UK schools not protecting biometric data
A study has found that data in UK schools gathered from pupils, which includes biometrics, are at risk and susceptible to theft.
Such information includes parents’ names, pupils’ addresses, routes to school, and fingerprint scan images. About 40 per cent of UK secondary schools and 10 per cent of primaries use biometrics for library loans and for school dinner purchases.
The study, presented at the annual conference of the British Educational Research Association in Manchester, said that schools have gathered data from pupils as a “simple matter of convenience, with little thought about security or the implications for children.”
According to the report, schools are not vigilant enough. The findings found that 45 percent of schools had poor password security and 40 percent had minimum technical security measures in place to protect computer system from problems such as viruses.
Dr. Leaton Gray, a professor at the University of East Anglia said: “If this information gets into the wrong hands, it can have big consequences for individuals. Yet security levels in schools are inconsistent, and generally not as high as they should be.”
Rural primary schools were found to be even more susceptible with many schools having no data protection or online safety policies whatsoever.
The UK Department of Education contends that it is serious about protecting pupils’ personal data. Earlier this year, the department changed its policy and required parental permission before pupil fingerprints are provided.
The department said in a statement: “Under the Data Protection Act, all data collected by schools must only be used for its stated purpose, cannot be shared with third parties for another purpose, must be kept securely and be destroyed when a pupil leaves their school.”
Should schools face criminal liability if they do not safeguard the biometric data of pupils?