities

Section 58 provides for the disclosure of information to or by the principal regulator of an exempt charity under the same principles as set out in sections 54 to 57. These powers of disclosure have appropriate safeguards in relation to information received from HMRC.

Top of page

E1.5 Section 54(3) and 56(4) what is a relevant public body?

Sections 54(3) and 56(4) define a 'relevant public authority' as:

  • any government department (including a Northern Ireland Department);
  • any local authority;
  • any constable; and
  • any other body or person discharging functions of a public nature, (including a body or person discharging regulatory functions in relation to any description of activities). This includes any such body or person in a country outside of the UK.

A Memorandum of Understanding may be a good starting point for telling us whether or not an organisation is a relevant public body. However, where none exists it is useful to apply the test of whether a body can be subject to judicial review. That test is whether the body is exercising a governmental function or simply acting as a domestic tribunal whose power comes from its contract between its members. The fact that a body derives its power from statute (or from the Royal Prerogative) is a reasonably clear indication that it is discharging public functions (for example, The Law Society). If a body carries out functions, some of which are of a public nature and some of which are of a non-public nature, it would be open to us to disclose information to enable it to carry out its public functions.

In the case of a body not established by statute, in order to form a view about whether it discharges functions of a public nature, we would need to ascertain:

  • whether the body in question exercises statutory powers;
  • the nature of the activity it regulates;
  • why that activity needs to be regulated in the public interest;
  • whether that body has been advised that its regulatory activity is susceptible to judicial review.

Section 58(7) defines 'enactment' and section 55(4) 'Revenue and Customs information'.

Section 59 states that nothing authorises the making of a disclosure under sections 54 to 59 which:

  • contravenes the Data Protection Act 1998; or
  • is prohibited by Part 1 of the Regulation of Investigatory Powers Act 2000, which ensures that the methods used to collect  conforms to Human Rights Act principles.

Top of page

E2 What do we mean by 'information' 'public interest' and 'confidentiality' for the purposes of the Act?

In order to apply the provisions of section 10 we need to be clear about the policy on its use, what we mean by 'information' 'public interest' and 'confidentiality' and the principles that apply when we accept or divulge information.

E2.1 What is information?

In the context of the Act, information relates to knowledge and facts about someone or something. 

We are able to pass on information that has been received in connection with any of the Commission's functions. It follows that there may be difficulty in passing on information that has come to us accidentally, or unlawfully, or otherwise than in connection with our statutory functions.

Legal advice should be taken where information seems to have come to us in any of those ways.

Top of page

E2.2 What do we mean by public interest?

There is no single definition for the term 'public interest'. The starting point for Government is that disclosure of information as a principle is in the public interest. However, legislation that relates information and the rights of individuals allows for levels of exemption from disclosure. When we deal with disclosure of information under sections 54 to 59 we must take account of the legal principles not only in the Charities Act 2011 but also in other legislation that may have and impact on the way we deal with the information in question (depending on how that information came to us, whether it maintains any quality of confidence and how we intend to use it). What is meant by public interest depends on which legal principle is being considered (for example human rights or confidentiality). We must be able to show that these legal principles have been properly considered within the context of our regulatory work and balanced in the wider interests of the public or the sector in general, against the specific interests of the individual and charity concerned. .

Top of page

E2.2 What do we mean by confidentiality?

Whether or not the information is confidential will depend on the circumstances under which it was received and the nature of the information.

In general terms, correspondence with the Commission (letters, emails, telephone calls or meetings) is not as such confidential. We treat this information as confidential only where there is a good reason for doing so. Where we determine that particular information is confidential it should be marked or flagged as such. Where information sent to us is marked as confidential by the sender, we should always inform the sender whether or not we will treat the information as confidential (see E2.3 below). Just because a document is marked as confidential does not mean necessarily that a duty of confidence arises.

The core principles of the law on confidentiality are, broadly:

  • A duty to treat information as confidential may arise from the terms of a contract (whether express or implied) where it may be imposed as a matter of law (that is, an equitable obligation).
  • Key factors in establishing whether there is an equitable obligation are:
    • the nature of the information has the necessary quality of confidence;
    • the circumstances in which it was imparted; and
    • notice of its confidentiality.
  • If it is in the public interest, confidential information may be disclosed.

In practical terms it can be argued that nearly all proposed section 54 to 59 disclosures will hit the public interest threshold, so the confidential quality is a consideration but not a bar to using the this gateway. Also the consent of the data subject or author's consent may give us the basis to disclose the information but this may not always be appropriate for operational reasons. 

We make a public statement (Information Charter - Personal information charter) on our web site in general terms about our lawyer_referpolicy on holding, processing and disclosing information. Exceptionally, we may need to deviate from this policy for legal reasons. This must not be done without reference to a lawyer.

Top of page

E2.3 How do we decide if information received by us should be confidential?

The good practice guidance 'Public Sector Data Sharing: Guidance on the law' available on the Ministry of Justice's website sets out the circumstances in which a public authority (such as the Commission) should accept information in confidence. The guidance relates to section 41 of the Freedom of Information Act but provides useful general guidelines about confidentiality which includes:

  • public authorities should only accept information from third parties in confidence if it is necessary to obtain that information in connection with the exercise of any of the authority's functions and it would not otherwise be provided;
  • public authorities should not agree to hold information received from third parties 'in confidence' if it is not confidential in nature;
  • acceptance of any confidentiality provisions must be capable of justification to the Information Commissioner.

In considering whether to agree to hold information subject to a duty of confidentiality the FOI guidance explains that the following factors may be relevant;

  • the nature of the interest which is to be protected and whether it is necessary to hold the information in confidence in order to protect that interest;
  • whether it is possible to agree to a limited duty of confidentiality, for example, by clearly stating the circumstances in which the information would be disclosed;
  • whether the information will only be provided on the condition that it is kept confidential and, if so, how the important the information is in relation to our functions;
  • the nature of the person from whom the information is obtained and whether that person represents a public authority to which the Freedom of Information Act and the DCA's guidelines apply. Where the person supplying the information is also a public authority (apart from HMRC) we should be particularly cautious in agreeing to keep the information confidential.

Top of page

E2.4 Legal judgements that set out an implied duty of confidence

The circumstances in which information is obtained may impose an implied duty of confidence even where the information is not obviously of a confidential nature. Where a public authority has statutory powers to compel individuals to provide information for a limited our purpose in the exercise of a legal power or to further a legal duty, a duty of confidentiality will often arise in relation to that information and the public authority may be prohibited from disclosing the information for other purposes - see Marcel v Metropolitan Police Commissioner [1991] 1 All ER 845. This principle also applies even where the information is provided following a threat of compulsion - see Barlow Clowes Gilt Managers Limited [1991] 4 All ER 385.

Section 47 of the Charities Act gives us power to demand information and copy documents for the purposes of an inquiry. We also have power under section 52 of the Act to compel the provision of information which is relevant to any of our functions. The standard templates for opening inquiry cases together with our guidance in CC46 provide an actual threat of compulsion and therefore such information can be treated as confidential.

When we receive copies of legally privileged advice, that privilege can be waived expressly or implied by the client. However, where privilege is waived, our further disclosure of such advice to the police (to assist with a criminal investigation) will  not remove the cloak of privilege for police purposes - British Coal Corporation vs Dennis Rye (No. 2) [1998] 1 WLR 1113 (at 1121 - 11220). There seems to be no reason why disclose to any other relevant public authority should not be subject to similar protection.

Top of page

E2.5 Legal professional privilege (LPP)

This is a legal rule that protects the confidentiality of legal communications between lawyers and their clients and includes legal advice that caseworkers receive from Legal Advisers about their case work. The Ministry of Justice provides guidance on the nature of LPP disclosure of privileged advice.

In the light of recent cases, it is clear that the Commission will only be entitled to rely on the defence of qualified privilege in respect of a defamatory publication if the publication is consistent with its public law duties. This means that we should:

  • only publish or disclose information for the purpose of and to the extent necessary for performance of our public duties; and
  • in accordance with our obligations under the Human Rights Act (in order to claim qualified privilege the publication must be necessary for a legitimate aim and proportionate to a specified aim).

If the information published or disclosed affects an individual's reputation, there is an interference with his or her rights under Article 8(1), and so, in order to be justified under Article 8(2), the publication or disclosure must be necessary and proportionate to that aim.

Top of page

E2.6 Information that the Charity Commission will treat as confidential

Depending upon the circumstances we will treat the following information as confidential:

  • Whistleblowing and complaints about charities. The identity of individuals who report to us their legitimate concerns about the management of a charity will generally be treated as confidential. Of course, we are not able to give an absolute guarantee of confidentiality as we may need to disclose information to another regulator in the public interest. Also, it may be possible for the individual complained about to deduce the identity of the informant. Moreover, confidentiality cannot be used by an informant to hide an improper motive. Our guidance OG 407 Public Interest Disclosure Act 1998 sets out how we should deal with whistleblowing disclosures.

accountant_referAccountancy advice must be taken where whistleblowing disclosures come from a charity's auditor or independent examiner.

  • Information for which we ask in the course of an inquiry. We have statutory powers to compel answers to questions which we ask in the course of an inquiry. We can use information obtained by the use (or threatened use) of our statutory powers only for our statutory purposes. Outside those statutory purposes, such information will be treated as confidential.
  • Information which may properly be regarded as confidential, for example commercially sensitive information. However, it is important to note that the information may cease to have the quality which made it confidential, for example if it is published and is therefore no longer confidential. This includes internal documents, for example briefing documents, where we repeat confidential information such as legal advice received by charities or information we have obtained using our information gathering powers under sections 47 and 53.
  • A charity's own legal advice. Where a charity copies to us legally-privileged advice obtained from its own legal advisers, without generally waiving that privilege, we are bound to regard the advice as confidential. Confidentiality does not, however, extend to correspondence between the charity's legal advisers and the Commission unless it contains the legal advice.
  • Personal data. Personal data will be treated as confidential except to the extent that disclosure is in accordance with the Data Protection Act 1998.

This list is not exhaustive and there may be other instances where we may wish to treat information as confidential. If you have doubts about the nature of information received and whether it should be treated as confidential you should seek legal advice.

We cannot pass on information via the statutory gateway which has come to us accidentally, or unlawfully, or otherwise than in connection with our functions. However, where the information relates to a serious crime offence, such as terrorism, we may be able to disclose the information to the police on other grounds outside sections 54 to 59. Legal advice must always be taken in such circumstances.

Other regulators may have their own legislation that they can use to disclose information to us an example of this may be where the police use the Serious Organised Crime Police Act 2005, section 33 to disclose information to us. 

Top of page

E2.7 Disclosing confidential information

Disclosing confidential information puts the Commission at risk of a legal action for breaching confidentiality. However, there are limited circumstances where confidential information should be disclosed by the Commission and there will be minimal risk of a successful action for breach of confidence. This is where it is in the public interest to disclose the information including for the prevention of crime or the interest in public safety. Legal advice should be sought in all instances where the disclosure of confidential information is being considered.

Top of page

Q & A

F1 Why do we need this guidance?

We deal with a lot of information in our everyday casework and not all of that information is received or disclosed under section 10. That said, we need to  be able to recognise the nature of information we hold and when it is appropriate to use sections 54 to 59.  

F2 What do we mean by disclosure?

This is the process of giving and receiving information between the Commission and other public authorities. This is set out in more detail at section E1.1 Legal Framework.

F3 What is the definition of a 'relevant public authority'?

This is defined in sections 54(3) & 56(1) of the Charities Act. Section E1.5 of the Legal Framework looks in more detail at how we might identify whether organisations fulfil the criteria for a relevant public body..

F4 What is information?

Section E2.1 sets out the what we consider as information in the context of sections 54 to 59.

F5 What do we mean by confidential?

What we treat as confidential will depend on the nature of the information, the circumstances in which it was received by, or given to, us and the way it is treated or viewed by other parties. See Legal Framework sections E2.2, E2.3 and E2.4.

F6 What information do we treat as confidential?

The most usual circumstances when we treat information as confidential are outlined at section E2.6 of the Legal Framework.

F7 What questions do I need to ask as a caseworker when I have been asked for information?

Section B2.1 sets out the overarching questions we need to ask when we have a request for information or when we decide to disclose information to other relevant public authorities.