Nid ydym yn gwybod a yw'r ymateb mwyaf diweddar i'r cais hwn yn cynnwys gwybodaeth neuai peidio - os chi ywBen Quinn mewngofnodwch a gadael i bawb wybod.

Prevent - University registers of research and 'firewalls' (corrects omission of full name in previous request)

Ben Quinn made this Rhyddid Gwybodaeth request to University of Bristol as part of a batch sent to 77 authorities

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

We're waiting for Ben Quinn to read recent responses and update the status.

(NOTE: This request is being made to correct the omission of my full name in a request which was made on October 15. The request is exactly the same. Please find my full name at the end of this message)

Under the Freedom of Information Act, please provide the following:

1. Your Prevent action plan or any document that outlines your institution’s Prevent policy in line with your obligations under the Counter Terrorism and Security Act 2015

2. Confirm if students, researchers and members of staff are obliged to register research which is deemed to be security sensitive

3. If such a register exists, the number of entries for each of the years 2018 (up to the date of this request), 2017, 2016 and 2015. By entries, I mean occasions on which individuals have registered research which falls into the category set out in bullet point 2. If possible, please identify the nature of the research (eg PhD, internally funded, externally funded) and topic

4. If such a register exists, confirm whether or not it is stored onsite or on an external server.

5. If such a register exists, confirm whether the register is subject to any information sharing agreements with external partners or agencies including local and regional Prevent coordinators, the Home Office, the local Counter Terrorism Intelligence Unit, the local police or any other law enforcement agencies

6. A list of any agreements, arrangements or Memorandums of Understanding between your institution and bodies such as the Internet Watch Foundation (IWF), the Counter Terrorism Internet Referral Unit (CTIRU) of the Metropolitan Police Service (MPS), or Police Intellectual Property Crime Unit (PIPCU) of the City of London Police, to receive lists of illegal or illicit content, for instance for the purposes of blocking.

7. Confirm if any filtering or blocking service that your institution uses incorporate lists from the IWF, CTIRU or PIPCU, and which lists are incorporated.

Yours faithfully,
Ben Quinn

University of Bristol FOI mailbox, University of Bristol

Thank you for your e-mail.  The University will endeavour to respond to
your request under the Freedom of Information Act within 20 working days.
 However, we are currently experiencing a delay in providing responses.

We are currently short staffed and have a significant backlog
of requests which we are working through as quickly as we can.  This means
that some responses may be delayed beyond the statutory 20 days.  We
apologise for any inconvenience that this may cause. We have contacted the
Information Commissioner’s Office to explain the situation.

 

We may need to ask you certain questions to clarify your request to ensure
we fully understand what information is being requested. If so, the 20
working day deadline will be calculated once we have received such
clarification. 

 

The University's A-Z index can help in locating information that is
publicly available on the University's
website: [1]http://www.bristol.ac.uk/index/

 

Our Publication Scheme is available
at: [2]http://www.bristol.ac.uk/media-library/s...

 

The Higher Education Statistics Agency (HESA) annually publish certain
data about students and higher education, and also have a bespoke data
request service: [3]https://www.hesa.ac.uk/

 

For further information about the University's FOI procedure, please
see: [4]http://www.bristol.ac.uk/secretary/foi/

References

Visible links
1. http://www.bristol.ac.uk/index/
2. http://www.bristol.ac.uk/media-library/s...
3. https://www.hesa.ac.uk/
4. http://www.bristol.ac.uk/secretary/foi/

University of Bristol FOI mailbox, University of Bristol

Dear Mr Quinn

 

Freedom of Information Request (our reference FOI18-483)

 

We refer to your Freedom of Information request dated 15 October 2018. We
apologise for the significant delay in responding to your request. Due to
staff absences in 2017 and 2018 we have a backlog of requests that we are
working through as quickly as we can.

 

You requested the following information:

 

“1. Your Prevent action plan or any document that outlines your
institution’s Prevent policy in line with your obligations under the
Counter Terrorism and Security Act 2015

2. Confirm if students, researchers and members of staff are obliged to
register research which is deemed to be security sensitive

3. If such a register exists, the number of entries for each of the years
2018 (up to the date of this request), 2017, 2016 and 2015. […]

4. If such a register exists, confirm whether or not it is stored onsite
or on an external server.

5. If such a register exists, confirm whether the register is subject to
any information sharing agreements with external partners or agencies
including local and regional Prevent coordinators, the Home Office, the
local Counter Terrorism Intelligence Unit, the local police or any other
law enforcement agencies

6. A list of any agreements, arrangements or Memorandums of Understanding
between your institution and bodies such as the Internet Watch Foundation
(IWF), the Counter Terrorism Internet Referral Unit (CTIRU) of the
Metropolitan Police Service (MPS), or Police Intellectual Property Crime
Unit (PIPCU) of the City of London Police, to receive lists of illegal or
illicit content, for instance for the purposes of blocking.

7. Confirm if any filtering or blocking service that your institution uses
incorporate lists from the IWF, CTIRU or PIPCU, and which lists are
incorporated.”

 

University’s Response

 

Further to Section 1 of the Freedom of Information Act 2000 (the “Act”) we
confirm that the information requested is partially held by the University
of Bristol (the “University”).

 

1. Your Prevent action plan or any document that outlines your
institution’s Prevent policy in line with your obligations under the
Counter Terrorism and Security Act 2015

The University considers this information to be exempt from disclosure
under sections 24 and 31 of the Act.

 

Section 24 of the Act provides that information is exempt from disclosure
if withholding it from release into the public domain is required for the
purpose of safeguarding national security.

 

The University considers that disclosure of the information requested
would put the University at risk of unwittingly revealing gaps or
weaknesses in its Prevent compliance and its security policies and
procedures, which could be exploited by groups looking to influence or
radicalise staff or students. This in turn could lead to an increased
threat to national security. The University therefore considers that
exemption from disclosure is required to safeguard national security.

 

Section 31 of the Act provides that information is exempt from disclosure
if its release would be likely to prejudice the prevention or detection of
crime.

 

As with Section 24, the University considers that disclosure of the
information requested would put the University at risk of unwittingly
revealing gaps or weaknesses in its Prevent compliance and its security
policies and procedures, which could be exploited by individuals or groups
intent on committing criminal acts against the University, its staff or
students. Putting this information into the public domain would prejudice
the prevention or detection of crime and, consequently, the University
considers it is exempt from disclosure under Section 31(1)(a).

 

Public interest test

 

Both sections 24 and 31 of the Act are qualified exemptions, and we are
therefore required to consider the public interest arguments for and
against disclosure. There is a public interest in disclosure of the
information requested to demonstrate how the University is complying with
its obligations under Prevent, so that the public may be reassured that
the University is alert to the risks posed by extremist groups within
higher education, and the risk of suffering potential criminal activity,
and is taking steps to minimise those risks.

 

However, there is also a public interest in ensuring that information
relating to Prevent compliance is not disclosed where that information
could expose particular risks, issues or areas of concern at the
University which could be used by groups or individuals seeking to exploit
them. This could include influencing or radicalising staff or students, or
committing malicious acts against the University, its staff, students or
property. In turn, this could potentially pose both a threat to national
security and prejudice the prevention and detection of criminal activity.

 

The requested information could be of greater value to parties intent on
this kind of activity when combined with other information. For instance,
when combined with the Prevent submissions of other higher education
institutions or public organisations it could reveal areas where police or
security agencies are more or less active.

 

The Information Commissioner’s Office have recognised in previous decision
notices that criminals and terrorists can be highly motivated and go to
extensive lengths to gather intelligence. Therefore, although information
contained in the University’s Prevent documents may appear to be
relatively harmless or of little value on its own, if pieced together with
other information that could potentially be obtained, its value to a
motivated party increases and the public interest in withholding it
increases further.

 

The ability of the University to take all possible steps to preserve
national security and prevent and detect crime is of paramount importance.
On balance, the University considers that the public interest in enabling
this overrides the public interest in having sight of the documents
requested. Therefore, the exemptions contained in sections 24 and 31 of
the Act are invoked.

2. Confirm if students, researchers and members of staff are obliged to
register research which is deemed to be security sensitive.

 

All staff and students engaged in research must refer to the University’s
policies on Ethics of Research and on Research Governance and Integrity.
Projects that are flagged through the University ethics review system as
potentially needing additional due diligence in line with the Prevent Duty
requirements are registered with the University’s Research Governance
team.  The Research Governance team ensures that any requirements for
additional due diligence are addressed.

3. If such a register exists, the number of entries for each of the years
2018 (up to the date of this request), 2017, 2016 and 2015. By entries, I
mean occasions on which individuals have registered research which falls
into the category set out in bullet point 2. If possible, please identify
the nature of the research (eg PhD, internally funded, externally funded)
and topic

It is not currently possible to perform an automated search for projects
that are deemed security sensitive, as projects are not flagged in this
manner on the database. The Research Governance team is responsible for
reviewing research proposals that are deemed ‘high risk’ for various
reasons, and the database contains information relating to over 3,000
projects. We consider that the time taken to locate, retrieve and extract
the information requested via a manual search would exceed the appropriate
limit referred to in section 12 of the Act and in the Freedom of
Information and Data Protection (Appropriate Limit and Fees) Regulations
2004. Consequently, this information is considered exempt from disclosure.

4. If such a register exists, confirm whether or not it is stored onsite
or on an external server.

The Research Governance database is held on a University server.

5. If such a register exists, confirm whether the register is subject to
any information sharing agreements with external partners or agencies
including local and regional Prevent coordinators, the Home Office, the
local Counter Terrorism Intelligence Unit, the local police or any other
law enforcement agencies

The Research Governance register is not subject to any information sharing
agreements.

6. A list of any agreements, arrangements or Memorandums of Understanding
between your institution and bodies such as the Internet Watch Foundation
(IWF), the Counter Terrorism Internet Referral Unit (CTIRU) of the
Metropolitan Police Service (MPS), or Police Intellectual Property Crime
Unit (PIPCU) of the City of London Police, to receive lists of illegal or
illicit content, for instance for the purposes of blocking.

 

This information is not held by the University. The University is not
party to any such agreements, arrangements or MOUs.

7.  Confirm if any filtering or blocking service that your institution
uses incorporate lists from the IWF, CTIRU or PIPCU, and which lists are
incorporated.

 

The University does not block content based on lists from these
organisations.

 

Internal Review Procedure

 

If you are dissatisfied with the handling of your request, then you have a
right under Section 50 of the Act to request an internal review.  All such
requests must be sent to us within 40 days, and must clearly state our
reference number (at the top of this email) and your reason for requesting
an internal review.  We will respond to your request for an internal
review within 20 working days of receipt.

 

Your request for an internal review should be sent to:

 

Director of Legal Services

Secretary’s Office

University of Bristol

Senate House

Tyndall Avenue

Bristol

BS8 1TH

 

Or you can email your request to [University of Bristol request email],
quoting your FOI reference number at the head of this letter.

 

Information Commissioners Office

 

Should you remain dissatisfied with the final outcome of the internal
review then you may apply directly to the Information Commissioner (the
“ICO”) for an independent review.  The ICO is the Government’s Independent
Body responsible for overseeing the Freedom of Information Act 2000, the
Data Protection Act 1998 and The Environmental Information Regulations
2004.

 

Please note the ICO will only review cases that have exhausted the
University’s internal review procedure. All correspondence to the ICO must
quote the University’s reference number and your reasons for your appeal. 
The ICO’s contact details are as follows:

 

The Information Commissioners Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

 

More information can be found at the ICO’s website
at [1]http://www.ico.org.uk

 

Kind Regards

 

Freedom of Information Team

University of Bristol

--------------------------------------------------------------------------

From: Ben Quinn <[FOI #527964 email]>
Sent: 22 October 2018 17:15:28
To: University of Bristol FOI mailbox
Subject: Freedom of Information request - Prevent - University registers
of research and 'firewalls' (corrects omission of full name in previous
request)
 
(NOTE: This request is being made to correct the omission of my full name
in a request which was made on October 15. The request is exactly the
same. Please find my full name at the end of this message)

Under the Freedom of Information Act, please provide the following:

1. Your Prevent action plan or any document that outlines your
institution’s Prevent policy in line with your obligations under the
Counter Terrorism and Security Act 2015

2. Confirm if students, researchers and members of staff are obliged to
register research which is deemed to be security sensitive

3. If such a register exists, the number of entries for each of the years
2018 (up to the date of this request), 2017, 2016 and 2015. By entries, I
mean occasions on which individuals have registered research which falls
into the category set out in bullet point 2. If possible, please identify
the nature of the research (eg PhD, internally funded, externally funded)
and topic

4. If such a register exists, confirm whether or not it is stored onsite
or on an external server.

5. If such a register exists, confirm whether the register is subject to
any information sharing agreements with external partners or agencies
including local and regional Prevent coordinators, the Home Office, the
local Counter Terrorism Intelligence Unit, the local police or any other
law enforcement agencies

6. A list of any agreements, arrangements or Memorandums of Understanding
between your institution and bodies such as the Internet Watch Foundation
(IWF), the Counter Terrorism Internet Referral Unit (CTIRU) of the
Metropolitan Police Service (MPS), or Police Intellectual Property Crime
Unit (PIPCU) of the City of London Police, to receive lists of illegal or
illicit content, for instance for the purposes of blocking.

7. Confirm if any filtering or blocking service that your institution uses
incorporate lists from the IWF, CTIRU or PIPCU, and which lists are
incorporated.

Yours faithfully,
Ben Quinn

-------------------------------------------------------------------

Please use this email address for all replies to this request:
[FOI #527964 email]

Is [University of Bristol request email] the wrong address for Freedom of
Information requests to University of Bristol? If so, please contact us
using this form:
[2]https://www.whatdotheyknow.com/change_re...

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[3]https://www.whatdotheyknow.com/help/offi...

For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[4]https://www.whatdotheyknow.com/help/ico-...

Please note that in some cases publication of requests and responses will
be delayed.

If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.

-------------------------------------------------------------------

References

Visible links
1. http://www.ico.org.uk/
2. https://www.whatdotheyknow.com/change_re...
3. https://www.whatdotheyknow.com/help/offi...
4. https://www.whatdotheyknow.com/help/ico-...

Nid ydym yn gwybod a yw'r ymateb mwyaf diweddar i'r cais hwn yn cynnwys gwybodaeth neuai peidio - os chi ywBen Quinn mewngofnodwch a gadael i bawb wybod.