Wi-Fi contracts

FOI request reference: F0054523
Publication date: November 2018

Request

Please provide information relating to the organisation’s Wi-Fi contract(s) especially around managed guest and visitor WiFi. Please send the following contract information:

1. Wi-Fi Provider- Who is the contracted supplier for the Wi-Fi contract.
2. Average Annual Spend – Please state the annual average spend over three years for each supplier. If this is a new contract please state the estimate annual average spends. If there is more than one Wi-Fi provider please split annual for each individual provider.
3. Number of Wi-Fi Users – Please state the number of users the Wi-Fi contract is in place for. An estimate number of users will also be acceptable. If there is more than one Wi-Fi provider please state the number of users for each individual provider.
4. What is the contract Type: 1. WiFi= WiFi contract, 2. Managed=Part of a larger contract, 3. In-house=is the Wi-Fi managed and maintained in-house.
4. Number of Locations/Site – I require the number of locations/sites the Wi-Fi contract is contracted for. If there is more than one Wi-Fi provider please state the number of sites for each individual provider.
5. End User Offer- What the Wi-Fi offers to the end users e.g. Unlimited, Pay as you go, free 1 hour access or just free access. If there is more than one Wi-Fi provider please state the number of sites for each individual provider.
6. Manufacturer Name/Brand – Please provides me with the brand names of the Wi-Fi equipment which many include manufacturers of the access points and routers. If there is more than one Wi-Fi provider please state the Manufacturers Name for each individual provider.
7. Contract Description- Please provide me with a brief description of the solution in place for Wi-Fi and any other services provided under the contract. If there is more than one Wi-Fi provider please state the contract description for each individual provider.
8. Actual Contract Start Date- Please can you state the Start date of the contract. If there is more than on Wi-Fi provider please split contract dates for each individual provider.
9. Actual Contract Renewal/Expiry Date- Please can you state the renewal/expiry date of the contract. If the contract is coming up for renewal if possible please state the likely outcome of the Wi-Fi contract.
10. Contact Details – I require the person from within the organisation responsible for the Wi-Fi contract. Can you please provide me with their full contact detail including contact number and an email address? If there is more than one Wi-Fi provider please state the contract details for each individual provider.

If the organisation doesn’t have a Wi-Fi contract in place please state when the organisation plans to have a Wi-Fi contract in place. Please do this by providing a month and year and if possible what type of solutions they plan to want in place and the number of locations.

If this service is provided in-house please provide the following information:

1. Number of Users
2. Number of Locations/Site
3. End User Offer
4. Manufacturer Name/Brand
5. Contact Details- I require the person from within the organisation responsible for the Wi-Fi

If the organisation has this service (Wi-Fi) as part of a managed service please can you provide the contract details of the managed contract including:

1. Current Provider
2. Number of Users – This is normally the total number of staff with the organisation.
3. Contract Description- Please can you provide me with a brief contract description of the overall contract.
4. Contract Expiry Date- Please
5. Contract Review Date
6. Contact Details – I require the person from within the organisation responsible for the Wi-Fi contract. Can you please provide me with their full contact detail including contact number and an email address.

Outcome

Successful

Response

The National Archives holds relevant information and we are pleased to be able to provide this information to you. However, we are unable to provide you with some of the information you have requested because information regarding equipment and software models and specific start/end dates is exempt under section 31 (1) (a) of the FOI Act. This exempts information if its disclosure is likely to prejudice the prevention or detection of crime. Release of this information would make The National Archives more vulnerable to crime; namely, a malicious attack on The National Archives’ computer systems.

We are also unable to provide you with the full contact details of the person responsible for the maintenance support contracts because release of this information would identify a junior member of staff, as such this information is exempt from release under section 40 (2) (Personal Data) of the FOI Act. However, we have applied the general principle that members of staff at Head of Department level and above are sufficiently senior for their names and/or job titles to already be in the public domain, as such their information is not considered exempt under section 40(2).

We are unable to provide information relating to the initial ten-point part of your request as TNA does not have a Wi-Fi contract in place and we do not hold information relating to a plan to have a Wi-Fi contract in place.

However, we can confirm that TNA’s Wi-Fi service is provided in-house, and we are able provide you with the following information:

1. Number of Users:
Approximately 550 staff and visitor access

2. Number of Locations/Site:
One

3. End User Offer:
Free access with registration

4. Manufacturer Name/Brand:
Information exempt under section 31(1) of the FOI Act.

5. Contact Details – I require the person from within the organisation responsible for the Wi-Fi:
Information exempt under section 40(2) of the FOI Act.

The Head of IT Operations at The National Archives is Julian Muller.

The National Archives’ full contact options can be found on our website here: http://apps.nationalarchives.gov.uk/contact/

Exemptions applied:

Section 31: Law Enforcement

Section 31 (1) (a) exempts information if its disclosure is likely to prejudice the prevention or detection of crime.

Section 31 is a qualified exemption and we are required to conduct a public interest test when applying any qualified exemption. This means that after it has been decided that the exemption is engaged, the public interest in releasing the information must be considered. If the public interest in disclosing the information outweighs the public interest in withholding it then the exemption does not apply and the information must be released. In the FOI Act there is a presumption that information should be released unless there are compelling reasons to withhold it.
The public interest has now been concluded and the balance of the public interest has been found to fall in favour of withholding information covered by the section 31(1) (a) exemption. Considerations in favour of the release of the information included the principle that there is a public interest in transparency and accountability in disclosing information about government procedure and contracts.
However, release of this information would make The National Archives more vulnerable to crime; namely, a malicious attack on The National Archives’ computer systems. As such release of this information would be seen to prejudice the prevention or detection of crime by making The National Archives’ computer systems more vulnerable to hacking therefore facilitating the possibility of a criminal offence being carried out. There is an overwhelming public interest in keeping government computer systems secure which would be served by non-disclosure. This would outweigh any benefits of release. It has therefore been decided that the balance of the public interest lies clearly in favour of withholding the material on this occasion. Please note that this decision in no way implies that you would engage in any criminal or malicious activities. However as the Freedom of Information Act is an open access regime this exemption has been applied to protect our systems.

Further guidance on section 31 can be found here: https://ico.org.uk/media/for-organisations/documents/1207/law-enforcement-foi-section-31.pdf

Section 40(2): Personal Information where the applicant is not the data subject.

Section 40 exempts personal information about a ‘third party’ (someone other than the requester), if revealing it would breach the terms of the Data Protection Act (DPA) 1998.
The DPA prevents personal information from release if it would be unfair or at odds with the reason why it was collected, or where the subject had officially served notice that releasing it would cause them damage or distress. Junior members of staff would have no expectation that information about their positions would be made available in the public domain; to do so would be unfair and contravene the first data protection principle of the DPA 1998.
In this case the exemption applies because this information represents the personal information of a junior member of staff at The National Archives. Publishing the names of junior members of staff is considered an unfair use of personal data. As such, the names and positions of junior officials are withheld under section 40(2) of the FOIA.

For more information about the publication of junior staff names, please see the following link: https://ico.org.uk/media/for-organisations/documents/1187/section_40_requests_for_personal_data_about_employees.pdf

For more general information about the section 40 exemption, please see the following link: http://ico.org.uk/for_organisations/guidance_index/~/media/documents/library/Freedom_of_Information/Detailed_specialist_guides/personal-information-section-40-and-regulation-13-foia-and-eir-guidance.pdf

General guidance

You may also find the following links useful: http://ico.org.uk/for_organisations/guidance_index/~/media/documents/library/Freedom_of_Information/Detailed_specialist_guides/information_held_by_a_public_authority_for_purposes_of_foia.ashx