Feeds

Schools can fingerprint children without parental consent

DfES qualifies its stance

Secure remote control for conventional and virtual desktops

Schools might not even have to inform parents as long as the fingerprinting system doesn't offend the DPA and children have the capacity to decide for themselves, he said.

But who gets to say whether a particular child is capable of consenting to their biometrics being taken - whether a child understands the implications of what they are being asked to do, or whether the decision should be deferred to the parent?

"That's for the school to decide," said Smith.

But campaigners against fingerprinting, such as www.leavethemkidsalone.com, don't trust schools to make that decision.

"There will always be a question in a school environment about whether consent is given," agreed Smith. "The teacher/pupil relationship makes it difficult to obtain freely given consent".

Moreover, in practice the decision is not likely to be given to individual children but presented to the class as a whole. A judgement, Smith conceded, was likely be made about the ability of a class as a whole to make a judgement.

So there might be room for concerned parents to manoeuvre: they might show that consent was not fairly sought or given, with children being given unbiased information to aid their decision. More broadly, they might argue that the decision about whether to hand over fingerprints and other biometrics goes beyond their ability to comprehend.

"[The guidance] will address consent, but it will make clear that what is essential is, [if] what's done is reasonable and proportionate, then consent wouldn't be required," said Smith.

The DPA has scope only to see that fingerprinting is done for a specific purpose, that only necessary data is collected, kept for the necessary time, and used for the allotted purpose by only the allotted people, as long as it is stored securely and not shared willy nilly.

Asked to clarify the legal basis on which its claim was made, the DfES conceded that schools had to ensure their fingerprinting schemes were compliant with the Data Protection Act and the Human Rights Act.

DoES said: "[Schools] should also inform parents and get consent unless the child is of 'sufficient maturity that s/he can give consent her/himself'."

According to Anne Marie Hutchinson OBE, head of the Children Department at Dawson Cornwell law firm, the applicable areas of the Human Rights Act (and Children's Act) legislation concur with the ICO's interpretation of the Data Protection Act: children below the age of 16 can consent if they can demonstrate they have the legal capacity - the nous - to do so; otherwise, parents decide. That will vary child by child and according to decision they are being asked to make.

Unless they can find a way of bringing a case on broad principles, parents who dislike a school fingerprinting their kids without parental consent will have to fight on a case by case basis, based on the legal capacity of their child or the approach of the school.

Yet, as biometrics have already made such rapid encroachments into Britain's schools, it is likely that by the time any such cases get heard, fingerprinting will already be a daily routine for many British children. ®

Internet Security Threat Report 2014

More from The Register

next story
Bladerunner sequel might actually be good. Harrison Ford is in it
Go ahead, you're all clear, kid... Sorry, wrong film
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
Forget Hillary, HP's ex CARLY FIORINA 'wants to be next US Prez'
Former CEO has political ambitions again, according to Washington DC sources
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.