Material produced by the Central Referral Unit (CRU) response documentation

Material source:

https://www.whatdotheyknow.com/request/material_produced_central_referr

14 May 2025

Dear National Police Chiefs’ Council,

Under the Freedom of Information Act 2000 I wish to see full copies of any current standard operating procedures (SOPs), procedural guidance, manuals and handbooks produced by the Central Referral Unit (CRU).

NPCC Ref: FOI reference 2300/2025

DISCLOSURE (7 DOCUMENTS) CONSIDERATION NOTE

NPCC CRU requester-identification, intelligence handling and coordinated FOIA applicant management

OVERVIEW

Documents disclosed by the NPCC in 2025 FOI reference 2300/2025, when read alongside my Subject Access Response NPCC SAR 1383, provide substantive documentary evidence that the National Police Freedom of Information & Data Protection Unit Central Referral Unit (“CRU”) operates not merely as a neutral legal advisory body, but as a centralised requester-identification and applicant-monitoring mechanism through which applicant names, identities and referral histories are retained, compared and used to inform duplication, repeat requester, vexatious and coordinated handling considerations.

The documents further demonstrate that:

  • applicant identity retention is consciously justified by the NPCC as beneficial to “intelligence led policing”;
  • the CRU and NPCC maintain case management systems expressly designed to identify repeat requesters and ensure a “joined up approach”;
  • the NPFDU remit expressly includes management of intelligence concerning “misuse of the legislation”;
  • I was personally the subject of repeated CRU national circulations and later requester-specific handling instructions.

Accordingly, these documents materially support the proposition that the NPCC has operated a formal requester-recognition and coordinated handling framework extending beyond simple subject-matter advice.

  1. APPLICANT IDENTITY IS RETAINED FOR ANALYTICAL PURPOSES, NOT MERE ADMINISTRATION

The CRU Process note expressly states:

“Providing the applicants name allows the CRU to check if other forces have also sent the request for advice. It allows checks for duplication, repeat requests and vexatious considerations. The email or postal address allows checks when considering applicants working in concert with each other…”

This is a direct admission that applicant identity is intentionally collected and used for:

  • repeat requester identification,
  • duplicate request comparison,
  • vexatious assessment,
  • possible linked/collaborative requester analysis.

The February 2025 Governance & Processes deck repeats the same rationale and states:

“We have risk assessed the need to keep a record of the name on our case management system only, and feel the benefit to intelligence led policing outweighs removal at this time.”

Thus, the retention of requester names is expressly justified by the NPCC not as simple file identification, but as an intelligence-led policing benefit.

Significance: This is a formal applicant-monitoring rationale.

  • THE NPCC MAINTAINS A SEARCHABLE NATIONAL REQUESTER MEMORY SYSTEM

The CRU Process note confirms:

“Once a referral form is received the details from the form are input into cycfreedom (records management system) and a reference number generated.”

The same document states:

“Cases on cycfreedom are kept for a minimum of 4 years…”

Separately, the NPCC FOI Process confirms NPCC’s own direct requests are likewise opened on cycfreedom with applicant names retained. Therefore:

  • applicant names,
  • request details,
  • linked referrals,
  • and CRU reference histories

are intentionally retained over multi-year periods.

Significance: This is not ad hoc email assistance; it is a persistent central requester-reference database.

  • “JOINED UP APPROACH” IS AN EXPLICIT ORGANISATIONAL OBJECTIVE

The CRU process states applicant names are used in circulation logs to:

“identify requestors making requests across government and the need to ensure a joined up approach…”

The NPCC FOI Process similarly states:

“Providing the applicants name allows the NPCC to identify requestors making requests to other areas of NPCC and ensures a joined up approach.”

This wording is repeated in two separate governance documents and plainly indicates that requester identity is being used to secure consistency of handling across bodies/portfolios.

Significance:  The NPCC is not merely processing isolated requests independently; it is consciously coordinating requester treatment.

  • THE NPFDU EXPRESSLY DESCRIBES ITS ROLE AS MANAGING “MISUSE OF THE LEGISLATION” INTELLIGENCE

The NPCC Manual of Guidance lists among the NPFDU remit:

“Proactively monitor potential criminal and misuse of the legislation…”


“Manage intelligence in relation to misuse of the legislation.”

This is important because it confirms the CRU’s self-understanding is not confined to neutral legal advice. It includes:

  • identifying problematic use,
  • monitoring misuse,
  • intelligence handling.

Significance:  This is a policing/intelligence lens being applied to FOIA applicant activity.

  • I WAS PERSONALLY ENTERED INTO THIS NATIONAL CRU CIRCULATION SYSTEM

NPCC SAR 1383 already contains direct examples of CRU national circulations headed:

  • “Log No. 90/24 – Swift – CRU Circulation – Vehicle Thefts Internal Review – Including Advice”
  • “Log No. 639/24 – Swift – CRU Circulation – Vehicle Theft – Including Advice”

These are not merely neutral references to a surname. Read with 1–4 above, they demonstrate that:

  • the applicant was identified centrally,
  • the request was logged in cycfreedom,
  • duplication/repeat/vexatious considerations were available,
  • and advice was circulated nationally under that identifier.

Significance: I am demonstrably not theorising about the CRU system; I am a named subject within it.

  • NPCC LATER ISSUED A REQUESTER-SPECIFIC FORCE HANDLING INSTRUCTION ABOUT ME

On 28 January 2025 NPCC circulated:

“In light of numerous requests from Mr Swift…”

and then set out recommended handling protocols for future requests from:

“Mr Swift OR other applicants demonstrating similar inconsistent requests.”

This goes beyond applicant identification. It constitutes:

centralised requester-management advice.

Significance:  By January 2025 the NPCC had moved from requester recognition to explicit handling guidance concerning me.

  • DATA MINIMISATION CHANGES IN FEBRUARY 2025 DO NOT REMOVE THE CORE FUNCTION

The NPCC’s June 2025 covering letter says certain outward sharing practices changed in February 2025.

However, the same revised governance deck confirms:

  • applicant names continue to be requested,
  • applicant names continue to be retained on the case management system,
  • and this is retained because intelligence-led policing benefit outweighs removal.

Thus:

  • the external cosmetics changed,
  • the central requester-recognition function did not.

Significance:  The NPCC cannot fairly present this as a discontinued historic quirk.

  • OVERALL EVIDENTIAL CONCLUSION

Taken together, the documents provide coherent documentary support for the following propositions:

  1. The NPCC/CRU maintains a formal national requester-identification and referral history mechanism.
  2. Applicant names are intentionally used to assess repeat requests, duplication, vexatiousness and possible linked applicants.
  3. The NPCC expressly regards this retention as serving intelligence-led policing objectives.
  4. The NPCC seeks a joined up approach in handling recognised requesters.
  5. The NPFDU remit expressly includes intelligence concerning misuse of FOIA.
  6. I was repeatedly entered into this national CRU circulation architecture.
  7. The NPCC later moved to explicit requester-specific handling guidance concerning me

Accordingly, concerns regarding requester profiling, cumulative applicant treatment, opaque evaluative commentary and lack of applicant-blind handling are no longer speculative but supported by NPCC’s own governance disclosures.

04/05/2026

Notes:

“Providing the applicant’s name allows the CRU to check if other forces have also sent the request for advice. It allows checks for duplication, repeat requests and vexatious considerations. The email or postal address allows checks when considering applicants working in concert with each other…”

paragraph 2 of 2_10_2300 2025 05 NPFDU CRU PROCESS 10062025.docx

“cycfreedom (records management system)” generating a CRU reference number”

paragraph 3 of 2_10_2300 2025 05 NPFDU CRU PROCESS 10062025.docx

“Cases on cycfreedom are kept for a minimum of 4 years…”

paragraph 10 of 2_10_2300 2025 05 NPFDU CRU PROCESS 10062025.docx

Paragraph 2 says addresses and organisation names allow checks for:

“applicants working in concert with each other”

Paragraph 8 goes further:

Cases requiring consultation at bi-monthly stakeholder meetings will include the applicants name on the circulation log

Providing the applicants name allows stakeholders to identify requestors making requests across government and the need to ensure a joined up approach to safeguard national security