DPIAs

Response

Please find attached the following documents as requested:

 

1. Troubled Families ISA
2. Child Criminal Exploitation sharing with Bristol
3. LSU referrals to CSC
4. Safeguarding LSU Qlik sense App
5. Drive Domestic Abuse Programme (Provider Cranstoun)
6. Vulnerable Person Management App
7. GP Sharing Somerset CCG and ASC
8. One Team Meeting
9. Data Accelerator North Somerset SFTP
10. BrisDoc SWASFT
11. Soze Trial
12. Troubled Families

 

Within these documents, names and other details that would identify individuals have been redacted in accordance with the following exemption:

 

• Section 40(2) – Personal Information

 

The exceptions to this are names of individuals already in the public domain, and officers of the rank of Superintendent or above, or staff of equivalent seniority.

Section 40 is an absolute exemption if disclosure would breach any of the data protection principles. Should information be provided from which a living individual could be identified this would constitute a breach of rights provided under the Data Protection Act 2018. Information held on an individual by Avon and Somerset Police is done so lawfully and is used for a policing purpose in line with the principles set out in the UK GDPR. Our privacy policy can be viewed here.

 

Additionally, email addresses, file paths and certain details relating to security and storage of the information have been redacted under the following exemption:

 

Section 31(1) – Law Enforcement.

 

This is a qualified, prejudice based exemption, therefore there is a requirement to articulate the harm in disclosure and to consider the public interest.

 

Harm in Disclosure:

To disclose email addresses used for policing purposes would release information into the public domain that could be used by those intent on disrupting police services to interrupt operational policing. Similarly, details of file paths, storage location and security of the information would be valuable information to those with criminal intent.

 

Arguments favouring disclosure:

To disclose direct means of communication with police departments displays transparency and accountability. Details of the security and storage of the information may provide some reassurance that data is being kept securely and safely.

 

Arguments favouring exemption

Disclosure of direct email addresses not intended for general public use could result in teams being inundated with enquiries that do not pass through the usual route of our command and control system. Each enquiry received would have to be dealt with individually, which would abstract officers from their usual operational duties.

 

Details relating to security and storage of information would be of use to individuals or groups who have intentions to attack public systems and storage and disrupt public services. This could lead to operational difficulties as resources would need to be replaced in order to manage operational demand and maintain public safety.

 

Balance Test

There is a particularly strong responsibility upon the police to safeguard the security of systems on which data are held, minimise the risk of attempted attacks, and ensure the security of police information. Any benefits to transparency around security of information are outweighed by the fact that disclosure would jeopardise that security and thereby harm public safety.

 

As the email addresses are not intended for public use, the information would be of little use other than to those seeking to cause disruption.

 

On balance, the harm in disclosure outweighs any public interest in releasing the information. The decision is therefore to withhold the requested information in the interests of protecting our law enforcement capabilities.

 

This serves as a partial refusal notice under Section 17(1) of the Freedom of Information Act.

 

Finally, within document 11, two diagrams on page 13 showing the high level component architecture of Soze have been redacted under the following exemption:

 

• Section 43(2) – Commercial Interests

 

Section 43(2) is a qualified, prejudice-based exemption and as such a harm and public interest test has been conducted.

 

Section 43(2) Harm and Public Interest Test:

Harm in Disclosure:

The diagrams have commercial value to the supplier, Akkodis, as key architectural design components to Söze. They are not known or readily accessible within the market and so their disclosure would harm Akkodis’ commercial interests and be advantageous to rival companies.

 

Factors in favour of disclosure:

Disclosure would provide a better understanding of the software package that Avon and Somerset Police are spending public funds to utilise. Disclosure would display transparency and enable further public scrutiny of Avon and Somerset Police’s business plans in this area.

 

Factors in favour of withholding:

Disclosure would be likely to undermine Akkodis’ commercial interests, potentially leading to financial loss or negatively affecting business opportunities. The information being known to third parties could be used to the detriment of the business.

 

Akkodis and other companies may be discouraged from entering into agreements with Avon and Somerset Police, if it is apparent that information shared in confidence will be disclosed under the Freedom of Information Act, despite the harm caused to the commercial interests of that company.

 

Balance Test:

In balancing the above factors, I have considered the information that is being disclosed within the remaining parts of the document. I do not consider that disclosure of the high level component architecture, which the diagrams show, is necessary to provide transparency and accountability in this area. These factors are adequately served by the remaining information being disclosed. Given the harm that disclosure would cause to the commercial interests of Akkodis, the balance lies in favour of non disclosure in this case.