News / National Pupil Database pupil privacy

Pupil data used in secret breaches public trust: Home Office purposes confirmed

The Home Office and police has had, until through our Freedom-of-Information requests, publicly undocumented access to national school census data through the Department for Education

National Pupil Database. [update: 29 October we now know from the Parliamentary question that for the purposes of immigration control between July 2015 and September 2016, the Home Office has made requests of DfE data on 25 occasions, relating to a total of 2,462 individuals.]

We are appalled to find the Department for Education complicit in targeting individual children and their family life for any purpose at all, using named personal data, which was given in confidence to local schools for the purposes of  receiving their universal right to education. Schools submit these records without knowing named data at this degree of detail lands in a national database and all the purposes to which it may be put.

  • Individual pupils’ home and school address are shared through the Department for Education to the Home Office
  • We do not yet know for how many individuals  or families this has affected to date
  • It is a gross breach of professional and public trust
  • There are no plans for this to stop
  • That ‘new’ nationality and country-of-birth will not be used by the Home Office was announced in a BBC online article by the Department after pressure from 20+ human rights organisations under the banner of the Against Borders for Children campaign

Government is yet to publicly admit to sharing pupil confidential data collected in the school censuses with the Home Office for immigration purposes. There is no reason to believe that will not continue.

There is, reported the Guardian, discussion going on at the Department for Education about creating a new agreement that will restrict onward sharing of the newly collected country-of-birth and nationality data.  But there was no agreement in place last week. Any new agreement, unless it has a statutory footing, will have no validity and could be changed at any time, on the whim of future policy or political will.

No one has yet been able to scrutinise the arrangements.

Any new agreement carries any meaningful weight without statutory support. Policies can change between changes of politicians and over time. Today’s Secretary of State for the Home Office could one day be Prime Minister after all.

Purposes for these children’s information passed on to the Home Office

The uses given in the Freedom-of-Information request include assisting deportation.

“All cases within the Home Office requests are a) dependant(s) of a parent/guardian who is suspected of an offence under section 24 or 24A of the Immigration Act 1971, or section 35 of the Asylum and Immigration (Treatment of Claimants) Act 2004 has been, or is being committed

This is far from the message that the Education Secretary gave in Education Questions in the Commons on Monday 10th October, when she said that this new data collection was to target resourcing. The Department for Education has enabled the use of school records in a national database to assist in targeting people.

The Department published their response to the Freedom of Information requests asking for the purposes of this Home Office access only AFTER the school census day ended, on October 6th 2016.

  • It confirms that the Home Office requests include access for supporting immigration enforcement.
  • Any use in deportation enforcement and other immigration controls – past, present or future – would be a shattering breach of trust by government that parents place in schools.

This misuse of public trust in administrative data is damaging, and why what they do with personal, confidential data matters to vulnerable individuals but also to professionals working ‘in loco parentis’ and to gathering that data in future.

The volume and oversight procedures on these uses need clarified with urgency. How many children and families has this misuse of trust affected and since when? Who signed off on these uses of children’s data entrusted to schools?

We know that on 18 occasions and that “the nature of all requests from the Police and the Home Office is to search for specific individuals in the National Pupil Database and to return the latest address and/or school information held where a match is found in the NPD,” and also that “there is a standard request form which only differs each time in the number of individuals being provided to search for.

Each of the 18 requests may have been for many people. We do not yet know, but hope to be told shortly.

Clearly other, separate Home Office uses, may also be in the best interests of children and their well being, very different from assisting in targeting them for removal. However all the facts of how much access is granted for which purpose and with what oversight, among all the range of purposes listed, need clarified.

Future pupil data sharing with the Home Office – nationality and country-of-birth

In this BBC story from 26th September, ten days before school census day, the DfE said:

“These data items will not be passed to the Home Office. They are solely for internal Department for Education use for analysis, statistics and research.”

The headline ran, “Pupil nationality data ‘will not be passed to Home Office’.

This Freedom of Information response, published on the day the census data was due to be collected, explicitly contradicts the full truth of that statement.

The Education Department gave to understand on September 26th that Home Office would not have access to ‘these data’ regarding the school census collection  through the BBC on September 26th which was picked up and repeated by other press, a full ten days before the School Census day October 6th.

Nick Gibb, Minister for School Standards, wrote in July in Parliament, that no protocols or policies on data handling will change. Therefore, that means what has been done in the past will continue.

In two separate Parliamentary Questions [42942] and [42842] in July, gave assurances about access to the  National Pupil Database by other departments.
July 25, 2016:

“The data will be collected solely for internal Departmental use for the analytical, statistical and research purposes described above. There are currently no plans to share the data with other government Departments and decisions on whether the Department will release any personal data to third parties are subject to a robust approval process and […] details about the process are here: https://www.gov.uk/guidance/national-pupil-database-apply-for-a-data-extract“  
Source [PQ 42942]

On July 26 the written response confirmed:

The data will be collected solely for the Department’s internal use for the analytical, statistical and research purposes described above. There are currently no plans to share the data with other government departments unless we are legally required to do so.Source [PQ 42842]

There is no transparent public oversight of police or Home Office access, except for the Freedom-of-Information replies. The transparency register listing third party uses has never included the Home Office and police and there is no public oversight over the volume of this access.

Malcolm Trobe, the interim general secretary of the Association of School and College Leaders was reported saying in Schools Week on September 23rd, “We have been completely assured that none of this is being passed to the Home Office.”

The professionals and public have heard the message about the new items, spun since the facts were published. The new assurances given that the country of birth and nationality data collected in the school census will not be used for immigration control are meaningless however when we know information from the national pupil data has been used for this purpose already. And it will continue to do so.

Future pupil data sharing must change and have transparent oversight

The Department for Education must answer why all uses of children’s confidential data is not made clear to schools who are responsible for collecting the data and expected to explain the purposes to parents and pupils, including ALL data uses, such as commercial purposes without consent.

If some uses are not transparent, but done in secret, how can government expect us to trust what they say will not happen? How will any data collected in the past not end up used for something entirely different in future?

Protecting professional, parental and children’s trust is paramount. We must ensure that all children, particularly our most vulnerable children no matter who they are feel safe in schools. Parents must be able to trust that enrolling a child in school does not mean that their data is potentially available to the Home Office so the Department for Education’s current policy must change.

Using data to assist in targeting people who gave their data to schools with the understanding that they are doing the best for their children is a nasty policy that needs nipped in the bud. We risk losing some of our most vulnerable children off the radar if this breach of trust continues. Scope change could mean very different uses in future without oversight. We must not be naive to the uses of state lists of data in very uncertain times, and hostile environment.

Every child has a universal right to education and it appears to open the potential for a back door into the discrimination against children that was blocked by the Liberal Democrats in government in 2013.

This School Census and existing pupil data use is datasharing done wrong. Collection has failed fair processing, passing around data is done without transparent public oversight or safeguards, and the public and Parliament are the last to know.

We must get solutions to these problems around data sharing in secret for these types of purpose, before it is copy pasted across all our public datasets through the Digital Economy Bill now in Parliament.

It is already doing real harm in the classroom.

###

Notes:
[1]
Nick Gibb said in PQ in July that the handling and policies on data release would not change.
“There are currently no plans for the Department to change the existing protocols and processes for the handling and disclosure of confidential information.”
Source: http://www.parliament.uk/business/publications/written-questions-answers-statements/written-question/Commons/2016-07-15/42942/
[2]
There have been 18 fulfilled requests since 2012. We do not yet know for how many individual children this was for in each request.
“There is a standard request form which only differs each time in the number of individuals being provided to search for and the password to access the data file.”
Source: https://www.whatdotheyknow.com/request/pupil_data_sharing_with_the_poli#incoming-846569

[3]
October 6th 2016, reply to FOI.  The Home Office requests include those used to support immigration control.
“All cases within the Home Office requests are
a) dependant(s) of a parent/guardian who is suspected of an offence under section 24 or 24A of the Immigration Act 1971, or section 35 of the Asylum and Immigration (Treatment of Claimants) Act 2004 has been, or is being committed
[or b) the child in question is an unaccompanied minor and HO has lost contact with the child giving rise to concerns over their wellbeing.]
“Each Home Office request includes details of the individuals concerned as held to enable to us to search for them in the NPD.
“There is a standard request form which only differs each time in the number of individuals being provided to search for and the password to access the data file.”
Source: https://www.whatdotheyknow.com/request/sharing_national_pupil_database?nocache=incoming-878444#incoming-878444

[4]
defenddigitalme is one of over 20 rights’ groups supporting the Against Borders for Children coalition  https://www.schoolsabc.net/2016/09/letter-justine-greening/