Data protection law can do a very poor job of protecting privacy. It may be no help at all when it comes to ethics and offers no route of redress when a parent does not want a child to be subject to a product trial or research intervention delivered in routine classroom time. As our children have become increasingly datafied, practice has become normalised in the UK teaching profession as staff have grown accustomed to routine processing of sensitive data at scale when other countries do not permit it, whether in the national government census or global platforms or using biometrics. We propopse we draw clear red lines on what is permitted for children in schools.
- Ban on processing biometric data in canteens and cashless payment systems.
- Ban on processing biometric data to borrow library books.
- Ban on all processing of biometric data across UK educational settings, with exceptions for accessibility (e.g. eye controls of systems for children with disabilities).
- We call for a moratorium on all biometric technology and use of bodily data in schools until September 2023 or until the Information Commissioner carries out an assessment of the use of children’s data across UK educational settings, whichever occurs later. (Face, fingerprints, eye scans, vein and palm scanning, gait and emotional detection and processing.)
In October 2021, there was public outcry when schools in Scotland adopted facial recognition for routine canteen cashless payment systems. Download our briefing Biometrics in schools (November 2021) [link]
Read about the 2021 debates in the Scottish Parliament on October 28th and the House of Lords on November 4th here; and the joint-action with Big Brother Watch and media coverage here.
We have a long history of biometrics in schools in the UK. Since 2001 biometric systems in schools have been used to verify children’s identity for food, library books, attendance, locker entry and to make payments for school trips.
One company, MicroLibrarian Systems, approached the Information Commissioner’s Office (ICO) in 2001 to see if using biometric technology would breach the Data Protection Act. The ICO’s reply suggests limited knowledge of the technology at that time and little thought given to the implications for long-term maturity and application to children.
But even twenty years ago they noted, “It is understandable that concerns will be raised over the use of such technology if it is believed that it involves the holding of a database of pupils’ fingerprints.” (Letter from ICO to MicroLibrarian Systems, July 2001.)
In 2012, The Protection of Freedoms Act passed into law in the UK. Chapter 2 of the Act, clauses 26-28, are applicable in England and Wales and deal with consent and objections when processing a child’s biometric data. If either parent or the child objects, then the pupil’s biometrics may not be processed. You always have the right refuse and we believe the basis for consent in schools is invalid, due to the power imbalance in place.