The Department of Education is building a database of Ireland’s children. It’s called the Primary Online Database and, currently, its intention is to collect a full profile of data on all the children in education and to store that data until they turn 30. Yes, 30.
They started last September 2014, taking data from schools directly, rather than asking parents in almost all cases. Now the department is sending home letters to parents about the database, baldly telling parents that they’re taking their child’s data.
UPDATE: See my follow-up post with lots of the extra problems identified with the Minister’s POD plan
UPDATE 2: NEW! A simple web form to tell the Minister that this is a bad idea. Sign it and share it!
The Department is collecting data, including sensitive data such as medical information, whether the children have psychological assessments, religious and racial characteristics on children. This is something that requires careful planning to be done correctly. As the Irish Water debacle showed, an organisation can destroy public trust by careless information governance and ill-considered data demands. And any database that contains such critically sensitive data about all the citizens and residents of the state who are under 30 needs very significant and broadly based support.
This database, if leaked or misused, would compromise the identity security of every young person in the entire country. It would provide a treasure trove for blackmailers or identity thieves. It’s precisely because this sort of data is so red-hot radioactive that the Census data- the only collection comparable to this proposed datagrab- is given special legislative protections in the Statistics Act 1993.
Regrettably, it seems the Department of Education has not learned anything from the recent past. I contacted the department on the 6th January to set out some Data Protection concerns with the database. I followed this up with more than one telephone conversation. I received no written reply by the 20th January so I then made a formal complaint to the Data Protection Commissioner.
In that complaint I made the following points;
1/ Section 2(1)(c) of the Data Protection Acts (referred to hereunder as DPA) sets out the principle that data should be obtained for “one or more specified, explicit and legitimate purposes”. Children’s data was obtained from parents by their schools for specific, legitimate, internal school purposes. The Department is seeking to take that data from the school, under threat to its continued funding, and use it for different radically different purposes, none of which were specified at the time the school obtained the child’s data, or or necessary for those internal uses. This is not legitimate.
2/ In addition, the Department’s Letter to Parents states that it is the Department’s intention to store children’s data in the Primary Online Database until they reach the age of 30.
To me, this appears to be self-evidently an excessive retention period. Data may only be stored for as long as is required for the purpose for which it is collected. (per Section 2 (1)(c)(iv) DPA)
As all the purposes of this database are related to children’s primary school experiences, retention for decades after that experience ends will be a breach of the data protection acts, and contrary to Data Protection principles.
3/ I have very significant concerns about the data relating to children proposed by the Department to be obtained, processed, shared and retained until the age of 30. The material describing the contents of the POD database sets out data which is clearly sensitive personal data per the definition at Section 1 DPA.
In particular, the data fields;
Is the pupil in receipt of low incidence support through NCSE? (drop-down list)
Is pupil receiving support under the General Allocation Model? (drop-down list)
Specific Learning Disability (tick-box)
Learning Support (tick-box)
Mild/Borderline Mild GLD Resource Teaching
Does the child have a psychological or medical assessment report which recommends provision of an additional teaching resource ? (drop-down
represent sensitive personal data as it relates to “the physical or mental health or condition or sexual life of the data subject,”.
However, the Department is proceeding on the assertion that all this data is ‘non-sensitive’ data and does not require parental consent for processing.
Furthermore, the database includes a free text “Notes” tab.
“Notes about a pupil may be entered into the ‘Notes’ tab. At present, notes entered here can be seen by Department of Education staff”
(per P 10 of the Instruction Manual on the POD. The existence of this data field is not notified to parents in any notice addressed to them. )
There is no way for this data to be obtained or retained in compliance with the DPA, as there is no description or limits on what notes may be added to each child’s entry into the database- whether sensitive, relevant, necessary or appropriate. Whether the data is routinely accessed by the Department is irrelevant as it is being retained by the Dept and is accessible to any departmental user with Administrator status.
Furthermore it is not unknown for children to change schools precisely to obtain a fresh start, and it is unsatisfactory that the unlimited and unmonitored notes by staff of one institution would be transferred to the new school, colouring that school’s opinion of the child before they had even started.
4/ The Department of Education’s use case statement which may be accessed on the Department of Social Protections own website does not include the proposed use of children’s PPSNs as described in the Department’s letter to parents regarding this database.
From the records available to me, the proposed use case the Department’s letter describes has not been notified to the Department of Social Welfare and, therefore, has not been agreed with the Minister, as required under S 262(4) and Sec 262(6) of the Social Welfare Consolidation Act 2005.
In the absence of such consent a child’s school would be in breach of the data protection acts were they to transfer his or her PPSN data to the Department as a new Data Controller.
5/ I note that by letter dated 15th January the Minister for Education’s private secretary wrote to parents who have complained about this database and told them that;
“If you do not consent to your child’s data being entered on POD then you should inform your school in writing that you do not wish to have your child’s information entered on POD, however from 2016/2017 this may have funding and teacher allocation implications for your school going forward”
This threat effectively negates any consent that might be given, as it is clearly represents a coercive effort to force consent in the face of the defunding of their child’s education. In addition, the threat to partially defund a school on the basis of purely automatic processing of data in a database it represents a breach of
Section 6B of the DPA,
“a decision which produces legal effects concerning a data subject or otherwise significantly affects a data subject may not be based solely on processing by automatic means of personal data in respect of which he or she is the data subject and which is intended to evaluate certain personal matters relating to him”
To read more about how this database is being implemented in a way to undermine trust and effectiveness, take a look at data protection expert Daragh O’Brien’s two posts on the subject, here and here. Those posts give context to this ill-conceived project, by showing how and why the State consistently fails to respect citizens’ data rights.
If you agree with my points, please do contact your child’s school and let them know that you don’t give consent to your child’s data being entered onto POD, and let the Minister for Education, Jan O’Sullivan TD know your concerns about her plan by email email@example.com and/or make a complaint to the Data Protection Commissioner’s office (details here) if you have no satisfactory outcome from your contacts.