Emails between four bishops’ chaplains asking questions about whether priests can be shown their Clergy Current Status Letter (CCSL) have been sent to me. Clergy Current Status Letters are sent by the bishop of the diocese from where a priest is moving to the bishop of the diocese to which they are moving. The emails show that some bishops and their chaplains have not read or do not understand the “Guidance for bishops and their staff Approved by the House of Bishops on 13th March 2013” concerning “Personal Files Relating to Clergy”.
Some bishops and bishops’ chaplains are acting illegally and in ways designed to withhold information (to which they are legally entitled) from clerics, and from receiving bishops. Withholding this information has in the past allowed bishops to grant licences and PTOs to clergy in ignorance of what has sometimes been a long history of abuse committed by the clergy person. The emails demonstrate that bishops continue to act in ways that fail to protect victims by allowing clergy persons known to have abused or to be potentially abusive to move between dioceses.
The first email:
"One of our area bishops has been asked if a priest can see CCSLs (Clergy Current Status Letter) written about him. There isn’t an issue in the sense that I’m sure the CCSLs are positive, but our bishops were wondering what procedure is elsewhere. I’m tempted to say that the priest has to put in a request under the DPA and deal with it that way – does this sound reasonable?"
An area bishop does not know that priests have a statutory right to be given access. The chaplain does not know that the priest has a legal right to see the letter, nor that Guidance was published in 2013. The chaplain indicates that they think that there is no issue in this particular case because “I’m sure the CCSLs are positive”. This is exactly the kind of thinking that still seems to be endemic in the Church of England. Here is what the House of Bishops’ Guidance says:
62. The DPA confers a right of access by an individual to personal data held about him or her. This does not mean, however, that clergy can simply walk into the bishop’s office and demand to see their files. Under the DPA, a subject access request must be made in writing and a fee of not more than £10 may be charged.
63. Once the fee has been paid, and the bishop has received sufficient information from the applicant to enable him to comply with the request, he has 40 days in which to do so. The information should be supplied in the form of copies unless that would involve disproportionate effort. This defence of disproportionate effort should not, however, be invoked lightly, as the Information Commissioner is likely to scrutinise closely any reliance on it.
64. Not all personal data should necessarily be disclosed on a subject access request, and bishops should seek advice from the diocesan registrar. In particular, care must be taken when any information relates to an identifiable third party. Such information should not normally be disclosed without the third party’s consent, unless it is reasonable in all the circumstances to do so.
65. There are also exceptions which permit data to be withheld on a subject access request where disclosing it would prejudice the prevention or detection of crime, or the proper exercise of functions designed to protect the public from professional misconduct or incompetence.
The second email:
"I have had a few requests to see Blue Files as a whole. I have taken the view that I will deal with these collegially, so I simply take out of the Blue File anything that is not the priest in question's data, and then invite him or her to come and sit in my room and read the file. As the CCSL is part of the blue file I wouldn't see any reason not to do that in any individual instance.
"Having said that, there is a wider question than the individual instance. I think if the practice became widespread it might create an atmosphere in which it was hard for Bishops to write one to another with the necessary frankness. I suppose that would be an argument in favour of treating each one as a subject access request."
The Blue File is the Confidential Personal File held in each diocese for every deacon and priest. The House of Bishops’ Guidance is very clear about what should and shouldn’t be in each clergy Blue File:
Personal Files relating to Clergy
5. The DPA sets out eight fundamental principles which must be observed when processing personal data. These can be summarised as follows:
1) Personal information must be processed fairly and lawfully.
2) It must be obtained for one or more lawful and specified purposes, and processed in a manner compatible with that purpose or those purposes.
3) It must be adequate, relevant, and not excessive in relation to the purpose(s) for which it is processed.
4) It must be accurate and, where necessary, kept up to date.
5) It must not be kept for any longer than is necessary for the purpose(s) for which it is processed.
6) It must be processed in accordance with the rights conferred by the DPA on the person who is the subject of the information (‘the data subject’).
7) Appropriate measures must be taken to protect the information from unauthorised or unlawful processing and against accidental loss, destruction or damage.
8) The information must not be transferred to a country outside the European Economic Area unless that country has an adequate data protection regime.
The second chaplain reveals that Blue Files in their diocese contain information not related to the cleric. It shouldn’t be there and any irrelevant information should have been removed when, as a matter of routine, the file was checked to ensure it was up to date.
The chaplain then commits to writing one of the fallacies that have enabled abusive clerics to move between dioceses and operate with relative impunity in the church. “If the practice [of allowing clergy to read their own Blue File] became widespread it might create an atmosphere in which it was hard for Bishops to write one to another with the necessary frankness.” This is a scandalous, illegal attitude, still justified by some bishops and their chaplains and still, possibly, common in the mind set of the majority of bishops.
There should be nothing in a cleric’s Blue File that the cleric does not know about – re-read the Guidance notes above. The purpose of the guidance about personal information, however uncomfortable it may be, is for the protection of the integrity of the church, the avoidance of abuse (and collusion in abuse) and to assist the cleric to confront and deal with problems that might affect their ministry. The information is there to be used positively and creatively.
The third email:
"I can see the desire for the CCSL process to be frank and honest, but I’m struggling to see the need for a DPA request to see a CCSL. It’s not meant to be a full reference, just a statement of facts. If the minister in question is not aware of what will be in the contents I think that suggests a lack of either self-awareness or communication between minister and bishop. Treating them as easily available to the subject might also squash the tendency for these factual documents to bloat into fuller types of references."
This chaplain has a good grasp of the legal requirements. They also know that if “the minister in question is not aware of what will be in the contents I think that suggests a lack of either self-awareness or communication between minister and bishop.” I would have expected all bishops’ chaplains to have received a proper induction and to have been selected because they have some insight and wisdom about the performance of clergy and bishops. If a cleric lacks self-awareness, that in itself might be or should be something to be discussed at their regular performance interview and therefore to be noted on file. A bishop should be aware when communication between him or her and a particular cleric is lacking. Inadequate communication may be justified on the grounds that both bishops and clerics are too busy nowadays with the many other requirements placed on them. Exactly!
The fourth email:
"The CCSL is not supposed to be shared with anyone apart from the bishop to whom it was written. We have always treated them as legally privileged and removed them when priests ask to see their files. This is a process I would vigorously and vociferously defend. Bishop’s do talk to each other when they meet (I am led to believe!), but the CCSL is a very useful way of saying things that need to be said. If they are available to the clergy concerned there is a very real risk that they will lose much of their value – and all of their interest!"
The content of this email shocked me. It advocates actions that are totally illegal. Bishops are not legally allowed to remove a CCSL when a cleric asks to see their file. The chaplain is prepared to defend this practice vigorously and vociferously. If they were defending this practice vociferously in public they could be arrested. The chaplain reveals the sneaky, dishonest, illegal, corrupt way in which some members of the Church of England hierarchy operate, even now in the wake of the IICSA Chichester hearings. Files have value when they are accurate and honest and every cleric knows what is on their file. The attitude that files lose much of their value and all of their interest comes from that culture in the church that abuses power and authority and results in systemic abuse. This is a prime source of systemic abuse in the church.
Having read and digested the content of these emails and consulted one or two close friends, I asked on an internet forum for clergy to message me, privately if they wished, to tell me about any experience they may have had in requesting access to their Blue File. All but one response was made publicly:
“I read mine. It had been comprehensively cleansed and redacted before I was allowed to see it. Waste of time.”
“I suspect mine was too before I saw it.”
“Snap, and therefore gave a totally false impression of me and what had happened. Except it didn't feel like a waste of time, it felt abusive and left me feeling angry and powerless yet again.”
“One of my women clergy friends finally had access (she had to persist) to her blue file and even (I think) has a copy of what she saw, with names of those who spoke against her (and lied) blacked out. She went via the Data Protection Access route. The diocese was Chichester (surprise?). She was not moving.”
“We had had a long dispute with the diocese and only managed to get any action when an email was accidentally forwarded to us, which indicated that they had intended to withhold key information from us. I requested my clergy file a number of times and was simply advised that there was nothing "unusual" in it. I was curious to see what of our and their correspondence was in my file and also whether any mention was made of my sexuality. I eventually (years later) obtained a copy of it by submitting a Freedom of Information request, at a fee. I suspect the file had been edited before being sent to me, as there was only my most recent communication about the issue, but nothing else. Unless they did actually have nothing else in there, but I'll never know.”
“I wasn't offered a post I'd been interviewed for, and disagreed with their reasons for not appointing me, which I told them at the time. I waited 2 years and then sent in another Freedom of Information request to that Diocese's HR dept. I suspect that what I was sent had been edited so I couldn't see much of the bishop's communication. My scores on application form were good, and I think I performed well on the day.”
“I have heard 3rd hand, that one diocese started a new file for a clergy person who was asked to leave a post for suspicious behaviour around children (not illegal, just concerning). The bishop in question then recommended this person for a post where they would be working with young people. After a few years, a comment by the person concerned a member of staff and some investigation was done, when they discovered there was another file for the person that they never knew existed.”
One person commented on the thread:“So how does all of this accord with the new data protection regulations? A quick glance tells me it might be highly dodgy.” New data protection regulations are about to come into force but the existing regulations informed the Bishops’ Guidance issued in 2013. All bases are already covered, but five years after the admirably clear Guidance was issued, some bishops and their chaplains are still unaware of it.
I was shocked by the chaplains’ emails. Am I naive? overly optimistic? Clearly I am. After 25 and more years of involvement with Anglican attitudes to LGBTI people I know what the culture and practice is like. It’s abusive, manipulative, dishonest, unchristian, self-serving, often designed to protect the reputation of the church and individual bishops above the protection of victims.
My recommendation would be that every bishop and every bishop’s chaplain re-read (or read for the first time in some cases, I suspect) the House of Bishops Guidance, and read the Guidance again every time a cleric asks to see their Blue File.
A radical change of culture is required. The IICSA hearings are having an effect and two further sets of hearings later this year may result in further changes in the Church of England’s performance. The focus at the moment in on safeguarding and protection, with additional categories of people at parish level needing some level of clearance. Change is needed at the top level. The College of Bishops need further training. The induction process every new bishop goes through might also need to be revised and made more rigorous.
Below are further selected paragraphs from the House of Bishops Guidance that you may find helpful and relevant.
Extracts from House of Bishops Guidance
6. The DPA (Data Protection Act) https://ico.org.uk/for-the-public/personal-information/ also provides that certain information is to be treated as ‘sensitive personal data’ in relation to which particular conditions apply. This includes information about a person’s religious beliefs, racial or ethnic origin, political opinions, sexual life, physical or mental health, union membership or criminal record (including any allegation that a criminal offence has been committed).
10. A duty of confidence arises where information which is not already lawfully in the public domain is given on the understanding that it will not be shared with others. This understanding may be explicit, or it may be clear from the circumstances that there was a legitimate expectation on the part of the person giving the information that it would be held in confidence.
11. There is no breach of the duty of confidence where the person to whom the duty is owed has given consent to the disclosure. Where such consent has not, for whatever reason, been obtained, information may nonetheless be shared provided that this can be justified in the public interest. Where the information relates to the commission of a crime or where there is reasonable cause to believe that a child or adult may be at risk of serious harm if the information is not disclosed to the proper authorities, the public interest test is clearly satisfied.
12. In other cases, the key factors are necessity and proportionality. The person holding the confidential information must weigh up what might happen if the information is shared against what might happen if it is not, and make a decision based on a reasonable judgement as to whether the proposed sharing is likely to make an effective contribution to preventing or reducing a risk (e.g. of malpractice or incompetence) to which the public would otherwise be subjected.
13. The bishop needs to take account of the data protection principles described in paragraph 5 above when deciding what information should be held in any clergy personal file. The bishop should consider the following questions in relation to any category of personal data:
- Is there a proper and lawful reason why I need to have this information? The first and second data protection principles state that personal data must only be obtained for a lawful and specified purpose.
- Do I have the cleric’s consent to hold this information on file? If not, does the DPA allow me to hold it without such consent? Because the information in clergy personal files is held in the context of their Christian ministry, much of the personal data in those files is likely to be regarded by the Information Commissioner as sensitive personal data for the purposes of the DPA, and the default position is that processing such data requires the explicit consent of the data subject.
15. As explained in paragraph 13 above, the default position in relation to sensitive personal data is that any processing requires the explicit consent of the data subject. This should not present any problem where the information has been supplied by the individual to whom it relates, provided that he or she understands the purposes for which it will be used (as to which see the section on privacy notices later in this guidance). Where information is supplied by a third party (i.e. a person outside the bishop’s office and senior staff) without the consent of the cleric concerned having been obtained through a privacy notice or otherwise, the bishop will need to consider whether the circumstances permit him to hold it on that basis.
16. Where information is supplied by a third party (i.e. a person outside the bishop’s office and senior staff) without the consent of the cleric concerned having been obtained through a privacy notice or otherwise, the bishop will need to consider whether the circumstances permit him to hold it on that basis.
17. The DPA (and subordinate legislation made under it) set out a limited number of situations in which processing sensitive personal data without consent is permitted, including where the processing:
(a) is in the substantial public interest and is necessary for the prevention or detection of any unlawful act;
(b) is in the substantial public interest and is necessary for the discharge of any function which is designed to protect members of the public against dishonesty, malpractice or other seriously improper conduct, or the unfitness or incompetence of any person;
(c) is necessary for the exercise of any function conferred by an enactment (which includes a Measure of the Church of England); or
(d)is necessary in connection with any actual or prospective legal proceedings, or for the purpose of obtaining legal advice;
(e) relates to members or regular contacts of a not-for-profit religious organisation, provided that the data is not shared with third parties without consent.