Dear Patric Grundy,

 

Freedom of Information request F23-376

 

Thank you for your request for information dated 9 July 2023, received by
us on the 10 July 2023, which is copied below.

 

We will endeavour to respond to your request promptly but in any case
within 20 working days i.e. on or before 9 August 2023.

 

If you have any queries about your request, please use the request number
quoted above and in the subject line of this email.

 

Yours sincerely,

 

Sarah Price

Information Compliance Support Officer
Information Compliance

Governance Office
House of Commons, London SW1A 0AA
[1]parliament.uk

 

 

For information about what the House of Commons does with your personal
data please see our [2]privacy notices.
[3][IMG]

The House of Commons welcomes feedback. If you have any compliments,
complaints or comments
about the service that you have received please complete the online
[4]feedback form

 

 

 

 

 

 

From: Patric Grundy <[FOI #1000998 email]>
Sent: 09 July 2023 09:50
To: FOI Commons <[email address]>
Subject: Freedom of Information request - Handbook on facilities and
services for Members

 

Dear House of Commons,

I am aware of the publication of this document (Handbook on facilities and
services for Members) of the 2008 edition, I presume that in the last
years this document has been updated or replaced. I seek the most recently
available edition of this document or it's replacement.

Yours faithfully,

Patric Grundy

-------------------------------------------------------------------

Please use this email address for all replies to this request:
[5][FOI #1000998 email]

Is [6][House of Commons request email] the wrong address for Freedom of
Information requests to House of Commons? If so, please contact us using
this form:
[7]https://www.whatdotheyknow.com/change_re...

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[8]https://www.whatdotheyknow.com/help/offi...

For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[9]https://www.whatdotheyknow.com/help/ico-...
[10]https://www.whatdotheyknow.com/help/ico-...

Please note that in some cases publication of requests and responses will
be delayed.

If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.

show quoted sections

Dear Patric Grundy,

 

 

Freedom of Information Request F23-376

 

Thank you for your request for information as copied below. You asked the
House of Commons to be provided with a copy of the most recent edition of
the Handbook on facilities and services for Members, commonly referred to
as the Members’ Handbook.

 

This information is held by the House of Commons. We hold a copy of the
most recent edition of the Members’ Handbook. At the time of your request,
this is the 2021 edition, and a copy of this is attached.

 

Please note that some information within the Handbook has been exempted
from disclosure in accordance with certain sections of the Freedom of
Information Act 2000 (FOIA). Details of these exemptions are provided
below.

 

Section 40 – Personal information

 

Some information within these documents, specifically names, job titles
and contact details of both House of Commons’ staff as well as teams and
staff of third-party organisations, has been withheld in accordance with
section 40(2) FOIA. This is because we have concluded that the disclosure
of this information would not be consistent with the data protection
principle found in Article 5.1(a) of the UK General Data Protection
Regulation (UK GDPR). This is an absolute exemption and the public
interest test does not apply.

 

Section 24 – National security

 

Some parts of these documents, specifically those relating to
parliamentary passes, security measures, non-public areas, log-in details
for third-party websites and cyber security details, are exempt by virtue
of section 24(1) FOIA, because it is necessary to prevent prejudice to
national security. This is a qualified exemption and the public interest
test applies.

 

We have considered the public interest in disclosing this information.
Releasing these details in this instance would provide an even greater
insight into the work and functions of both the House and Members, and
would help educate the public. Furthermore, as the House is financed from
the public purse, we accept that there is a public interest to be able to
review and scrutinise services to Members in full.

 

However, we have also considered the public interest in withholding this
information.  Disclosing details of our cyber security measures and
details of third-party websites and how to access puts our users at risk,
and fundamentally our network and any data on it too. Our IT network forms
part of the Critical National Infrastructure, which has been identified as
an asset that faces a high level of threat from cyber-attacks (including
phishing attacks) and which, if breached, would cause damage to the
national interest. The network is used by House staff, MPs and their
staff, as well as MPs in their capacity as Ministers, for the purposes of
communication, scrutinising the work of the government and also in their
parliamentary functions. Likewise, restricting information on the use of
parliamentary passes, non-public areas and security measures ensures that
those who trespass onto the estate are more likely to be caught out by
these measures.

 

The provision of the security details in the Handbooks would be useful to
malicious groups and individuals looking to target Parliament, including
the parliamentary estate or to carry out a cyber-attack against the
parliamentary network, and would in turn increasing their ability to
launch cyber-attacks, particularly via phishing attacks. These details
might also aid malicious individuals or groups in remaining undetected on
the estate. Any breach of the network could enable access to a wide range
of sensitive material and could affect the ability of the House to carry
out its business properly, while access to the parliamentary estate by
malicious groups could allow them to steal confidential or sensitive
information, particularly if they were aware of where this might be
located, or launch targeted attacks against specific individuals. In
either instance, this would drastically affect the ability of the House to
carry out its business properly, and would likely have a knock-on effect
on Government in turn.

 

For these reasons it is our view that the public interest in maintaining
the exemption outweighs the public interest in disclosing the information.

 

Section 31 – Law enforcement

 

This same information is also withheld as its disclosure would be likely
to prejudice the prevention and detection of crime and the apprehension of
offenders. Therefore, this information is exempt in accordance with
section 31(1)(a)and (b) FOIA. This is a qualified exemption and the public
interest test applies.

 

We have considered the public interest in disclosing this information. As
before, releasing these details would help the public to gain an even
greater insight into how the House functions, as well the work Members and
how they interact with the estate.  Furthermore, as these aspects are
financed from the public purse, we accept that it is in the public
interest to be able to review and scrutinise them.

 

We have also considered the public interest in withholding the
information. The information within these guides contain certain sensitive
elements relating to physical and security measures implemented by the
House, including passes, details of non-public areas of the estate, and
others processes. Releasing details of security measures within this
document would provide significantly helpful towards those looking to
target the estate with malicious intent, as it would allow them to plan
accordingly to counteract and circumvent them, significantly increasingly
the likelihood of them succeeding in their actions as a result. The
release of security details relating to pass access would aid this further
because if they were able to acquire a pass it would better allow them to
access the parliamentary estate for malicious purposes when used in
combination with details of our security measures. Disclosing the log-in
details for third-party websites within these documents could provide
fraudulent access to these sites, which may provide them access to
sensitive information. These details may allow them to compromise these
sites in order to use for them phishing attacks against Members for the
same reason.

 

Furthermore, disclosing details of our cyber security measures would
better allow these same malicious groups to target our systems or specific
devices, likely leading to an increase in cyber-attacks against the House
and Members and increasing their chances of success as a result. The
disclosure of any sensitive security or cyber security measures would
prejudice the effectiveness of law enforcement and/or security services
who protect Parliament, and make it more difficult for them to intercept
or apprehend offenders.  In each instance, the release of this information
would therefore prejudice the prevention and detection of crime in a way
which would not occur were this information withheld from release instead.

 

In these circumstances therefore, it is our view that the public interest
in maintaining the exemption outweighs the public interest in disclosing
the information.

 

Section 38 – Health and safety

 

We also consider that disclosing information about measures in place to
protect the physical security of Members and the parliamentary estate,
including how access to the estate is protected and procedures to respond
to threats to the safety of Members, would be likely to endanger the
physical or mental health of individuals within the estate. Therefore,
this information is exempt by virtue of Section 38(1)(a) and (b) FOIA,
which is a qualified exemption and the public interest test applies.

 

We have considered the public interest in disclosing this information. It
is important for the public to know that those who work on or visit the
parliamentary estate can do safely and without fear of harm. The release
of any information would reassure that Parliament takes extensive measures
to protect the physical health of those who access the estate.  The mental
health of these persons may also be reassured by the confirmation of this
information, making them more likely to want to interact with the estate.
Lastly, as any security measures which may have been implemented would be
publicly funded, there is also a public interest in showing measures that
these methods are not only effective and appropriate but are also
cost-effective.

 

However, we have also considered the public interest in withholding this
information. Parliament has a duty to ensure that the physical and mental
wellbeing of those who access the estate, including visitors and
passholders. It has a duty to ensure the safety of those individuals, and
this also extends to the release of any information which may compromise
their safety. A safe and secure environment is a fundamental need for
those on the estate to ensure they can carry out their work without threat
or fear of violence.  The release of this information would be likely to
endanger the safety of those on the estate as it would allow malicious
groups or individuals to plan against security measures designed to
protect them.  Furthermore, any information released would be likely to
harm the mental wellbeing of those who use the estate by creating a
greater sense of unease and vulnerability.  This could also potentially
lead to pass holders and visitors alike refusing to attend the estate out
of fear for their own safety, which would in turn disrupt many of the core
aspects of the parliamentary process.

 

In these circumstances therefore, it is our view that the public interest
in maintaining the exemption outweighs the public interest in disclosing
the information.

 

 

You may, if dissatisfied with the handling of your request, complain to
the House of Commons. Alternatively, if you are dissatisfied with the
outcome of your request you may ask the House of Commons to conduct an
internal review of any decision regarding your request.  Complaints or
requests for internal review should be addressed to: Information
Compliance Team, Governance Office, House of Commons, London SW1A 0AA
or [1][House of Commons request email].  Please ensure that you specify the full
reasons for your complaint or internal review along with any arguments or
points that you wish to make.

 

If you remain dissatisfied, you may appeal to the Information Commissioner
at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9
5AF, [2]https://ico.org.uk/.

 

Yours sincerely,

 

Information Rights Officer
House of Commons Information Compliance Team
House of Commons, Palace of Westminster, London SW1A 0AA 
[3]parliament.uk
[4][IMG]

[5]House of Commons Privacy Notice for the public

[6]Supporting a thriving parliamentary democracy

 

 

 

From: Patric Grundy <[FOI #1000998 email]>
Sent: 09 July 2023 09:50
To: FOI Commons <[email address]>
Subject: Freedom of Information request - Handbook on facilities and
services for Members

 

Dear House of Commons,

I am aware of the publication of this document (Handbook on facilities and
services for Members) of the 2008 edition, I presume that in the last
years this document has been updated or replaced. I seek the most recently
available edition of this document or it's replacement.

Yours faithfully,

Patric Grundy

-------------------------------------------------------------------

Please use this email address for all replies to this request:
[7][FOI #1000998 email]

Is [8][House of Commons request email] the wrong address for Freedom of
Information requests to House of Commons? If so, please contact us using
this form:
[9]https://www.whatdotheyknow.com/change_re...

Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[10]https://www.whatdotheyknow.com/help/offi...

For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[11]https://www.whatdotheyknow.com/help/ico-...
[12]https://www.whatdotheyknow.com/help/ico-...

Please note that in some cases publication of requests and responses will
be delayed.

If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.

show quoted sections