UK government gifts new £250m hosting contract to its own joint venture
Historical drama as Cabinet Office crowns Crown Hosting Data Centres
The UK government's Cabinet Office is seeking to negotiate a new agreement for hosting services for public-sector customers, but appears set to award the contract to its own joint venture with Ark Data Centres.
The rationale is that Ark is the only supplier judged to be capable of meeting the necessary security requirements.
Crown Hosting Data Centres (CHDC) is a joint venture between the Cabinet Office, which owns 25 per cent, and Ark Data Centres Ltd, which owns the rest. It was set up in 2015 for the express purpose of providing hosting services for the government.
Under a voluntary ex ante transparency notice (VEAT), the Crown Commercial Service (CCS) posted details of the Crown Hosting II procurement, which is for rental of managed premises and provision of associated products and services for the ICT of its public-sector customers.
This is the second extension to the original Crown Hosting contract, which was extended for another four years in 2018. Crown Hosting II is to last for seven years, and the proposed start date is scheduled to be on or around 15 March 2023, with the estimated value for the whole contract listed as £250m.
The VEAT reveals that the CCS has reviewed its requirements for this framework and concluded that a direct award to the supplier is permissible because this supplier is the only one capable of meeting the high security classification requirements and support services critical to the national interest.
This kind of direct award is allowed under regulation 32(2)(b)(ii) of the PCR 2015, which permits the contract to be awarded without prior publication where competition is absent for technical reasons.
According to the CCS, the security aspect is important in this case as a result of the UK government's Cloud First Policy, which directs public-sector customers to migrate workloads away from data centres and instead favour public cloud services.
Although this is often easier said than done, the CCS states that the net effect of the Cloud First policy is an overall shrinking of potential data centre business from public-sector bodies, so that a greater proportion of the remaining data centre requirements are those that are critical to the national interest or have higher security classifications.
In other words, the workloads to be hosted under this contract are likely to be those requiring the highest level of physical, operational and electronic security requirements.
- Sovereignty? We've heard of it. UK government gives contract to store MI5, MI6 and GCHQ's data to AWS
- Ark scoops £700m to host ALL UK.gov's data centre needs
- UK government's cloud spending hits saturation: Love of Microsoft endures
- UK govt's top tech heavyweight Maxwell quits for Amazon job
- UK government stacks up to £1.8bn in vertical application framework
CCS also stated that the seven-year framework is justifiable as this will provide ample time for the end user in question to begin and complete their four-year relocation programmes within the timeframe. The alternative of the more common four-year framework agreement, as with the previous two Crown Hosting contracts, would likely prove insufficient for a large data centre relocation programme to start and finish before the framework agreement ended.
While it is easy to be cynical about the government awarding contracts to organisations in which it has an interest, in this case it appears that the national security argument is a valid one, especially when taken with other requirements such as for highly secure premises across at least three locations separated by no less than 15km.
However, we also note that AWS was reportedly given a contract to store data for MI5, MI6 and GCHQ last year.
In its financial statement for the year ended 30 June 2021 [PDF], CHDC reported a turnover of nearly £46m, with profit after tax of nearly £2.5m. This was up on £43m turnover and £2m profit the previous year. ®