In Brief: What do the Re-Use of Public Sector Information Regulations 2015 mean in practice

Public bodies must now make information available for re-use for alternative purposes.  The Re-use of Public Sector Information Regulations 2015 (ROPSIR ) governs the re-use of Public Sector Information and how public bodies facilitate such re-use of existing information collected and held as part of that Public Body’s public task.

ROPSIR was originally implemented into UK law in 2005 as part of the EU drive to increase government transparency and accountability. Whereas, ROPSIR 2005 only placed a requirement on public bodies to facilitate re-use of the information they collect, the new Regulations place an obligation to do so.  This means that any public body impacted must now comply.

We already publish information through  Freedom of Information (FOI) requests, so why this additional layer of obligations and how does it differ?

It is true that information may be obtained through the FOI channel, however, under FOI, public authorities are only obliged to provide the information specifically requested, not the full datasets containing that information.  Under ROPSIR, where possible, the full dataset must be made available. Where a full dataset is requested under FOI, ROPSIR regulations should be applied.

FOI places no restrictions on what is done with information once it has been provided. ROPSIR provides public bodies with an opportunity to not only ask what the information is to be re-used for but also to license and/or place restrictions on such re-use so long as such restrictions are non-discriminatory and do not unnecessarily restrict competition or the way the information is re-used.

Furthermore, public bodies may charge marginal costs for supplying information for re-use, but not make a profit for doing so.

So what does that mean exactly?

Public Bodies and Information in Scope:

ROPSIR2015  applies to most public bodies including central and local government, archives and museums and libraries, including university libraries.

Information covered includes any information collected as part of the public bodies public task, i.e. any data collected, held or disseminated in order for the public body to fulfil its core role and activities. This may be information in any form, including visual, digital, print, sound and electronic data.  This  includes, but is not limited to, any performance or financial data, reports, codes of practice, still or moving images, technical reports, consultation and policy documents and local planning and publication schemes.

A brief overview of which public bodies are in scope can be found below:

Screen Shot 2016-02-07 at 10.08.12

(National Archives, 2015)

Public Task:

The public task refers to any core function or activity of the public body. The regulations do not provide a definitive account of what the public task is. Any information produced solely by a particular public body that forms part of a statutory obligations or requirement or that has been established as part of a custom or practice is likely to be considered part of the public task for that public body.

What is the minimum obligations:

Public bodies must publish an ‘Information Asset List’ containing details of:

  • What information is available for re-use;
  • How such information can be obtained; and
  • Any terms or conditions applicable for re-use.

This information asset list is in addition to any existing publication scheme published by a public body under section 19-20 of FOI.

Under ROPSIR the minimum obligation on public bodies must ensure the scope of their public task is available and transparent.  ROPSIR section 5(1)(a) states that information outside the public task is not in scope. However, this only applies where the scope of the public task is transparent and subject to review. It is therefore advisable for public bodies to have a statement of public task. This document should make clear what information the public body produces, holds or disseminates that falls within the scope of ROPSIR.  The National Archives provide some guidance on how to create such a statement  (National Archives, 2015).

Receiving a request for Re-Use:

Any request submitted must be in writing, state the name of the applicant, specify the information requested and state the intended re-use purpose (Regulation 6).

A request must be complied with (with or without restrictions on how the information may be re-used) or refused within 20 working days of receipt. More time to collate the information may be requested where a request is particularly extensive or complex (Regulation 8).

A request may be refused if it does not fall within the scope of ROPSIR. Any refusal must be in writing giving reasons for the refusal (Regulation 9).

Information to be provided:

Information released should be made available in its original format and language. The public body are not required to adapt or create a document in order to comply with a request for re-use where to do so would involve disproportionate effort.

However, where possible, information supplied following a request under ROPSIR should be in machine readable, open format and include metadata (Regulation 11).

Charging for releasing information:

Regulation 15 makes provision for charges to be levied for the provision of information. However, such charges must be limited to marginal costs incurred in regard to the reproduction, dissemination or provision of the information requested.

Any charges in excess of marginal costs may not exceed the sum of:

  1. Direct costs;
  2. A ‘reasonable’ allocation of indirect costs that are directly attributable to the chargeable function; and
  3. ‘A reasonable return on investment’ (Regulation 15(6)(c)).

Where an applicant has already been charged for access to the information under information access legislation, no charge may be levied.


Public bodies should establish an internal complaints procedure for applicants to follow. Any complaint must be dealt with within a reasonable time and reasons for the decision reached must be provided (Regulation 17).

However, where an applicant does not believe the public body has complied with its obligations under ROPSIR, he/she may complain to the Information Commissioner.

Additionally, if the applicant still feels the complaint has not been resolved, ROPSIR now confers a right of appeal to the First Tier Tribunal (Regulations 18 and 19).

Key points to consider:

  • ROPSIR only applies only to information created, held or disseminated as part of the public task for which the public body holds copyright. Any information held that falls outside the scope of the public task is not covered.
  • Public bodies must, at a minimum, publish an ‘Information Asset List’ detailing what information is available for re-use and how this may be obtained.
  • Information outside the scope of ROPSIR may still be obtainable under FOI.
  • Information out of scope under FOI because it is defined as a ‘relevant copyright work’, may still fall under the re-use provisions and thus, re-use permissions should still be granted. Advice should be sought on this as opinions vary as to what does or does not fall under the FOI re-use provisions.
  • Public bodies may NOT reclassify information held, disseminated or produced as outside the public task to avoid compliance within ROPSIR.
  • Information that is otherwise accessible, e.g. thorough making a request through the Environmental Information Regulations 2004 or the Data Protection Act 1998 and data that is subject to a third party copyright falls outside of the scope of ROPSIR.
  • If a public body is considering charging for making information available under ROPSIR, details of any such charges must be available for public inspection. Therefore, public bodies should include charging details in their information asset list and public task statement. This will reduce the likelihood of ICO upholding any potential challenges to charging regimes imposed. Failure to include charges in the PTS may result in the Information Commissioner’s Office upholding the complaint and asking for monies to be refunded.

Re-Use of Public Sector information – is it a good idea?

Why should public bodies spend time and resource on publishing data open source and potentially developing schemas or standard processes for such publishing  when there is nothing in it for them?


Some might argue that as soon as the data is published, if there is a re-use for it and/or there is potential commercial value in the information, someone will want to make a proprietary claim to it.


Therefore,  if the information is really of interest to a commercial organisation, they will invest the time/resource into making sense of what is put out there, so public bodies don’t have to?


That is one way of looking at it.


Could it not also be argued, that this is exactly what was intended. Public data should be released for re-use so as to encourage entrepreneurship, innovation and clever uses of that data in ways that we perhaps could not have foreseen or envisaged. That way, information that is freely available can help boost business and encourage growth?


These are just two viewpoints on whether or not making public data available open source is a good idea, I am sure there are lots more arguments for and against – what do you think?


Re-Use of Public Sector Information Training Session

I am very honoured and excited to have been invited to attend a training session to be held in Yorkshire for a mixture of public bodies (local authorities, police and fire brigade) in early 2016 on how to interpret and implement the changes brought about with the enactment of the Re-Use of Public Sector Information Regulations in July 2015.

It will be very interesting to hear different perspectives of how best to interpret this piece of legislation and get ideas for best practice implementation in the Yorkshire region and beyond.

I am hoping this will help inform my research and am looking forward to attending.

Security Incidents involving Personal data Q1 2015/16

In the first quarter of 2015/16 there were 391 new data security incidents reported to the Information Commission Office according to their website (

That constitutes an average of 130 incidents each month where information has been lost, stolen, compromised or inadvertently sent to the wrong recipient (31.5% of these cases related to information being given or sent to incorrect addresses and/or recipients).  Is this simply down to bad luck?

What can be done to help public bodies reduce the number of incidents? Perhaps security protocols are not working as intended (e.g.  too lenient or too difficult to follow and therefore, being ignored) or maybe these relate to processes.

I would be interested in hearing from anyone involved in data protection and security of personal data with their views on this subject.




Public Open Source Publishing

In July 2015 the Re-use of Public Sector Information Regulations 2015 (implementing European Directive 2013/37/EU) came into force.

These regulations require public bodies to make most Public Service Information available open source for re-use (unless the information is otherwise excluded or restricted).

Furthermore, these regulations amend the Freedom of Information Act 2000 so that, once information has been released, it must remain available and should be made available for re-use.

This will obviously have an impact on public services, the question is how much of an impact? I suspect there will be a lot of discussion in Public Sector offices around the country about this and I am keen to talk to anyone involved about how this might affect them and the service they provide.

The Re-use of Public Services Regulations 2015 places a requirement on  Public services in the UK to publish data sets open source.  The question is how can they do so safely and securely. This is the subject of my PhD and what I will be working towards finding out over the next few years. The plan is to keep you posted on my progress and ponderings along the way in the hope that you might contribute, discuss and debate with me.