Thinking about the forthcoming “guidelines” which are going to be issued - the government are working with BECTA, who obviously have no issue with biometrics in schools otherwise they would voiced concerns months ago and are working with the Information Commissioner Office (ICO). The ICO says it's a "complex issue that was still being worked out".
Well, let's work it out with BECTA and the ICO but also with children's rights organsiations, the reports listed below and legal advice as well - balanced.
From the Register, David Smith, deputy Information Commissioner:
“Now there's a requirement that consent is informed and freely given. That will depend on the age of the child”
“The idea is that as long as children can understand the implications of what they are being asked to do, they can give consent without deferring to their parents.”
"The Data Protection Act is about the pupil's rights, not the parents' rights over the children's information"
From the Foundation for Information Policy Research (FIPR) report to the Information Commissioner on Children's Databases, November 2006, page 89:
Data Commissioner -"If a data subject is of sufficient maturity to understand their rights under the Act then the data subject should be approached for consent to process their personal data. In general the Commissioner believes that at the age of 12 an individual is likely to have this level of maturity, but understands that this may not always be the case.
There does appear however, from time to time, to be some confusion in the matter of consent in schools. This usually relates to the age of pupils and the point in time when educational establishments should cease to ask parents’ consent to process pupils’ personal data and should start to ask the pupils themselves."
FREELY GIVEN CONSENT
FIPR report to the Information Commissioner, page 94:
First, the practitioners asking the young people for consent may have access to them in an environment where they are habituated to co-operate with the wishes of adults (such as at school). This would not seem to be an environment conducive to genuinely free choice.
Trustguide report, October 2006, for the government, page 76, with regard to biometric technology in schools:
It seemed that none of the attendees were thinking beyond the immediate scenario or what they had been told from ‘trusted’ sources (i.e. their parents, their teachers, or the community policeman). They felt that they could not challenge this viewpoint, or present any alternative views.
The government and the ICO have some solid views here to go on. Apparently the ICO have been "drawing up guidance on the use of fingerprints" since Mark Ballards article in The Register on the 7th September so hopefully it should be out soon.
However issuing guidelines will be fairly ineffective unless it is established who is going to monitor the implementation of any guidelines. When local government and central government have no idea how many school children are giving up their biometric data for databases, it will be a mamouth task simply finding out the schools biometric technology is already being used in.
Who is going to ensure that "a data subject is of sufficient maturity to understand their rights under the Act" in order for the data subject to be approached for consent? This would mean the Data Protection Act should be taught in school in depth and children tested on their rights under the Act - completely unworkable.
Maybe specific law needs to be created - with children aware of how their data is being used, parental permission sought in all circumstances until the child is over the child allowance age, who is looking at it and why, how secure the computer is storing their biometric details, possible implications of biometric data being unsecure and strict penalties for data controllors not adhering to the "law".
Perhaps that's unworkable too and would then demonstrate that biometric technology in schools is posing a problem to regulate, therefore open to abuse and children not being taught the value of their biometric details and who has access to it.
Anyway, I'm going to cynically predicit that any "guidelines" written will simply fit around the millions of pounds worth of biometric technology already in schools and such guidelines will be flimsy and ungovernable.
I do hope not.
Whatever the government does - let's make it workable.