The Cable interviews Jen Persson, director of the national campaign defenddigitalme, which aims to stop the government sharing the personal data of millions of children with a plethora of third parties – and the Home Office.
It can’t have escaped your attention that the NHS suffered a major hack recently, along with hundreds of other victims around the world, both corporate and individuals.
If, like me, you are concerned following these recent hacks, you might also worry about your private data. But what about your children’s personal details? Are they safe?
You may be surprised to hear that children’s private data is less than well looked after, and that the government is making it easier for criminals by sharing the information around – with hundreds of companies, journalists, and just about anyone – for no charge, with virtually no oversight.
The central accusations against Theresa May’s government made by grassroots campaigner Jen Persson, director of defenddigitalme, are that far from protecting us, the government has made it much easier for our children’s data to be hacked. Furthermore, information collected by schools is already being used for immigration enforcement without our consent.
One of the most valuable data-sets in the UK
It comes down to the existence of the National Pupil Database (NPD), which contains nearly 20 million pupil records. If you’re under 36 and went to school in the UK you’re almost certainly on it, along with all current pupils. This giant centralised register of our private and personal data, collected by every school in the country, is one of the most valuable data-sets in the UK.
Your child’s name, address, previous addresses, date of birth, ethnicity and records of their results are on there. It is also full of very private information like ‘reasons for absence’ and ‘reasons for exclusion’, which can include entries detailing medical information, pupils’ family situations and even, potentially, notes on abuse or drug and alcohol use in a family. Sometimes the opinions of school staff concerning our children are recorded and stored. Forever.
As Persson explains, “It is sent through the school census once every term, and that database grows by nearly a million children every year.”
This data has become available to companies, researchers, think tanks, journalists and charities. But how? The disturbing answer is that in 2013 the government changed the law – without consulting parliament – so that your permission was not required.
The law stipulates that the data is available to any party who wishes it for the purposes of ‘promoting the education or well-being of children’. But the uses of this data-set are many, and sometimes nefarious.
Immigration enforcement and false statements to parliament
On May 18th, parents across Bristol and the rest of the UK were asked to complete the ‘School Census’. This information was collected and added to the NPD. Questions on ‘nationality’ and ‘country of origin’ were included, in many cases without making it clear that providing this information is entirely optional. This is important because, as Persson argues, “the intent of this collection was [to act as] a Border Force, not Department for Education policy”.
According to a document that came to light only through a Freedom of Information request, the Home Office uses the DfE’s National Pupil Database to provide information for the ‘Removals Casework Team’. Persson’s campaign has shown this is “explicitly for immigration enforcement purposes”; disturbing because “a hostile environment for migrants is a hostile environment for us all. We know children are falling off the radar, being taken out of school and have no education [because of this policy]”.
As if it wasn’t bad enough that our schools are being used to help immigration enforcement raids, ministers have also previously misled parliament over the matter. The former Conservative MP for Bristol North West until the recent election, Charlotte Leslie, asked a question in parliament in July 2016 about the use of this data.
The response from Nick Gibb, the schools minister, was clear: “The data will be collected solely for internal Departmental use […] There are currently no plans to share the data with other government Departments”. It may have been clear, but it was also totally false.
As the document released in Persson’s Freedom of Information request reveals, the Border Force most certainly did use such information. In fact, a further question in October from Caroline Lucas MP (Green), revealed pupil data had actually been used 520 times by the Home Office.
So what is defenddigitalme calling for?
Apart from organising boycotts of the school census, defenddigitalme argues for clarity in explaining how our data is used along with proper oversight and legal protections. Persson further says, “We saw how the NHS reacted under recent cyber security malware. Public services need investment in good data management and security, and schools are no exception […] Otherwise it’s just a matter of time [until] we find our children’s data hacked, lost and misused.”
“They might have outsourced our children’s privacy to third parties, but they can’t outsource their accountability for doing so.”
For more information on the campaign see: defenddigitalme.com