Prevent and Internet filtering policies

The request was successful.

Open Rights Group

Dear University of York,

Can you please supply:

(1) your policy or policy guidance for duties under the Counter-Terrorism and Security Act 2015 duties for the various local authorities listed in Schedule 6, known as “Prevent”;

(2) your policy relating to Internet filtering, blocking and prevention of access to material deemed inappropriate;

(3) the name of any providers of Internet filtering and blocking services that you use, or else a statement that you do not block or filter content at all;

(4) a list of agreements, arrangements or Memorandums of Understanding between yourselves and bodies such as the Internet Watch Foundation (IWF), the Counter Terrorism Internet Referral Unit (CTIRU) of the Metropolitan Police Service (MPS), or Police Intellectual Property Crime Unit (PIPCU) of the City of London Police, to receive lists of illegal or illicit content, for instance for the purposes of blocking.

Finally, can you:

(5) tell me if any filtering or blocking service that you use incorporates lists from the IWF, CTIRU or PIPCU, and which lists are incorporated; and

(6) provide to me any clauses within any contract or terms and conditions of service agreed with your filtering and blocking providers that relate to their use of information from the IWF, CTIRU or PIPCU.

Yours faithfully,

Jim Killock

Freedom of Information, University of York

Dear Mr Killock
Freedom of Information Request 
I acknowledge receipt of your email dated 15 May 2017 requesting
information from the University of York.
Please be advised that the University will respond as soon as possible and
in any event by 13 June 2017. 
Yours sincerely, 
Graham Hughes
Information Governance 
Information Services
University of York
Heslington
York YO10 5DD
Web: [1]www.york.ac.uk/records-management/
Email disclaimer: [2]http://www.york.ac.uk/docs/disclaimer/em...

show quoted sections

Freedom of Information, University of York

1 Attachment

  • Attachment

    Redacted version.Management Procedure Prevent Statutory Duty VS1.9 Mar 16.pdf

    765K Download View as HTML

Dear  Mr Killock
Thank you for your request for information from the University of York.
Please see our response below.

(1) your policy or policy guidance for duties under the Counter-Terrorism
and Security Act 2015 duties for the various local authorities listed in
Schedule 6, known as “Prevent”;

 

See attached PDF document. 

There are, in a small number of instances, some names and signatures in
the attached document which have been redacted in line with our data
protection obligations. As personal data, disclosure of this information
into the public domain would mean compromising individuals’ privacy and
personal information, and the University breaching its obligations under
the Data Protection Act 1998. The details have been duly redacted from the
text and the exemption for personal data under section 40(2) of the
Freedom of Information Act 2000 (by virtue of section 40(3)) has been
applied. The exemption states that personal data (as defined by section
1(1) of the Data Protection Act 1998) are exempt from disclosure where
disclosure to the public would contravene one or more of the data
protection principles. The University judges that, in this case,
disclosure would be unfair and incompatible with the purposes for which
the data was obtained. As information to which it owes a common law duty
of confidence, disclosure would also be unlawful and contrary to its
obligations under the first data protection principle. The exemption at
section 40(2) is an absolute exemption, meaning its application is not
qualified by a separate public interest test.

 

(2) your policy relating to Internet filtering, blocking and prevention of
access to material deemed inappropriate;

 

The University’s policy is to block illegal material only. Currently this
means child pornography is blocked using a facility provided by the campus
firewall.

 

Separately sites known to be serving malware are blocked for the
protection of the University’s IT systems. This is also done using a
facility provided by the campus firewall.

 

(3) the name of any providers of Internet filtering and blocking services
that you use, or else a statement that you do not block or filter content
at all;

 

Checkpoint.

 

(4) a list of agreements, arrangements or Memorandums of Understanding
between yourselves and bodies such as the Internet Watch Foundation (IWF),
the Counter Terrorism Internet Referral Unit (CTIRU) of the Metropolitan
Police Service (MPS), or Police Intellectual Property Crime Unit (PIPCU)
of the City of London Police, to receive lists of illegal or illicit
content, for instance for the purposes of blocking.

 

The University does not have any such agreements, arrangements or MoUs.

 

(5) tell me if any filtering or blocking service that you use incorporates
lists from the IWF, CTIRU or PIPCU, and which lists are incorporated; and

 

Information not held. The next generation firewall provides the lists as
part of the subscription. Their information is sourced from a number of
sources and we do not know if they contract with any of the bodies listed.

 

(6) provide to me any clauses within any contract or terms and conditions
of service agreed with your filtering and blocking providers that relate
to their use of information from the IWF, CTIRU or PIPCU.

 

See 5.

I hope this information is useful. 
Yours sincerely,
Graham Hughes
Information Governance 
Information Services
University of York
Heslington
York YO10 5DD
Web: [1]www.york.ac.uk/records-management/
Email disclaimer: [2]http://www.york.ac.uk/docs/disclaimer/em...

show quoted sections