Request
Please provide me with the total number of malicious emails blocked by your organisation over the last three calendar years (2021, 2020, 2019) broken down by year and categorised accordingly.
Example:
2020
23,000 suspected phishing emails
250,000 spam emails
13,000 malware
Outcome
Some information provided.
Response
1) Please provide me with the total number of malicious emails blocked by your organisation over the last three calendar years (2021, 2020, 2019) broken down by year
Some of this information is covered by the exemption at Section 21 of the FOI Act. Information concerning blocked emails for the period of January 2019 to September 2020 can be accessed via the following web links.
[ARCHIVED CONTENT] Spam and malicious emails blocked by TNA – Freedom of Information (nationalarchives.gov.uk)
Spam/malicious emails – Freedom of Information (nationalarchives.gov.uk)
The number of emails classed as malicious received and blocked between October and December 2020 is 34,871.
In 2021, the number of emails classed as malicious and blocked is 201,263.
2) …and categorised accordingly.
Disclosing malicious email categorisations may reveal information that would prejudice the prevention or detection of crime and is consequently exempt under section 31 (1) (a) of the FOI Act.
EXPLANATORY ANNEX
Exemptions applied
Section 21: Information readily available to the applicant by other means
Section 21 of the Freedom of Information Act 2000 (FOIA) does not oblige a public authority to provide information if it is already reasonably accessible by other means. In this case the exemption applies because the information is already available via the aforementioned web links.
Further guidance can be found at:
Information reasonably accessible to the applicant by other means (section 21) (ico.org.uk).
Section 31: Law Enforcement
We are unable to provide you with information regarding the categorisation of malicious emails received by The National Archives because this information is exempt from disclosure under section 31(1)(a) of the FOI Act. Section 31(1)(a) exempts information if its disclosure would or would be likely to prejudice the prevention or detection of crime.
Section 31 is a qualified exemption and we are required to conduct a public interest test when applying any qualified exemption. This means that after it has been decided that the exemption is engaged, the public interest in releasing the information must be considered. If the public interest in disclosing the information outweighs the public interest in withholding it then the exemption does not apply and the information must be released. In the FOI Act there is a presumption that information should be released unless there are compelling reasons to withhold it.
The public interest has now been concluded and the balance of the public interest has been found to fall in favour of withholding information covered by the section 31(1)(a) exemption. Considerations in favour of the release of the information included the principle that there is a public interest in transparency and accountability in disclosing information about government cyber security. However, release of this information would make The National Archives more vulnerable to crime. The crime in question here would be a malicious attack on The National Archives’ computer systems. As such release of this information would be seen to prejudice the prevention or detection of crime by making The National Archives’ computer system more vulnerable to hacking. There is an overwhelming public interest in keeping government computer systems secure which would be served by non-disclosure. This would outweigh any benefits of release. It has therefore been decided that the balance of the public interest lies clearly in favour of withholding the material on this occasion.
Further guidance on section 31 can be found here:
https://ico.org.uk/media/for-organisations/documents/1207/law-enforcement-foi-section-31.pdf .