Current timestamp: 23/06/2026 09:30:37
AgeAlertAnonymousAppealsApplicationsApply Or RegisterArea OutlineArrow DownArrow LeftArrow RightArrow UpAutomatic DoorsBack ArrowBusinessCalendarCashArrow DownArrow LeftArrow RightArrow Down[Missing text '/SvgIcons/Symbols/Titles/icon-chrome' for 'English (United Kingdom)']ClockCloseContactDirectionsDocumentDownloadDrawDrugExpandExternal LinkFacebookFb CommentFb LikeFiletype DefaultFiletype DocFiletype PdfFiletype PptFiletype XlsFinance[Missing text '/SvgIcons/Symbols/Titles/icon-firefox' for 'English (United Kingdom)']First AidFlickrFraudGive FeedbackGlobeGuide DogHealthHearing ImpairedInduction LoopInfoInstagramIntercom[Missing text '/SvgIcons/Symbols/Titles/icon-internet-explorer' for 'English (United Kingdom)']LaptopLiftLinkedinLocal Activity[Missing text '/SvgIcons/Symbols/Titles/icon-location' for 'English (United Kingdom)']LoudspeakerLow CounterMailMapMap PinMembershipMenuMenu 2[Missing text '/SvgIcons/Symbols/Titles/icon-microsoft-edge' for 'English (United Kingdom)']Missing PeopleMobility ImpairmentNationalityNorth PointerOne Mile RadiusOverviewPagesPaper PlaneParkingPdfPhonePinterestPlayPushchairRefreshReportRequestRestart[Missing text '/SvgIcons/Symbols/Titles/icon-rotate-clockwise' for 'English (United Kingdom)']Rss[Missing text '/SvgIcons/Symbols/Titles/icon-safari' for 'English (United Kingdom)']SearchShareSign LanguageSnapchatStart AgainStatsStats And Prevention AdviceStopSubscribeTargetTattosTell Us AboutTickTumblrTwenty Four HoursTwitter LikeTwitter ReplyTwitter RetweetUploadVisually ImpairedWhatsappWheelchairWheelchair AssistedWheelchair ParkingWheelchair RampWheelchair WcYoutubeZoom InZoom Out

Leave this site

Skip to main content

Skip to main navigation

Welcome

This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.

FOI 286/25 Data Breaches

Enquiry Reference:  286- 25                                                             

 

I write in connection with regards to your Freedom of Information request. Below is your request and our response. Please accept our sincere apologies for the late reply.

 

I am writing to make a request for information under the Freedom of Information Act 2000. As part of the UKRI International Law Enforcement Information Exchange Project (Edge Hill University), examining how information can be effectively exchanged between law enforcement agencies, we would like to ask you to provide the following information:

 

Data Breaches:

 

The number of data breaches recorded by your force in the past 10 years.

 

The agencies or external bodies involved, if any.

 

The type of data compromised.

 

The departments or units within your force affected.

 

The impact of these data breaches.

 

Whether any of these breaches were reported in the media (if so, please specify).

 

Whether the breaches were made public by the force.

 

Information Sharing Agreements:

 

What information sharing agreements your force currently has in place.

 

The number of information sharing agreements your force currently has in place.

 

The organisations or agencies these agreements are with.

 

A distinction between statutory information sharing agreements and localised agreements.

 

Operational Databases:

 

The number of separate information databases your force operates in relation to operational matters (excluding internal systems such as HR or logistical databases, clothing stores, etc.).

 

A brief description of the purpose of these operational databases. To be clear, we do not require specific titles of the databases; generic descriptions will suffice - for example: "intelligence (general)", "intelligence casework", "incident (general)", "knife crime", "gangs", etc.

 

We fully acknowledge the need to maintain operational sensitivity and are not requesting any information that would compromise security or investigative work.

 

ADR Requirements:

 

The systems your force uses to ensure compliance with the Authorised Professional Practice on Data Retention (ADR) requirements.

 

Confirmation on whether these systems fully address all ADR requirements, or whether certain requirements necessitate bespoke responses or solutions.

 

For the above we would rely on the following.

 

Section 1 of the Freedom of Information Act 2000 (FOIA) places two duties on public authorities. Unless exemptions apply, the first duty at Section 1 (1) (a) is to confirm or deny whether the information specified in a request is held. The second duty at Sec 1(1) (b) is to disclose information that has been confirmed as being held. Where exemptions are relied upon s17 of FOIA requires that we provide the applicant with a notice which: a) states that fact b) specifies the exemption(s) in question and c) states (if that would not otherwise be apparent) why the exemption applies.

 

Having made enquiries within the Force there are currently 1755 recorded incidents, each requires a manual review to create the information under Data Breaches. Each review would take approximately 5 minutes which would be a total 146 hours.

 

It would take in excess of the appropriate time stipulated by the Secretary for Constitutional Affairs, Lord Falconer on the 18th Of October 2004, that is, eighteen hours. This falls under the exemption of 'Compliance exceeding the appropriate limit' covered by Section 12 (1) of the Freedom of Information Act 2000 and as such this work could not be undertaken.

 

Therefore, if one part of the request engages Section 12 the whole request does. The reason being is because locating, retrieving and extracting any further information would only add to the already exceeded time obligations. Please treat this as a refusal notice under S17 of the Freedom of information Act.

 

Please note that all statistical data supplied in relation to Freedom of Information requests is a snapshot of data held at the time the request was received by the Freedom of Information office and is subject to constant change/updates.

 

If you are not satisfied with this response or any actions taken in dealing with your request, you have the right to request an independent internal review of your case under our review procedure. The Freedom of Information Code of Practice (see below link) states that a request for internal review should be made within 20 working days of the date on this response or 40 working days if extenuating circumstances to account for the delay can be evidenced. Public authorities are not obliged to accept internal reviews after this date.

 

https://www.gov.uk/government/publications/freedom-of-information-code-of-practice

 

Yours sincerely

Information Rights Decision Maker