Share this page!

defenddigitalme Profile picture
Twitter logo
Nov 6 15 tweets 12 min read
Ten years ago today, on November 6, 2012, Michael Gove announced plans to open up the National Pupil Database for commercial re-use. "It could also help stimulate the market for innovative tools and services."
publications.parliament.uk/pa/cm201213/cm…
#MyRecordsMyRights #PupilData #DataProtection
He changed the law to let the DfE distribute identifying pupil-level data “for a wider range of purposes than currently possible” to “maximise the value of this rich dataset”. #MyRecordsMyRights #DataProtection Ten years later “confidentiality and security” are not working. 2/15
Today, nearly 3 years after the Learner Records Service breach was exposed in the press, the ICO has announced a DfE reprimand over the incident. ico.org.uk/about-the-ico/… 3/15

#MyRecordsMyRights #PupilData #DataProtection
We welcome the remarks that the DfE should improve, but this reprimand, despite finding practice “woeful” seems to have done little to meet the first of the ICO25 four strategic objectives, of safeguarding and empowering people. #MyRecordsMyRights #PupilData #DataProtection 4/15
We believe a light touch isn’t enough here. The ICO could have chosen to protect the rights of 9 million children in school immediately, using GDPR 58(2)(f) powers to impose a temporary limitation on all of the non-compliant practice. #MyRecordsMyRights #PupilData #DataProtection
In its (lack of) monetary penalty approach, the ICO must offer a meaningful alternative form of enforcement to secure accountability appropriate to the scale of the breach, and safeguard rights and redress for us, those affected. #MyRecordsMyRights #PupilData #DataProtection 6/15
As we have exhausted all other routes, Judicial Review is now the only hope we have left of restoring data subjects’ control of their rights. We are taking legal action after we first made a complaint to the ICO in 2016 and the ICO said there was no case. defenddigitalme.org/2015/09/23/wha…
Then came the nasty business 2016-18, the School Census nationality and country-of-birth expansion. We worked with the DfE. The Director General at the UK Statistics Authority worked with the DfE, requesting changes in 2017 and 2018. defenddigitalme.org/wp-content/upl…

#DataProtection
After our 2019 regulatory complaint the ICO carried out an audit and found the DfE commercial dept. “did not have appropriate controls in place to protect personal data being processed on behalf of the DfE". Mid-way through the audit, came the LRS breach. defenddigitalme.org/wp-content/upl…
The ICO found there were insufficient controls, oversight, or lawful basis. And, “the DfE are not fulfilling the first principle of the GDPR, outlined in Article 5(1)(a), that data shall be processed lawfully, fairly and in a transparent manner.” 10/15 #DPDIBill #DataProtection
The Department for #Education enabled gambling companies access to learners’ records. Yet 28 million plus people’s identifying records–including children 0-18 in the National Pupil Database–carry on being given away, a decade after it began, without any Ministerial accountability
DfE Ministers have ignored the Regulators for a decade, carrying on as if the rules only apply to other people. #education #PupilData #DataProtection #DataReform #DPDIBill Even adding 2 further expansions this year and refusing an ICO request to stop defenddigitalme.org/2022/09/16/new… 12/15
The UK government approach to public administrative data processing and the new ICO approach to its regulatory enforcement, fail to meet the public test of our expectations of the authorities: there should be no surprises. #DataProtection #DataReform #DPDIBill #MyRecordsMyRights
This is a gross abuse of trust: the government has turned a generation of learners’ records into a product without permission, without thought for the price we might pay in identity theft, risk of blackmail, stalking and more. #DataProtection #DPDIBill #MyRecordsMyRights 14/15
We demand respect for the data rights of the 9 million children in state education today, and further ca. 20 million who have left school.

News defenddigitalme.org/2022/11/06/ten…

Please support us here crowdjustice.com/case/labelslas…

#DataProtection #DataReform #DPDIBill #MyRecordsMyRight 15/15

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with defenddigitalme

defenddigitalme Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @defenddigitalme

defenddigitalme Profile picture
Nov 6
Earlier today, we posted a thread of what happened after Michael Gove announced plans to open up the National Pupil Database for commercial re-use ten years ago on November 6th, 2012
But let’s also remember what happened before then, starting in 2002. 1/10
Twenty years ago the then Lab. government decided to add names to create pupil-level records for the first time in the formerly aggregated school-level census (as still mostly done in private schools). news.bbc.co.uk/1/hi/education… Terri Dowty was on the ball from the start. 2/10
Many could foresee the surveillance it would become, while (2002) DfE staff said, “The data would be stored securely, no data would be copied to other organisations without a clear need and data would not be used for marketing purposes or sold to private companies”. 3/10
Read 10 tweets
defenddigitalme Profile picture
Feb 23, 2019
“These are not A Levels or GCSEs with results that count on an individual basis in the long term.” #MoreThanAScore @MoreThanScore we disagree these don’t count @DamianHinds — here’s why.
@MoreThanScore @DamianHinds The SAT results (as well as KS1 and Phones tests) are sent for each child on a named basis, to loads of third party companies. They then profile each child using the scores. #MoreThanAScore @MoreThanScore #PlayNotTestsAt4 This is one company example.
@MoreThanScore @DamianHinds The profiles include risk scores -- the company's prediction of future performance -- all of this data transfer, profiling, accuracy and meaning is hidden from families and without any meaningful way for schools to check accuracy. #MoreThanAScore @MoreThanScore #PlayNotTestsAt4
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(