Quickly exit this site by pressing the Escape key Leave this site
We use some essential cookies to make our website work. We’d like to set additional cookies so we can remember your preferences and understand how you use our site.
You can manage your preferences and cookie settings at any time by clicking on “Customise Cookies” below. For more information on how we use cookies, please see our Cookies notice.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Sorry, there was a technical problem. Please try again.
This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.
Dear Sir/Madam
Enquiry Reference: 903- 24
I write in connection with regards to your Freedom of Information request. Below is your request and our response.
I do not require the exact date each email was blocked but would appreciate monthly statistics over the requested time period.
If some of this information is unavailable, I would still appreciate the release of the parts that are available.
Section 1 of the Freedom of Information Act 2000 places two duties on public authorities. Unless exemptions apply, the first duty at Section 1(1) (a) is to confirm or deny whether the information specified in a request is held. The second duty at Section 1(1) (b) is to disclose information that has been confirmed as being held. Where exemptions are relied upon, Section 17 of the Freedom of Information Act requires that I provide the applicant with a notice which: a) states that fact b) specifies the exemption(s) in question and c) state (if that would not otherwise be apparent) why the exemption applies.
Information is exempt from disclosure by virtue of:
Section 24(1) National Security
Section 31(1)(a)(b) Law Enforcement
Section 24 is a qualified prejudice-based exemption where evidence of harm is required and a public interest test.
Section 31 is a qualified class-based exemption with a requirement to conduct a public interest test. .
Evidence of Harm
A Freedom of Information Act request is not a private transaction. Both the request itself, and any information disclosed, are considered suitable for open publication. This is because, under Freedom of Information, any information disclosed is released into the wider public domain, effectively to the world and not just to one individual.
Whilst Cleveland police confirm information is held regarding blocked emails, to provide the total number and an additional breakdown by type could undermine the safeguarding of national security, and operational law enforcement by allowing those with a criminal intent to gain an operational advantage over Cleveland police.
.
Groups planning attacks are known to conduct extensive research and will take advantage of the ‘mosaic effect’ by combining information from different sources. To disclose data on malicious email attempts which have been unsuccessful, could be used in conjunction with other publically available information to provide knowledge of where attacks have actually been successful and thus where possible weaknesses exist.
To further disclose a breakdown of the reason/type of email which has been blocked may also further assist potential attackers by indicating that a specific attack had gone undetected. With this knowledge, attackers may then be able to tailor their methods to increase their chances of success. This harm increases when further requests are made for similar data over time, as if disclosed, multiple data would cumulate to reveal a clearer picture of Cleveland police forces’ cyber-security strengths and vulnerabilities.
Furthermore, in order to counter criminal and terrorist behaviour it is vital that the police and other agencies have the ability to work together, where necessary covertly, in order to obtain intelligence within current legislative frameworks to ensure the arrest and prosecution of offenders who commit or plan to commit acts of terrorism, whereby their modus operandi may involve cyber-attacks on secure databases. In order to achieve this goal, it is vitally important that information sharing takes place with other police forces and law enforcement bodies within the United Kingdom in order to support counter-terrorism measures in the fight to deprive terrorist networks of their ability to commit crime. To disclose specific details which would identify breaches of information technology and security would be extremely useful to those involved in terrorist activity as it would enable them to map vulnerable information security databases.
Public Interest Considerations
Section 24(1) National Security
Factors favouring disclosure
The public are entitled to know how public funds are spent and how resources are distributed within an area of policing. To disclose the requested information would enable the general public to hold Cleveland police to account ensuring all such breaches are recorded and investigated appropriately. In the current financial climate of cuts and with the call for transparency of public spending this would enable improved public debate.
Factors against disclosure
Security measures are put in place to protect the community we serve. As evidenced within the harm to disclose the information requested would highlight to terrorists and individuals intent on carrying out criminal activity vulnerabilities within force systems which could be further exploited.
Taking into account the current security climate within the United Kingdom, no information which may aid a terrorist should be disclosed. The public entrust the Police Service to make appropriate decisions with regard to their safety and protection and the only way of reducing risk is to be cautious with what is placed into the public domain. The cumulative effect of terrorists gathering information from various sources is that over time a more detailed account of the tactical infrastructure of not only a force area but also the country as a whole will be revealed.
Any incident that results from such a disclosure would, by default, affect National Security.
Section 31(1) – Law Enforcement
Factors favouring disclosure
Disclosure of information relevant to this request would lead to a better informed public which may encourage individuals to provide intelligence in order to reduce the risk of security breaches.
Factors against disclosure.
Disclosure of information relevant to this request would suggest Cleveland police take their responsibility to protect information and information systems from unauthorised access, destruction, etc., dismissively and inappropriately.
Balancing Test
The points above highlight the merits and de-merits of disclosure. The Police Service is charged with enforcing the law, preventing and detecting crime and protecting the communities we serve. As part of that policing purpose, information is gathered which can be highly sensitive relating to high profile investigative activity. Weakening the mechanisms used to monitor any type of criminal activity, and specifically terrorist activity would place the security of the country at an increased level of danger.
In addition, anything that places that confidence at risk, no matter how generic, would undermine any trust or confidence individuals have in the Police Service. Therefore, at this moment in time, it is our opinion that for these issues the balance test favours non-disclosure.
The Cleveland Police response to your request is unique and it should be noted that Police Forces do not use generic systems or identical procedures to capture and record data therefore responses from Cleveland Police should not be used as a comparison with any other force response you receive.
If you are not satisfied with this response or any actions taken in dealing with your request, you have the right to request an independent internal review of your case under our review procedure. The Freedom of Information Code of Practice (see below link) states that a request for internal review should be made within 20 working days of the date on this response or 40 working days if extenuating circumstances to account for the delay can be evidenced. Public authorities are not obliged to accept internal reviews after this date.
https://www.gov.uk/government/publications/freedom-of-information-code-of-practice
Yours sincerely
Information Rights Decision Maker