Non-confidential facts and advice to the Deputy Mayor for Policing and Crime (DMPC)
1. Introduction and background
1.1. In July 2018, NPCC lead Chief Constable Goodman (Derbyshire Police) offered all forces the opportunity to bid for funds to create dedicated units to respond to cyber dependant victims and investigations, led and coordinated by the regional cybercrime units, officer costs must be match funded by the Force.
1.2. In February 2019, NPCC lead Chief Constable Goodman (Derbyshire Police) made another offer to the MPS to ensure that the Met was able to get the full benefit of the funding available for cybercrime.
1.3. The funding on offer is not linked to the current National Cyber Security Programme and Home Office Serious and Organised Crime Funding stream for the London Regional response approved by PIB until 2021 in February 2018, but is to assist forces nationally to create bespoke cyber dependant crime units. The fund can only be used for officers paid for by the MPS.
2. Issues for consideration
2.1. This funding is provided for 2018/19 and 2019/20 only.
2.2. The officers who are paid for through this funding must be ring fenced to cyber dependant crime and match funded (which will be met from existing staffing levels).
3. Financial Comments
3.1. This business case is to accept funds offered by DCC Goodman from the Police Transformation Fund to support the MPS Force level response for cyber dependant crime.
• 2018/19 £517,000 October to March 2018/19
• 2019/20 £1,065,000
3.2. The cost saving is up to £1,582m, the final funding received will be based on actual costs of officers and will therefore vary slightly from the amounts given above.
4. Legal Comments
4.1. This report seeks MOPAC’s approval to bid for grant funding of £1,582,000 to support officer wages.
4.2. Para 4.8 of the MOPAC Scheme of Consent and Delegation provides the DMPC with delegated power to approve any bid for grant funding.
4.3. The grant agreement will be published under the Elected Local Policing Bodies (Specified Information) Order 2011.
5. GDPR and Data Privacy
5.1. The MPS is subject to the requirements and conditions placed on it as a 'State' body to comply with the European Convention of Human Rights and the Data Protection Act (DPA) 2018. Both legislative requirements place an obligation on the MPS to process personal data fairly and lawfully in order to safeguard the rights and freedoms of individuals.
5.2. Under Article 35 of the General Data Protection Regulation (GDPR) and Section 57 of the DPA 2018, Data Protection Impact Assessments (DPIA) become mandatory for organisations with technologies and processes that are likely to result in a high risk to the rights of the data subjects.
5.3. The Information Assurance and Information Rights units within MPS will be consulted at all stages to ensure the programme/project meets its compliance requirements.
5.4. The screening questions have been completed and a DPIA is not required because this is not a project or application to change or introduce a new process o
6. Equality Comments
6.1. As this is an existing service this work does not change any aspects relating to equality or diversity.
7. Background/supporting papers