Feeds

Government kids database under fire, again

It'll be over by Christmas

Combat fraud and increase customer satisfaction

The Government’s ContactPoint database - designed to keep tabs on children at risk of social exclusion - is in trouble again, coming under fire on two separate fronts.

First is the vexed issue of “shielding”, identified as a source of concern by a recent article in the Guardian. More directly, the chairman of the Foundation for Information Policy Research, Professor Ross Anderson, believes that bureaucratic muddle and buck-passing on this issue will put thousands of children at risk from paedophiles, celebrity stalkers and abusive parents.

There is no quick fix, as the source of the problem lies in the very concept of ContactPoint. Put large amounts of personal data on every child in the country in one place, and you will have a resource of great usefulness to Police, social workers and other childcare professionals - or alternatively, you have created a paedophile’s treasure trove.

Over 330,000 people will have access to it, and, according to Baroness Miller, Lords Home Affairs Spokesperson for the Lib Dems: “Given the Government’s record on handling data, data loss, data leaks and data misuse, the whole concept of ContactPoint needs to be reviewed."

Hence the idea of “shielding”. This is a process whereby details of especially vulnerable children are blocked off from ordinary user access – and a special order would be required to unblock them. It is understood that shielding has already been put in place for the children of MPs.

For everyone else, the burden will fall on Local Authorities, who are simply not up to the task – not because they are particularly inept, but because they are just not designed for it.

The Department of Children, Schools and Families (DCSF) rather helpfully explains that “there are 150 Local Authorities who will all need to shield records locally. They are fully aware of their responsibilities to shield records, and are being supported in this work by the Department”.

Professor Anderson is rather sceptical of their ability to do this.“If a Local Council has a family living in their area who are members of a Witness Protection scheme – they won’t know. If they have children in the area who are sons and daughters of a well-known pop star - they won’t know.”

“This is just an exercise in blame management - when it all goes pear-shaped, Local Government is going to carry the can – even though they are being given an impossible task.”

This is backed up by Terri Dowty of Action on Rights for Children. She believes government and local authorities need to be asking parents who think their children may need shielding to get in touch now: “Otherwise, this will put thousands of children and families at harm of being tracked down by violent ex-spouses and abusive parents – not to mention criminals, stalkers and paedophiles. There are, quite simply, children who must never be found.”

Unfortunately for the DCSF, every solution seems to generate yet more difficulties. But if parental concerns over access to the data are even slightly recognised, it will open up an immense can of Data Protection worms.

As does “shielding”. Once Local Authorities have identified who needs to be shielded, they need to get this data into the DCSF system. Helpfully, the DCSF today confirmed that “ContactPoint will not be available to practitioners until this work is complete”. However, at the very least, this means something like 150 sets of the most sensitive data imaginable whizzing around the country on a variety of magnetic media.

Do we honestly believe not one of these will go missing? Er, no. Have the DCSF issued detailed security guidelines to Councils wishing to forward these details (including useful stuff like recommended encryption, mode of delivery etc). As far as we are aware, no.

So look forward to ContactPoint being delayed indefinitely while the Sys Ops try to find the missing 150th shielding list.

Meanwhile, we promised a second front, and here it is! Fresh from a Youth Panel meeting on this very subject, Baroness Miller took time out to speak to El Reg on the subject. She is not happy – and is likely to be following this issue like a hawk in the months to come.

“People wanting information on children for malign purposes will now find virtually everything in one place," she told us. “However, the limited uses originally envisaged to make information sharing between agencies for the benefit of children have now been far exceeded.

“The police want to access it for crime prevention which means that any young person on the database is effectively living in a police state where everything about their lives is on record for police use.

“Young people will no longer be able to rely on information given in confidence to agencies dealing with sensitive issues remaining confidential. This will ruin the relationships of trust between them and many of the critical workers that can help them through turbulent adolescent years.

She concluded, bluntly: “ContactPoint could well be a disaster on several fronts.”

SANS - Survey on application security programs

More from The Register

next story
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.