Tuesday, 9 September 2008

EAST DUNBARTONSHIRE SCOTTISH SOCIALIST PARTY WELCOMES CONSULTATION ON BIOMETRIC FINGERPRINTING IN SCHOOLS

The Scottish Socialist Party welcomes the decision by Education Cabinet Secretary Fiona Hyslop for a consultation on the draft guidance for the use of biometrics in schools.

The Scottish Socialist Party have had concerns about this technology since being informed by concerned parents in East Dunbartonshire whose children will be attending the new build schools.

East Dunbartonshire Scottish Socialist Party spokesperson, Bill Newman commented, "The introduction of Biometric fingerprinting in schools has no educational or safety value. It is imperative that the use of these systems is frozen until this consultation takes place. Children are being conditioned to the 'surveillance society' without really knowing what it means.”

The Scottish Socialist Party echo the questions raised by the Leave Them Kids Alone campaign (http://www.leavethemkidsalone.com )

  1. Why did the school not give parents adequate notice of its intention to fingerprint children?
  2. Why was there no proper consultation, and why were parents not asked to give their explicit written opt-in consent before any children could be fingerprinted?
  3. What advice did the school receive from the manufacturer and others before deciding on this policy?
  4. Aside from manufacturers' anecdotal claims in advertising material, can the school give me details of any independent research proving benefits to my child of using this system?
  5. Has any independent research been carried out regarding the effect on children of repeatedly using biometrics on a daily basis in a familiar setting?
  6. What steps is the school undertaking to teach my child about the dangers of misusing their biometric data?
  7. The manufacturer claims that this system does not store my child's fingerprint, but surely if the biometric template it stores isn't the direct equivalent of a fingerprint, rather like the difference between a drawing and a photo, then the system simply wouldn't work?
  8. Given that there are international standards to ensure that biometric templates from different manufacturers are compatible (so what's stored on one system can be read by any other, including government systems) how does the school respond to the statement made by Microsoft's Identity Architect Kim Cameron that "It is absolutely premature to begin using 'conventional biometrics' in schools"?
  9. Given that neither the DfES, the Information Commissioner, nor BECTA have to date issued guidelines concerning the human rights implications of the use of biometrics in schools, who, prior to the introduction of the system, told the school that it was legal to implement the system without seeking explicit parental consent?
  10. Will my child be photographed as well as fingerprinted?
  11. Will all and any such photographic data be destroyed along with fingerprint templates when my child leaves school, or if I change my mind at any time?
  12. Who, under existing legislation, including the Children Act and the government's stated commitment to widespread data sharing, may access my child's biometric template and associated data as stored on the system? The police? Social services? Civil servants? Technicians from the manufacturer carrying out routine maintenance? The large private multinational PFI companies that now run some LEAs e.g. Amey, Nord Anglia? The private companies running City Academies that may have access to children's data?
  13. Would the school permit 'fishing expeditions' in the stored biometric data (e.g. if the local police were trying to find a match for a crime mark they suspected may have been left by a child from the school)? What would the school do if such a search revealed TWO probable matches?
  14. Bearing in mind that my child's biometric template remains valuable for their entire lifetime, since it can't ever be changed, where is the biometric data stored, where are backups stored, and what security procedures are in place to prevent unauthorised copying of, or any type of access to this data? How will the school know if the data has been copied? What procedures would be followed if the main computer or backup system storing the data were stolen?
  15. Is the computer holding the data connected to the school network and/or the internet? What active measures are taken to ensure the biometric data cannot be accessed by third parties via any such connection(s)?
  16. Can the school guarantee that the data, including any backup copies, will be promptly removed as soon as my child leaves school, or if I change my mind at any point, by an approved professional data cleansing company as required by the Data Protection Act? Will the data-cleansing company certify in writing that the biometric information has been satisfactorily removed? (This requirement was confirmed by the Information Commissioner on 9 Feb 2007.)
  17. Given that the encryption used by the system cannot possibly be guaranteed for the entire lifetime of my child, and that fingerprint templates from different manufacturers are compatible and interchangeable in accordance with INCITS 398 or NISTIR 6529, will the school accept full liability if my child's biometric template stored on the system is compromised at some future point?
  18. As new pupils join the school, will you regularly seek explicit informed written parental consent before fingerprinting them (as recommended by the Information Commissioner, Richard Thomas on 30 January 2007)?
  19. Where fingerprinting is used for school registration, what backup strategy will the school implement to ensure that if any part of the system fails before registration is complete, a full and accurate record of those children at school will be available in the event of an emergency evacuation at the start of the day, e.g. in the event of a fire?

References: The statement made by Microsoft's Identity Architect Kim Cameron - http://www.identityblog.com/?p=733

Tell Parents about fingerprinting - http://www.computeractive.co.uk/computeractive/news/2174570/guidelines-parents-involved

InterNational Committee for Information Technology Standards

http://www.incits.org/scopes/1622r.htm

http://xml.coverpages.org/XBCF-NISTR6529-CBEFF.pdf

Education Guardian, Tuesday January 30 2007, “Schools advised to seek consent before fingerprinting pupils” - http://www.guardian.co.uk/education/2007/jan/30/schools.uk2

Paper by Andrew Clymer, senior identity management security expert, “Do Biometrics have a role for school registration?” -http://www.leavethemkidsalone.com/insecure.htm

Announcement of Cabinet Secretary for Education and Lifelong Learning Fiona Hyslop of a consultation on draft guidance on the use of biometrics in schools. -

http://www.scotland.gov.uk/News/Releases/2008/09/09111501

No comments: