ICT contracts for Server Hardware Maintenance, Server Virtualisation Licenses and Maintenance and Storage Area Network (SAN) Maintenance/Support

FOI request reference: F0058748
Publication date: July 2020

Outcome

Successful

Request and response

1. Contract Title: Please provide me with the contract title.
Please use the following weblink to access a table containing this information.

https://www.nationalarchives.gov.uk/documents/f0058748-ict-contract.xlsx

2. Type of Contracts (ABOVE): Please can you provide me with one or more contract types the contract relate to: Server Hardware, Virtualisation, SAN (Storage Area Network)

Please see aforementioned table

3. Existing/Current Supplier:  Please provide me with the supplier name for each contract.

Please see aforementioned table

4. Brand:  Please state the brand of hardware or software.

Information regarding hardware and software brands is exempt under section 31 (1) (a) of the FOI Act. This exempts information if its disclosure is likely to prejudice the prevention or detection of crime. Release of this information would make The National Archives more vulnerable to crime; namely, a malicious attack on The National Archives’ computer systems.
5. Operating System / Software (Platform): (Windows, Linux, Unix, Vsphere, AIX, Solaris etc.) Please state the operating system used by the organisation.

Information regarding hardware and software brands is exempt under section 31 (1) (a) of the FOI Act. This exempts information if its disclosure is likely to prejudice the prevention or detection of crime. Release of this information would make The National Archives more vulnerable to crime; namely, a malicious attack on The National Archives’ computer systems.

6. Annual Average Spend: Please provide me with the most recent annual spend for this contract?

Please see aforementioned table

7. Contract Duration: (Please can you also include notes if the contract includes any contract Extension periods.)

Please see aforementioned table

8. Contract Expiry Date: Please can you provide me with the date of when the contract expires.
Information regarding specific start and end dates is exempt under section 31 (1) (a) of the FOI Act. This exempts information if its disclosure is likely to prejudice the prevention or detection of crime. Release of this information would make The National Archives more vulnerable to crime; namely, a malicious attack on The National Archives’ computer systems.

9. Contract Review Date: (An approximate date of when the organisation is planning to review this particular contract.)

Please see aforementioned table

10. Purchase of Servers: Could you please provide me with the month and year in which most/bulk of servers where purchased.

Please see aforementioned table

11. Number of Physical Server: Please can you provide me with the number of physical servers.

106

12. Number of Virtual Servers: Please can you provide me with the number of Virtual servers’ servers.

28

13. Brief Contract Description: I require a brief description of the service provided under this contract. Please do not just put maintenance I need at least a sentence.
Please see aforementioned table

14. Contract Owner: (The person from within the organisation that is responsible for reviewing and renewing this particular contract. Please include their full name, job title, direct contact number and direct email address.)
We are unable to provide you with this information because it would identify junior members of staff and as such is exempt from release under section 40(2) of the FOI Act. However, at The National Archives we apply the general principle that members of staff at Head of Department level and above are sufficiently senior for their names and/or job titles to already be in the public domain and are therefore not exempt from release.

The Head of IT Operations at The National Archives is Julian Muller.

The Head of Digital Archiving at The National Archives is Sonia Ranade.

The National Archives’ full contact options can be found on our website here: https://www.nationalarchives.gov.uk/contact-us/

15. If this service is part of a managed contract please can you send me the contract information for this managed service including Hardware Brand, Number of Users, Operating System, and contact details of the internal contact responsible for this contract.
There are no managed contracts.

EXPLANATORY ANNEX

Exemptions applied
Section 31: Law Enforcement
We are unable to provide you with information regarding software brands and specific contract start/end dates because this information is exempt from disclosure under section 31 (1) (a) of the FOI Act. Section 31 (1) (a) exempts information if its disclosure is likely to prejudice the prevention or detection of crime.

Section 31 is a qualified exemption and we are required to conduct a public interest test when applying any qualified exemption. This means that after it has been decided that the exemption is engaged, the public interest in releasing the information must be considered. If the public interest in disclosing the information outweighs the public interest in withholding it then the exemption does not apply and the information must be released. In the FOI Act there is a presumption that information should be released unless there are compelling reasons to withhold it.

The public interest has now been concluded and the balance of the public interest has been found to fall in favour of withholding information covered by the section 31 (1) (a) exemption. Considerations in favour of the release of the information included the principle that there is a public interest in transparency and accountability in disclosing information about government procedure and contracts. However, release of this information would make The National Archives more vulnerable to crime. The crime in question here would be a malicious attack on The National Archives’ computer systems. As such release of this information would be seen to prejudice the prevention or detection of crime by making The National Archives’ computer system more vulnerable to hacking. There is an overwhelming public interest in keeping government computer systems secure which would be served by non-disclosure. This would outweigh any benefits of release. It has therefore been decided that the balance of the public interest lies clearly in favour of withholding the material on this occasion.

Further guidance on section 31 can be found here:
https://ico.org.uk/media/for-organisations/documents/1207/law-enforcement-foi-section-31.pdf

Section 40(2): Personal Information where the applicant is not the data subject
Data Protection Legislation prevents personal information from release if it would be unfair or at odds with the reason why it was collected, or where the subject had officially served notice that releasing it would cause them damage or distress.

In this case the exemption applies because this information represents the personal information of junior members of staff at The National Archives.

Publishing the names and contact details of junior members of staff is considered an unfair use of personal data. Junior members of staff would have no expectation that information about their positions would be made available in the public domain; to do so would be unfair and contravene Art. 5 of the General Data Protection Regulation. As such, the names, positions and contact details of junior officials are withheld under section 40 (2) of the FOI Act.

Further guidance can be found at:
http://ico.org.uk/for_organisations/guidance_index/~/media/documents/library/Freedom_of_Information/Detailed_specialist_guides/personal-information-section-40-and-regulation-13-foia-and-eir-guidance.pdf