Feeds

Schools can fingerprint children without parental consent

DfES qualifies its stance

5 things you didn’t know about cloud backup

Parents cannot prevent schools from taking their children's fingerprints, according to the Department for Education and Skills and the Information Commissioner.

But parents who have campaigned against school fingerprinting might still be able to bring individual complaints against schools under the Data Protection Act (DPA).

DfES admitted to The Register that schools can fingerprint children without parents' permission.

This position has also been taken by the Information Commissioner, who interprets and enforces the Data Protection Act - the law privacy campaigners hope might be used to stop schools fingerprinting their children.

The Information Commissioner's Office (ICO) is drawing up guidance on the use of fingerprints for purposes other than law-enforcement. The guidance will say once and for all whether parents can prevent their children's fingerprints being taken.

David Smith, deputy Information Commissioner, said it was a complex issue that was still being worked out, but it was likely that parents did not have an automatic right to decide whether their children's biometrics could be taken by a school.

"The Data Protection Act talks of consent of the individual - essentially that's consent of the child," he said.

"Now there's a requirement that consent is informed and freely given. That will depend on the age of the child," he said.

The idea is that as long as children can understand the implications of what they are being asked to do, they can give consent without deferring to their parents.

"The Data Protection Act is about the pupil's rights, not the parents' rights over the children's information," said Smith.

The ICO set a precedent of sorts over the consent of children with regard to direct marketing. It decided that kids could sign up to get free gumpf through the post without parental consent unless they were required to hand over detailed personal information.

You might think that a child's fingerprint is one of the most personal pieces of information that can be stored in a database. But the type of information is irrelevant to the Act. Even a child's age is of little importance to the DPA, said Smith.

More important than consent even, the guidance will consider how a fingerprinting system has been applied: whether it is reasonable and proportionate. If a school wants to use children's fingerprints to control their use of its library books, anti-biometric parents might not have much room for protest within the law.

Even where the act does consider consent of the child, it cannot rule in a blanket fashion so as to, say, proclaim that schools should seek parental consent before fingerprinting children below a certain age.

"The capacity of a child to make a decision varies from child to child, while some decisions are more involved than others," said Smith.

What do you do, Smith asks, if a child refuses to have its fingerprint taken but a parent insists that it should?

The DPA is clear on this. The parent only has limited opportunity to control the consent of their child.

"Where the child isn't capable of giving consent then under the data protection act it should go to the parents," said Smith.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?