News / National Pupil Database

Fixing the National Pupil Database: security, choice, and transparency

New data sharing plans are stirring in the pre-consultation cauldron at the Cabinet Office for wider uses of personal data by public bodies. We were told that the planners will soon be asking questions about cross-departmental consistency.

The Department of Education will need to answer how its current practices sit with the outcome of two-years of Cabinet Office open policy making and a non-commercial,  public interest centred approach.

How would consultation explain commercial use of children’s identifiable personal data and communicate changes if practices are inconsistent?

Our campaign is busy behind the scenes, and we have received some assurance on the eve of the National School Census Day, of a committment to change, as we call for:

  • secure pupil data handling
  • information and choice for pupils, parents and schools,
  • and for transparency in policy and practice.


The last of these are the easiest for the Department to fix.

Today in the Ministry of Secrets on Great Smith Street, the Data Management Advisory Panel (DMAP), operates without transparency. Who decides who receives our children’s data and why?

What are the sensitive data actually used for after release? Who is accountable for oversight? All information that is hidden from pupils, parents and schools. We can only read the Terms of

Reference – how the panel operates – thanks to the Freedom of Information Act and the document has still only been published to date, on whatdotheyknow.

Security, choice, and transparency are commonly used words by the government, but what could transparency improve in practice?

Better transparency on accountable policy could include:

  1. Publication of the Terms of Reference (TOR), operational document
  2. Transparent publication of panel members and their selection
  3. Independent external and lay representatives on the panel
  4. Publicly available meeting minutes
  5. Accountable recipients who show the benefit created from using data

The publication about the releases of the identifiable data are haphazard and on less than an annual basis. This means any questions over release are open for scrutiny far too late after the event.

Better transparency on release practices could mean:

  1. The data release register must be published more frequently
  2. A regular and forward-looking schedule for its publication
  3. Data retention, destruction dates, and any audits would be published to demonstrate accountable data management by recipient and DfE

Taken together, changes like these could mean more transparent policy and practice. That could be a first step, to clearly see the status quo.

The real improvement to benefit our 8 million+ children will only come if the DfE fix their broken bits of bad datasharing policy:

  • safe, secure pupil data handling,
  • information for pupils, parents and schools and
  • respecting their rights to privacy, and reinstating the choice that has been taken from pupils and parents without their knowledge, the choice NOT to have to share personal data with commercial parties and press

Safe setting data are used for research and statistical analysis of National Pupil Data. Yet in the Ministry of Secrets, the Department completely contradicts this by also giving out identifiable and individual level data directly, to commercial third-parties, to their own settings, and it’s not safe best practice. This must stop and be done better.

How public bodies interact with individuals before sharing personal data is going to change under new proposals for tailored public services. This new power we are told will only be possible to use, when consent is impossible. Done well, this might have benefits for the individual.

Around 8 million pupils/guardians in the country today must consent, usually on an annual form, for the use of their identifiable pupil data in schools. But the Ministry keeps its own onward sharing with commercial third-parties effectively secret from staff and children, by not transparently communicating what happens after data collection. Our research shows there is a systemic failure to ask for consent to these uses. Not because schools avoid it, but because they don’t know about it. There is a consent process already, but it is incomplete. This must stop and be done better.

Data protection changes will restate the need for affermative and clear consent to these secondary and commercial uses by the Department for Education, if schools are to meet both the current and upcoming legislation. Even more so with the special considerations given for children.

No child shall be subjected to arbitrary or unlawful interference with his or her privacy, family, or correspondence, nor to unlawful attacks on his or her honour and reputation.”

That any consultation about broadening identifiable public data sharing without consent in tailored public services should run in parallel to the new general data protection changes which place more emphasis on consent, is surprising. It would be especially challenging if there were to be no code yet available to frame the understanding of proposed changes in practice. What will change mean in practice?

Will parents and pupils have choice to consent to what is done with their identifiable information or be forced to continue to share children’s confidential data with TV journalists and Fleet Street press?

To date, the DfE hasn’t said they want to look at these steps. So far,  change has not been positive. Transparency changes if genuinely made in the spirit of lasting improvement might be a step forward.

If the Cabinet Office data sharing plans were to proceed to consultation and have consistency across departments, more must change at the DfE.

Any effort to have secure data in research, and transparent policy, and have the rights of the citizen central in good practice, will be pointless regards children’s confidential data if current poor practices in releasing it from the National Pupil Database remain.

The DfE must committ to getting this fixed. We’re happy to help.

[1] The DMAP Terms of Reference, published only on