GovWifi Memorandum of Understanding

Introduction

This document sets out the agreement between GovWifi, part of the Cabinet Office, and an organisation which offers GovWifi, hereafter referred to as ‘the Organisation’. This document has a particular emphasis on data protection and escalation routes between the two parties.

Purpose of GovWifi

GovWifi is developed and managed by the Cabinet Office. It is a single wifi login which can be simply installed by public sector departments over their existing infrastructure.

Anyone who registers with GovWifi will have access to wifi at any participating public sector location. It's available to civil servants, consultants and visitors to public sector organisations. It's been designed to replace user and guest wifi with a single secure wifi connection.

Background

This document covers off the UKGDPR/Data Protection Legislation requirements for organisations using GovWifi.

IT IS NOW AGREED as follows:

1. Definitions and Interpretation

1.1. In this Agreement the following words and phrases have the following meanings, unless expressly stated to the contrary:

'Data Protection Legislation' (i) the UKGDPR and any applicable national implementing laws as amended from time to time (ii) the Data Protection Act 2018 to the extent that it relates to the processing of personal data and privacy: (iii) all applicable Law about the processing of personal data and privacy;

‘Data Protection Impact Assessment' an assessment by the Controller of the impact of the envisaged processing on the Protection of personal data.

‘Data Breach' means a breach of the applicable Data Protection Laws in respect of personal data.

'Controller', 'Processor', 'Data Subject', 'Personal Data', 'Processing', and 'Special Category Data' are all defined in the UKGDPR/Data Protection Legislation. For this agreement:

The Organisation is the Data Controller for the Network Traffic Data (the data being transmitted across its network at any given time).

The Cabinet Office is the Data Controller for the GovWifi Data (see definition below).

The Organisation is the Data Controller for GovWifi data in the case where it receives GovWifi Data from the Cabinet Office following a request from the Organisation. For example, when the Organisation wants to investigate a potential breach of its Acceptable Use Policy.

The Organisation and the Cabinet Office are not established as Joint Data Controllers under this agreement. Neither the Cabinet Office nor The Organisation are Data Processors for, or on behalf of, each other under this agreement.

‘Data Subject Access Request': a request made by, or on behalf of the Data Subject in accordance with the rights granted pursuant to the Data Protection Legislation to access their personal data.

‘Data Loss Event' means any event that results, or may result in, unauthorised access to personal data held under this MoU, and/or actual or potential loss and/or destruction of personal data in breach of this MoU, including any personal data breach/loss.

'DPA 2018' Data Protection Act 2018

'Environmental Information Regulations' means the Environmental Information Regulations 2004, as amended, together with any guidance and codes of practice issued by the Information Commissioner or relevant government Organisation in relation to such regulations.

'FOIA' means the Freedom of Information Act 2000, as amended from time to time.

‘UKGDPR' means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);

'GovWifi Authentication Service' - as detailed in section 5

‘GovWifi Data' means all personal data passed by the Data Subject to the Cabinet Office for the purposes of accessing GovWifi, as set out in section 5.3 of this Agreement.

‘IAO' means Information Asset Owner, namely the individual occupying the position of Information Asset Owner within the Cabinet Office the Organisation.

'Local Wifi Network' is any LAN infrastructure that uses the GovWifi Authentication Service for authentication.

'MAC address' means “media access control address" which is a unique identifier assigned to each network interface device defined by the Institute of Electrical and Electronics Engineers.

'Network Traffic Data' means the information passed the Data Subject to the Organisation during network connectivity, but after authentication to the GovWifi Authentication Service.

'Protective Measures' appropriate technical and organisational measures which may include: pseudonymising and encrypting personal data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the such measures adopted by it.

'Request for Information' means a request for information or a request under FOIA or the Environmental Information Regulations.

'Total Claim Losses' means the total claim losses for any claim comprising both parties reasonable costs of paying for lawyers and other experts to defend the claim; any Losses, damages or other monetary compensation or fines awarded as a result of the claim; and any Third Party legal costs that either party is required to pay as a result of the claim.

'User' means any natural person (including any employee, contractor, or invitee) who registers to use and then uses the GovWifi Authentication Service.

1.2. In this Agreement a reference to any statute, enactment, order, regulation or other similar instrument shall be construed as a reference to the statute, enactment, order, regulation or instrument as amended by any subsequent statute, enactment, order, regulation or instrument or as contained in any subsequent re-enactment.

1.3. Headings are included in this Agreement for ease of reference only and shall not affect the interpretation or construction of this Agreement.

1.4. References in this Agreement to Clauses, Paragraphs and Annexes are, unless otherwise provided, references to the Clauses, Paragraphs and Annexes of this Agreement.

1.5. In the event and to the extent only of any conflict or inconsistency between:

1.5.a. the provisions of the Clauses and the provisions of the Annexes, the provisions of the Clauses shall prevail; or

1.5.b. the provisions of this Agreement and the provisions of any document referred to or referenced herein, the provisions of this Agreement shall prevail.

2. Commencement and Term

2.1. This Agreement commences upon signature by the Cabinet Office and the Organisation, and will remain in force until the GovWifi Authentication Service terminates, unless terminated early, in accordance with Clause 13.

3. Principles, Representatives and Governance

3.1. The Cabinet Office and Organisation:

3.1.a. are committed to a collaborative approach, and will operate the arrangements under this Agreement in recognition of their respective contributions and responsibilities;

3.1.b. will, as far as reasonably practicable, provide the appropriate resources, including adequately skilled staff or personnel, to meet the objectives of this Agreement.

3.1.c. will provide the other with any necessary cooperation and support, including appropriate access to people, data and information, as may be necessary to meet any external or internal audit and assurance requirements.

3.2. The Cabinet Office will supervise and control all GovWifi data in its possession, and the participating Organisation/agency will supervise and control all GovWifi data that is in its possession.

3.3. Should the Organisation request GovWifi Data for legal or operational reasons it will ensure UKGDPR compliance when processing that data where it is capable of doing so.

3.4. The names of the sub-processors for GovWifi who will be processing the GovWifi Data as at the date of signature of this Agreement are attached to this document in Annex A.

3.5. The relationship between the Cabinet Office and the Organisation relating to the GovWifi Authentication Service shall be managed primarily through bilateral engagement between the relevant service team in the Organisation and the GovWifi team in the Cabinet Office.

3.6. Where escalation is necessary, it may be requested by either the Cabinet Office or the Organisation.

3.7. The GovWifi escalation route is outlined here, but may be modified from time to time at the Cabinet Office's sole discretion:

GovWifi Support
govwifi-support@digital.cabinet-office.gov.uk
GovWifi Product Manager
Fajer Qasem
Head of Product
Rachel Kerr-Oliveira
Senior Responsible Officer

Allan Gardner

(Head of Technology, Government Property Agency)

4. GovWifi Data

For a definition of GovWifi data see section 5.3

4.1. User data required by the GovWifi Authentication Service should be passed, unchanged, to that service by the Local Wifi Network.

4.2. User data as required for registration will be handled by the GovWifi Authentication Service as defined in section 5.

4.3. Where the Organisation comes into possession of GovWifi Data, it may only use such GovWifi Data for relevant Organisational policy enforcement and other purposes required by Law.

4.4. The Organisation must not use GovWifi Data for marketing purposes.

5. The GovWifi Authentication Service

5.1. The Organisation must configure their wireless infrastructure to use GovWifi RADIUS endpoints

5.2. The Cabinet Office will provide user enrolment on to GovWifi via the following methods:

5.2.a. Email based enrolment: Credentials should be provided for each email address and phone number when emailing the sponsor route. The GovWifi Authentication Service parses each received email and transmits credentials to each email address identified in the received email.

5.2.b. SMS based enrolment: The GovWifi Authentication Service generates credentials and supplies them by return to the identified mobile phone number.

Inbound Email/SMS enrolment: requests are processed by a cloud-hosted load balancer instance, which also provides SSL/TLS termination, which relays such requests by HTTP to node members.

Outbound Email/SMS responses are processed by cloud-hosted compute nodes and dispatched directly to the relevant platform HTTPS API.

5.3. The personal data stored by the GovWifi Authentication Service will be:

5.3.a. Either of: (i) the end-user's mobile number or (ii) the end-user's email address, or (iii) the end-user's mobile number and their email address;

5.3.b. the end-user's randomly generated username & password (as created by the service);

5.3.c. the MAC address presented by any devices using the user's credentials;

5.3.d. records of successful and unsuccessful authentication.

No additional personal information, such as names or addresses, is requested or captured by the system.

5.4. Personal data is retained by The Cabinet Office as set out in Annex B.

5.5. The Cabinet Office will not share personal data, unless required for the operation of the service, or described in this Agreement, or as otherwise required by Law.

6. Legal Basis

6.1. The Legal Basis for processing personal information is that it is necessary to perform a task in the public interest. The Organisation, when Data Controller, is responsible for ensuring that it complies with the Data Protection Act Legislation/UKGDPR for each of the Users. This will include ensuring the Network Traffic Data is kept up to date, and only retained for as long as required.

6.2. Both The Cabinet Office and the Organisation will ensure that its employees and representatives comply with relevant privacy and applicable Data Protection Legislation/UKGDPR.

7. Further Use of GovWifi Data

7.1. The Organisation agrees not to use GovWifi Data, except as necessary for direct policy enforcement and other lawful purposes, excluding marketing, and in compliance with applicable Data Protection Legislation/UKGDPR.

7.2. Both the Cabinet Office and the Organisation note that all copyright and database rights developed during provision of the GovWifi Authentication Service will be Crown copyright held by the Controller of His Majesty's Stationery Office.

8. Protection of Personal Data

8.1. The Cabinet Office will not disclose GovWifi Data to any outside organisation unless required by Law, allowed under the provisions of this agreement, or required by government policy.

8.2. The Cabinet Office shall notify the Organisation immediately if it considers that any of the Organisation's instructions infringe the applicable Data Protection Legislation.

8.3. The Cabinet Office shall provide all reasonable assistance to the Organisation in the preparation of any Data Protection Impact Assessment prior to commencing any processing. Such assistance may, at the discretion of the Organisation, include:

8.3.a. a systematic description of the envisaged processing operations and the purpose of the processing;

8.3.b. an assessment of the necessity and proportionality of the processing operations;

8.3.c. an assessment of the risks to the rights and freedoms of Data Subjects;

8.3.d. the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of personal data.

8.4. The Cabinet Office shall, in relation to any personal data processed in connection with its obligations under this Agreement:

8.4.a. process that personal data only in accordance with Annex C unless the Cabinet Office is required to do otherwise by Law. If it is so required The Cabinet Office shall promptly notify the Organisation before processing the personal data unless prohibited by Law;

8.4.b. ensure that it has in place Protective Measures, which have been reviewed and approved by the Organisation as appropriate to protect against a Data Loss Event having taken account of the: (i) nature of the data to be protected; (ii) harm that might result from a Data Loss Event; (iii) state of technological development; and (iv) cost of implementing any measures.

8.5. The Cabinet Office to ensure that:

8.5.a. The Cabinet Office personnel do not process personal data except in accordance with this Agreement (and in particular Annex C);

8.5.b. it takes all reasonable steps to ensure the reliability and integrity of any Cabinet Office personnel who have access to the personal data and ensure that they: (i) are aware of and comply with the the Cabinet Office duties under this clause; (ii) are subject to appropriate confidentiality undertakings with the Cabinet Office or any Sub-processor; (iii) are informed of the confidential nature of the personal data and do not publish, disclose or divulge any of the personal data to any third party unless directed in writing to do so by the Organisation or as otherwise permitted by this Agreement; and (iv) have undergone adequate training in the usė, care, protection and handling of personal data

8.6. The Cabinet Office will not transfer personal data outside of the UK and European Economic Area unless the prior written consent of the Organisation has been obtained and the following conditions are fulfilled:

8.6.a The Organisation or the Cabinet Office has provided appropriate safeguards in relation to the transfer;

8.6.b. The Data Subject has enforceable rights and effective legal remedies;

8.6.c. The Cabinet Office complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any personal data that is transferred;

8.6.d. The Cabinet Office complies with any reasonable instructions notified to it in advance by the Organisation with respect to the processing of personal data.

8.7. The Cabinet Office will delete or return personal data (and any copies of it) to the Organisation on termination of the Agreement unless required by Law to retain the personal data.

8.8. With regard to data processed under the conditions of this MOU, each party shall notify the other party immediately if it:

8.8.a. receives a Data Subject Access Request (or purported Data Subject Access Request);

8.8.b. receives a request to rectify, block or erase any personal data;

8.8.c. receives any other request, complaint or communication relating to either Party's obligations under the Data Protection Legislation;

8.8.d. receives any communication from the Information Commissioner or any other regulatory authority in connection with personal data processed under this Agreement;

8.8.e. receives a request from any third party for disclosure of personal data where compliance with such request is required or purported to be required by Law; or

8.8.f. becomes aware of a Data Loss Event.

8.9. The Cabinet Office's obligation to notify under Clause 8.8 shall include the provision of further information to the Organisation in phases, as details become available.

8.10. Taking into account the nature of the processing, the Cabinet Office shall provide the Organisation with full assistance in relation to either party's obligations under Data Protection Legislation and any complaint, communication or request made under clause 8.8 and insofar as possible within the timescales reasonably required by the Organisation, including by promptly providing:

8.10.a. the Organisation with full details and copies of the complaint, communication or request;

8.10.b. such assistance as is reasonably requested by the Organisation to enable the Organisation to comply with a Data Subject Access Request within the relevant timescales set out in the Data Protection Legislation;

8.10.c. the Organisation, at its request, with any personal data it holds in relation to a Data Subject;

8.10.d. assistance as requested by the Organisation following any Data Loss Event;

8.10.e. assistance as requested by the Organisation with respect to any request from the Information Commissioner's Office, or any consultation by the Organisation with the Information Commissioner's Office.

8.11. The Cabinet Office shall maintain complete and accurate records and information to demonstrate its compliance with this clause.

8.12. The Cabinet Office shall allow for audits of its Data Processing activity by the Organisation or the Organisation's designated auditor.

8.13. The Parties shall designate a Data Protection Officer if required by the Data Protection Legislation.

8.14. Before allowing any Sub-processor to process any personal data related to this Agreement, the Cabinet Office must:

8.14.a. notify the Organisation in writing of the intended Sub-processor and processing; b) obtain the written consent of the Organisation.

8.14.c. enter into a written agreement with the Sub-processor which give effect to the terms set out in this clause, such that they apply to the Sub-processor;

8.14.d. provide the Organisation with such information regarding the Sub-processor as the Organisation may reasonably require;

8.14.e. The Processor shall remain fully liable for all acts or omissions of any of its Sub-processors.

8.15. The Parties agree to take account of any non-mandatory guidance issued by the Information Commissioner's Office published guidance. The Organisation may, on not less than 30 Working Days' notice to the GovWifi team, amend this agreement to ensure that it complies with any guidance issued by the Information Commissioner's Officer.

8.16. For the avoidance of any doubt, a User's credentials will be deemed inactive where they have not been successfully used to access GovWifi in any participating Government premises for a period of 90 consecutive days.

8.17. The Cabinet Office will not retain GovWifi Data for any longer than 1 (one) year following the credentials generated by a User as being deemed inactive (as described in Clause 8.16 above)

8.18. The Parties agree to process any personal data in the GovWifi Data in accordance with the requirements of this agreement, and in particular agree that they shall:

8.18.a. process the personal data only as required by the terms of this agreement and the guidance on how to Set up GovWifi on your infrastructure;

8.18.b. process the personal data only to the extent, and in such manner, as is necessary for the GovWifi Authentication Service and applicable policy and law enforcement; e.g. the Organisation to issue any relevant privacy notices where applicable.

8.18.c. comply with the obligations of the applicable Data Protection Legislation/UKGDPR, in particular, implement appropriate technical and organisational measures to protect the personal data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall ensure a level of security appropriate to the harm which might result from any unauthorised or unlawful processing, accidental loss, destruction or damage to the personal data and having regard to the nature of the personal data which is to be protected;

8.18.d. take reasonable steps to ensure the reliability of any personnel who have access to the personal data, including those set out in Clause 8 of this Agreement;

8.18.e. ensure that all personnel required to process the personal data are informed of the Organisation's obligations under this Agreement with regard to the security and protection of personal data and that those obligations under the Data Protection Legislation/UKGDPR are complied with;

8.18.f. ensure that no personnel publish, disclose or divulge any of the personal data to any third party unless directed in writing to do so by either the Cabinet Office or the Organisation.

9. Security of GovWifi Data

9.1. In addition to the requirements in Clause 8 in respect of Personal Data, both the Organisation and the Cabinet Office agree to handle all the GovWifi Data in accordance with the following security requirements:

9.1.a. Access to the GovWifi Data (including any part of the GovWifi Data and any copies), will be restricted to service teams that require the data for debugging or integration purposes, operations staff supporting GovWifi implementation and/or building/premises wireless infrastructure support and the cloud-based Infrastructure-as-a-Service (IaaS) provider selected by the Cabinet Office.

9.1.b. GovWifi Data will be stored in an encrypted format when it is in transit between Organisational systems and the GovWifi Authentication Service, when it is in transit between the GovWifi Authentication Service and its 3rd party suppliers, and when it is stored in the GovWifi Authentication Service (within the retention periods defined). The number of named individuals that have access to the systems in which the data passes and is stored will be kept to a minimum.

9.1.c. GovWifi Data will not be stored or otherwise transferred outside the UK European Economic Area unless in full compliance with obligations of Data Protection Legislation/UKGDPR requirements.

10. Freedom of Information

10.1 Both The Cabinet Office and the Organisation are subject to the provisions of FOIA and the Environmental Information Regulations and shall assist and cooperate with each other to enable each other to comply with their respective statutory duties in relation to Requests for Information. In particular, where either the Cabinet Office or the Organisation receive a Request for Information pertaining to the subject matter or operation of this Agreement, it shall as soon as practicable notify the other's nominated representative, in writing, of the details of the information requested, the date such request was made and, if permitted by law, the name of the person making the request. The party which has received the request shall, prior to responding to the applicant, consult with the other party and to facilitate such consultation shall provide it with a copy of all information which it proposes to disclose not less than 5 working days before disclosure.

11. Loss and Unauthorised Release

11.1. The Organisation will report any loss or unauthorised release of the GovWifi Data to the GovWifi team as soon as possible, and in any event within 24 hours of becoming aware of the Data Breach.

11.2. The Organisation acknowledges that any loss or unauthorised release of the GovWifi Data will be valid grounds for immediate termination of this Agreement, the consequences of which will be an immediate revocation of the Organisation's premises' wireless system integration with the GovWifi Authentication Service.

11.3. Any loss or unauthorised release of the GovWifi Data by the Organisation will need to be investigated jointly by both The Cabinet Office and the Organisation. Existing Cabinet Office data incident processes and reporting will be utilised.

11.4. If financial penalties are imposed by the Information Commissioner's Office on either the Cabinet Office or the Organisation for a Data Breach then the following will occur:

11.4.a. If The Cabinet Office is responsible for the relevant breach, in that it is caused as a result of the actions or inaction of systems and procedures controlled by GovWifi, then the Cabinet Office will be responsible for the payment of these financial penalties. In this case, if the Cabinet Office conducts an internal audit or engages an independent forensic investigator to conduct a thorough audit of any such data incident, the Organisation will provide to the Cabinet Office and its forensic investigators and auditors, on request, full cooperation and access to conduct a thorough audit of such data incident.

11.4.b. If the Organisation is responsible for the relevant breach, in that it is not a breach that the Cabinet Office is responsible for, then the Organisation will be responsible for the payment of these financial penalties. The Cabinet Office will provide to the Organisation and its forensic investigators and auditors, on request, full cooperation and access to conduct a thorough audit of such data incidents.

11.4.c. If responsibility is unclear, then the Cabinet Office and the Organisation will work together to investigate the relevant data incident and allocate responsibility for any financial penalties as outlined above, or by agreement to split any financial penalties equally if no responsibility for the Data Breach can be apportioned. In the event that the parties do not agree such apportionment then such Dispute shall be referred to the escalation route as set out in para 3.8.

11.4.d. If either the Organisation or the Cabinet Office is the defendant in a legal claim brought by a third party related to a Data Breach, then unless the parties otherwise agree, the party that is determined by the final decision of a court of competent jurisdiction ("Court") or the ICO to be responsible for the breach shall be liable for the Total Claim Losses arising from such breach. Where both parties are liable the liability will be apportioned between the parties in accordance with the decision of the Court or the ICO as the case may be.

11.5. In respect of any losses, cost claims or expenses incurred by either party as a result of a Data Breach:

11.5.a. If The Cabinet Office is responsible for the relevant breach, then the Cabinet Office will be responsible for the payment of the Total Claim Losses.

11.5.b. If the Organisation is responsible for the relevant breach, then the Organisation will be responsible for the payment of the Total Claim Losses. If responsibility is unclear, the Cabinet Office and the Organisation will split the total claim losses equally.

11.5.c. Any Data Breach will be grounds for immediate termination of this MoU.

12. Use of GovWifi in overseas locations

12.1. GovWifi is only for use by visiting UK government officials, internal staff, and specifically invited guests in locations such as UK embassies, British High Commissions, consulates or similar. Other visitors (local nation visitors) will be kept separate from GovWifi and use, for example, existing guest wifi networks.

12.2. Should the Organisation wish to use GovWifi in a way that contravenes 12.1, it will contact the GovWifi team for advice.

13. Termination

13.1. Subject to paragraphs 13.2 and 13.3 below, either the Cabinet Office or the Organisation may terminate this Agreement upon three months' written notice to the other.

13.2. In the case where the Agreement is being terminated due to decommissioning of the GovWifi Authentication Service itself, the Cabinet Office will issue three months' written notice of termination to the Organisation.

13.3. Either the Cabinet Office or the Organisation may terminate this Agreement with immediate effect in the event of either a breach of its obligations by the other to this Agreement, or of the guidance on the requirements and recommendations laid out on the GovWifi service website.

14. Changes to this Agreement

14.1. Except where explicitly noted above, this Agreement may only be varied in writing as described below. The Cabinet Office will establish and manage a configuration version control system for this Agreement

14.2. The Cabinet Office may amend this Agreement from time to time after giving 30 days notice to the Organisation. The notice must be in writing, and must set out the change required in sufficient detail to enable both parties to understand the implications of the change; the implications of implementing the change; impact on current service provision; and the method of implementation. The change will automatically take effect at the end of the notice period unless the Organisation terminates this Agreement in accordance with Clause 13.

14.3. The Organisation may request changes to this Agreement. The request must be in writing, and must set out the change required in sufficient detail to enable both parties to understand the implications of the change and be able to respond within one month unless agreed otherwise. The response will set out the implications of implementing the change, impact on current service provision, required amendments to this Agreement and proposed method of implementation. The parties may then agree to the change, continue without making the change, or terminate this Agreement in accordance with Clause 13.

15. Governing Law and Jurisdiction

15.1. This Agreement sets out a formal agreement between two Crown bodies, and an informal agreement between the Cabinet Office and non-Crown bodies. Both the Cabinet Office and the Organisation 'agree that it will have no legal effect between them.

15.2. Any dispute concerning this Agreement will be resolved by negotiation between appropriately senior officers in the Organisation and the Cabinet Office, as set out in the escalation procedure described in paragraph 3.8 above.

16. Questions and Complaints

16.1. The contact details for the data controller are: Cabinet Office, Government Offices Great George Street, 1 Horse Guards Road, London, SW1A 2HQ, or dataprivacy@cabinetoffice.gov.uk

16.2. The contact details for the data controller's Data Protection Officer are: Stephen Jones, Data Protection Officer, Cabinet Office, 70 Whitehall, London, SW1A 2AS, or dpo@cabinetoffice.gov.uk.

ANNEX A: Subprocessors processing GovWifi data

List complete as at 15th April 2021

SMS providers:

  • GOV.UK Notify, a service operated by GDS, part of the Cabinet Office

Email providers:

  • Amazon SES (Simple Email Service)

Database providers:

  • Amazon RDS (Relational Database Service)

ANNEX B: Data retention times

Data retention times for GovWifi and suppliers. Personal data includes the mobile number and/or email address. Non-personal data includes, but is not limited to, a generated message ID, timestamps' message delivery status; successful and unsuccessful authentication attempts.

Organisation Personal data retention time Non-personal data retention time
The Cabinet Office As described in Clause 8 Indefinite
GOV.UK Notify Text message supplier to GovWifi 7 days Indefinite
Amazon Web Services (AWS) Simple Email Service (SES) Email message supplier, via GOV.UK 30 days Indefinite
Vodafone Mobile Network 30 days 3 years
EE Mobile network 7 days 1 year
Three Mobile network 90 days Indefinite
O2 Mobile network 90 days Indefinite
ANNEX C
Description Details
Subject matter of the processing Public sector workers and guests to public buildings
Duration of the processing The Cabinet Office will process (retain) GovWifi data for up to and including 1 (one) year following the credentials generated by a User being deemed inactive
Nature and purposes of the processing Personal data is processed only to the extent as is necessary for the GovWifi Authentication Service to work effectively. The processing of the data will allow Users to self-enrol and connect to the premises’ Local Wifi Network via GovWifi
Type of personal data The end users’ email addresses, mobile phone numbers, IP addresses, randomly generated username and password, MAC addresses, records of successful and unsuccessful authentication
Categories of Data Subject End users of the Wifi Service, employees, citizens
Plan for return or destruction of the data once processing is complete UNLESS requirement under union or member state law to preserve that data All data will be securely erased in accordance with National Cyber Security Guidelines (i.e. IAS 5) utilising overwriting techniques and any AWS tools available (as provided via its compliance with the Cloud Security Principles)
The Cabinet Office GovWifi Memorandum of Understanding Document History
Document reference GovWifi/MOU
Author Iram Tahraoui
Version 2.3
Version date 21.02.24
Next review date TBC
Policy approved by
Signature Milan Bogunovic
Print name Milan Bogunovic
Position Programme Director, GDS
Date 04.9.19
Version history
Description Date Description
0.1 (Pre-release) N/A Pre-release draft
1.0 (Release) Approved
1.1 (Release) Updated with GLD changes
1.2 22.1.18 Updated with GLD changes
1.3 15.5.18 Updated with GLD changes
1.4 6.11.18 Generalised for use with GovWifi Admin portal
1.5 7.3.19 Updated to reflect publication of Terms and Conditions for Organisations on admin portal
1.6 12.6.19 Updated to reflect no longer using Firetext. Updated to reflect that whereas MOUs are generally used for Crown to Crown relationships, this can be used by public sector non-Crown organisations too
1.7 04.09.19 Updated to reflect the use of GovWifi in overseas locations Updated with the name of the interim The Cabinet Office Director General
1.8 28.10.19 Updated to amend minor typing errors
1.9 7.01.20 Updated to include Chris Russell as part of the The Cabinet Office escalation route in place of David Lewis
2.0 13.07.20 Updated to remove Milan Bogunovic’s name and replace it with Julia Harrison’s
2.1 15.04.21 Updated to reflect changes to the escalation route (section 3.8), to replace references to GDS with The Cabinet Office, and to change the final “signature” on behalf of the Minister for the Cabinet Office from Steve Wood to Rory Langford
2.2 11.11.22 Her Majesty’s Stationery Office updated to His Majesty’s Stationery Office. GDPR updated to UKGDPR. Lead Product Manager updated to Debbie Blanchard. Support email updated to govwifi-support@digital.cabinet-office.gov.uk
2.3 13.02.24 Removed content related to signing as MOU will be moved to an online version. Updated the GovWifi office address. Replaced references from “CDIO” with “Cabinet Office”. Removed concept of a “primary point of contact” from section 3.2. Updated GovWifi contacts for Product Manager, Head of Product and SRO. Other updates to sections 5.2a, 16.1 and 16.2