The Register® — Biting the hand that feeds IT

Feeds

Did UK.gov break the law with its child database?

Whitehall promises answers on specs of binned ContactPoint

By Jane Fae Ozimek, 9th November 2010
  • print
  • alert

What you need to know about cloud backup

Analysis Did the Department of Education (DoE) – or Children, Schools and Families (DCSF), as it was then known – knowingly break the law in its establishment of the ContactPoint database?

The instant answer is: we don’t know. However, a history of excuses, delay and avoidance of awkward questions is starting to mount up. If the department has nothing to hide, it is certainly acting as if it has.

Meanwhile, in a bizarre new development, the DoE contacted us to say that its previous refusal to reveal what data it had been planning to collect had been a mistake. In fact, the information coded as “commercially sensitive” was not after all commercially sensitive – and they are now free to release it to us.

The ContactPoint database was first mooted in 2004 as a response to failures in the social care system – most notoriously in the case of Victoria Climbié.

There, the fact that various case workers dealing with Victoria’s family failed to share their knowledge was considered to have contributed to the child’s eventual terrible death. As a result, the government determined that it would set up a database enabling any and every person likely to be called upon to look out for a child’s welfare to access current dealings with that child at the touch of a button.

That was the original vision: wide-ranging information about all children, available to all. It did not long survive public criticism, with fears that too much information on such a base would be a massive risk to child welfare in its own right. A slow but insistent whittling back of the categories of person allowed access to the base began.

Thus, from a base that would enable care workers and police to share information about children at risk, it dwindled to little more than a glorified interdepartmental telephone directory, linking the contact details of individuals who had had dealings with any particular child through a central online database. It would not even be available to all police or all care workers, being operated instead through a series of gatekeepers.

This, in turn, led to a number of arguments as to the numbers likely to have access to the database – and one of the first signs that the DCSF preferred to keep its good works hidden rather than see them exposed to the light of day. In 2008, following work by the Register looking at the categories that the government claimed would have access to the base, we suggested publically that far from the low figure trumpeted – of near 300,000 – the end result was likely to be closer to 1 million.

This was vigorously denied – but our story led, eventually, to a statement being sneaked out in the last days of the 2007/8 parliament to the effect that the numbers would be closer to 400,000 - or 25 per cent higher than originally announced.

However, the possible law-breaking lies in a rather different area. Instead of simply passing a law enabling the Secretary of State to set up a database for purposes of child protection, the Children Act 2004, refined by regulations published in 2007, went into mind-boggling detail as to what the Department might do. Section 12 of that Act reads rather more like a management data specification than UK legislation. It states that the Department may collect information such as the name, address, gender and date of birth, an identifying number and contact details of any person with parental responsibility.

Crucially, by including so much detail, it raises the possibility that collecting information not on this list is likely to be unlawful.

The categories of information included in that list are not many, nor are they difficult to capture. The largest cost, according to suppliers of systems of this kind, was likely to be around the ETL processes necessary for scraping contact details from a dozen or more different governmental systems in order to feed data into the ContactPoint base.

Nonetheless, the cost, widely publicised as £224m, looked well out of kilter with what was being proposed, and we began to wonder if the DCSF hadn’t actually exceeded its brief, and that it was not, in fact, collecting rather more than the legislation allowed.

An official statement from the DoE recently revealed: "The final total cost of setting up ContactPoint has not yet been determined but it will be less than the budget provision of £224m. The set-up costs cover the design, build and test of the system; however, the cost of coding and other individual elements of the work can not be separately identified."

Agentless Backup is Not a Myth

Next page: No comment, until now

Page:

COMMENTS

House Rules Send Corrections
All Reader Comments (14)
Highly Rated
David Pollard

Don't forget where RYOGENS was heading

Power to El Reg's elbow and all that, but as AC says above in relation to eCAF, there is a whole bunch of stuff beyond the ContactPoint database.

To say that "the original vision" was just "wide-ranging information about all children, available to all" is to miss the point somewhat.

Here is how Warwickshire (Agenda No. 11, 16th June 2005) described what they were up to:

"RYOGENS is an electronic information sharing system, enabling any agency using the system to identify and log concerns about children and young people. Current information sharing protocols allow the sharing of information about children and young people who are thought to be showing early signs of anti-social behaviour or offending. It is anticipated that this definition of concern will be expanded with the development of broader information protocols."

'Thought to be showing early signs ...' eh?

6
0
Anonymous Coward

Sigh

Only in government IT could a glorified address book come with a budget of a quarter of a billion pounds. It's sheer lunacy that at no point a civil servant looked at the escalating cost and asked whether or not something was going wrong somewhere, or question exactly why said address book seemed to require 1500 man years of development time (assuming we rather generously pay our devs £100 an hour). Seriously. Give me a million quid, I'll write you something to collect a name, address, phone number, and allow you attach notes...

4
0
Anonymous Coward
Anonymous Coward

Standard Practice

" If the department has nothing to hide, it is certainly acting as if it has."

Surely that's standard practice in the Civil Service when asked a question. Old habits die hard and all that, I bet most Civil Servants are evasive at any question more complex than "fancy a pint?".

4
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
135
breaking news
Jailed LulzSec hacker Cleary coughs to child porn images, will be freed soon
Some images of infants as young as six months
68
NSA whistleblower to tech firms, Obama: 'Grow a pair!'
Ed Snowden: Email tracking grabs 'IPs, raw data, content, headers, attachments, everything'
66
Google flings another £1m at online child sex abuse vid CRACKDOWN
See, see, we're trying, ad giant tells Daily Mail UK.gov
41
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
119
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Not just telcos, THOUSANDS of companies share data with US spies
It's all perfectly legal, trust us
68
NSA: We COULD track you by your phone ... if we WANTED to
Honestly, too much work, can't be bothered
53