1.  During the past five years, developments in IT have created unprecedented opportunities for observing children and young people, for supervising and controlling their activities, and for gathering and sharing data about their lives.

  2.  Manufacturers of commercially-available devices have exploited the marketing opportunities presented by popular concerns such as child abduction, obesity and bullying, while the government's "risk management" approach to children's policy has emphasised the use of IT solutions to monitor and share information about children in an attempt to detect early signs of problems. In-depth assessment and profiling tools have been developed that are believed to predict potential criminality, social exclusion or educational failure on the basis of statistical probability.

  3.  Taken together, these developments have significantly eroded children's privacy rights, guaranteed by Article 8 of the European Convention on Human Rights and reiterated by Article 16 of the UN Convention on the Rights of the Child. It is now possible for a child to be under near-constant scrutiny throughout each day.

  4.  Because the expansion in the use of IT has been piecemeal, there has been no overview of the possible combined effect on children's development of the various technologies. There is certainly the potential for children to become conditioned to accept a far higher level of surveillance than society now tolerates. Given that privacy and decisions about self-disclosure are a powerful means of regulating our relationships with others, consideration needs also to be given to the effects of surveillance on a child's maturing sense of personal boundaries and autonomy.

  5.  It should also be borne in mind that over-confidence in technological solutions and poor standards of information security can threaten the integrity of children's personal information, and may even place children at increased risk of harm from hacking and careless or corrupt disclosure of data by those with legitimate access.

GOVERNMENT DATABASES AND ASSESSMENT TOOLS

  6.  The wide range of children's databases and assessment processes is extensively covered in the FIPR report to the Information Commissioner: Children's Databases—Safety and Privacy available online at: http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/ico_issues_paper_protecting_chidrenspersonal_information.pdf

  7.  Given the limitations of space, the complexity of the entire database system and the large number of data protection, human rights and consent issues that it raises, we cannot possibly do justice to the subject matter here. We believe that it would be more helpful to the Committee for our briefing to concentrate on the other areas that affect children's privacy. However, the Director of ARCH is a co-author of the above report and it therefore provides an accurate reflection of our views and concerns. We respectfully suggest that Committee members consider it essential reading.

COMMERCIALLY AVAILABLE SURVEILLANCE DEVICES

CCTV and Webcams

  8.  There is increasing use of CCTV in schools, and monitors may even be placed in pupils' toilets. Images can be relayed via Internet Protocols to control centres located outside school, where they are accessible to local council staff.[197]

  9.  There is also a growing trend towards using webcams in nurseries to enable parents to view their children via a password-protected internet system. As the webcam monitors an entire room, all parents can see all of the children at any time.[198] Some systems allow parents to nominate others, for example grandparents and family friends, who may view the webcam. Parents cannot therefore know who else is watching their child.

  10.  Children are not asked to consent to the use of CCTV. In the case of nursery webcams, all of the advertising concentrates on the psychological benefits to parents. No consideration is given to children's dignity and privacy, nor to the fact that, while parents may feel involved in their child's day, this is not a reciprocal relationship.

Biometric systems

  11.  Electronic systems are increasingly used in school canteens to monitor children's individual school meal choices, and in school libraries, where children's reading habits can be monitored individually, and also by ethnicity and gender. Many of these systems use children's fingerprints, which are converted into an algorithm that is stored on the school system.[199] Some schools are also introducing fingerprint scanners for school registration.[200]

  12.  There is mounting protest that children's fingerprints are being taken without parental consent, and concerns that templates are transferable between systems.[201] This raises the possibility that the data could be used by other agencies for other purposes. Although manufacturers claim that a child's fingerprint cannot be reconstructed from the algorithm, this is a red herring; all fingerprint systems now use algorithms derived from a fingerprint, rather than the fingerprint itself.

  13.  Because the data is held on school computers in relatively insecure buildings, its security cannot be guaranteed. Burglary and theft from schools is not uncommon, and the growing importance of biometrics is likely to make databases that hold biometric data a target for organised crime. Manufacturers offer assurances that the data is encrypted using 128-bit encryption techniques, but developments in computing will undoubtedly render such assurances meaningless within a short time. Even if a child's data could be considered safe today, it is unlikely to remain so, and the problem is exacerbated if schools do not ensure the complete deletion of data from a computer hard-drive.

  14.  We have been told that "guidelines" for schools on the use of children's fingerprints will be published on the British Educational Communications and Technology Agency website during May; however, these will not in any way be binding on schools. We remain deeply concerned that children's biometric data may be compromised by theft; that the data may be misused, and that children will become habituated to giving up their biometric data far too readily. In our view, the increasing importance of biometrics for security-critical functions means that they should not be used for low-level purposes.

Location-based services

  15.  There are a number of companies selling location based services to parents. These purport to enable parents to track children via their mobile phones, by logging on to a website that displays the whereabouts of the phone. Parents can also pre-set boundaries and routes, and receive alerts if their child deviates from them.

  16.  A new generation of GPS tracking devices and mobile phones is now coming on to the market; we are told that "Mobiles2Go"[202] is about to launch a major marketing programme that will see its `i-kids' tracking phone placed on sale in supermarkets and High Street stores. We are also aware of a device called the "KinderGuard"[203] currently under development: a location device that also includes biometric sensors to transmit details of a child's heart rate and skin temperature to parents. This indicates when a child is under stress, and also lets parents know if their child has removed the device.

  17.  There is no statutory regulation of any of the above devices, beyond the Data Protection Act 1998. Providers of mobile location services have agreed a voluntary code of practice,[204] but this does not include any requirement that service providers should undergo police checks. An attempt to amend to the Safeguarding Vulnerable Groups Act 2006 to introduce such a requirement was resisted by government. [205]

  18.  Although the code says that devices: "should not be marketed in any way which exploits parents' concern or fear that their child may become a victim of crime", it is clear that some companies are very close to this line.[206]

DNA RETENTION

  19.  On 4 April 2004, police powers were extended to allow DNA profiles, fingerprints and other information to be taken without consent from anyone arrested on suspicion of a `recordable offence'. The police may keep this information indefinitely, even if the person arrested is never charged, or is subsequently acquitted.

  20.  With the help of MPs and the Children's Commissioners, we have made repeated but unsuccessful efforts to obtain accurate Home Office figures for the number of children on the National DNA Database (NDNAD) who:

(a)  did not receive any disposal or further action;

(b)  received a reprimand or final warning.

  21.  Using the Youth Justice Board figures for juvenile arrests and disposals, we believe it is possible that DNA profiles of around 200,000 children who have received no disposal may be on NDNAD, and a further 200,000 profiles of children who have received reprimands or final warnings.

  22.  The existence of a child's profile on NDNAD puts the onus on him/her to justify the presence of his/her DNA at a crime scene, and may lead to unwarranted suspicion. Although this is equally true of adults, children are at far greater risk of injustice. Almost one quarter of arrests are of 10-17-year-olds, and the range of databases holding sensitive information about them has considerable potential to prejudice the position of those whose records include predictions of the likelihood of future criminality. We are profoundly concerned that whenever a positive DNA match is made, the police will access other information held on the child, and that this will create a set of assumptions that will influence police attitudes, including the likelihood of guilt.

  23.  It is extremely important that children and young people are kept out of the youth justice system unless there are no other options left, and recognition of this fact has led to the reprimand and final warning schemes. There is also a growing body of evidence that arrest and/or questioning by the police has negative effects on young people's behaviour. The Edinburgh Study of Youth Transitions and Crime, a ten-year longtitudinal study of 4,000 young people that began in 1998, found that:

"...being caught by the police had a particularly strong influence on whether young people gave up delinquency entirely: the more times they had been caught by the police, the less likely it was that their level of delinquency would be zero at either sweep 5 or sweep 6."[207]

  The explanation offered for this finding is that young people find it very hard to escape from being labelled "criminal". There is a real risk that the presence of a young person's profile on NDNAD will lead to disproportionate police interest and questioning when there is no other evidence of involvement, and lead to increasing anger and alienation on the part of the young person.

  24.  We are concerned that speculative familial searches are being conducted on NDNAD. This has the potential to cause great difficulty and distress to those children whose paternity is not as they had assumed,[208] those who are adopted, and those who have changed their identity because they are escaping domestic violence or are subject to witness protection.

  25.  In our view, it is entirely wrong to retain the DNA of children and young people who have not had any action taken against them, or who have been acquitted by a court.

  26.  Retaining the DNA profiles of those who receive reprimands and final warnings defeats the purpose of the scheme, which is to prevent young people from entering the youth justice system for low-level, often first, offences. It increases the likelihood of further contact with the police and risks "locking in" young people to the criminal justice system, rather than providing them with an opportunity to change their behaviour before they are faced with more serious consequences.

  27.  Where a child has been convicted of an offence in the courts, we believe that DNA profiles should only be retained in line with the Rehabilitation of Offenders Act 1974.

April 2007

http://www.law.ed.ac.uk/cls/esytc/findings/digest12.pdf

198   Example: http://www.thisislondon.co.uk/news/article-23392356-details/Big+Mother+is+watching+you/article.do Back

199   Extensive information can be found at: http://www.leavethemkidsalone.com/ Back

200   http://www.vericool.co.uk/home.html Back

201   Kim Cameron, Architect of Identity and Access, Microsoft Connected Systems Division http://www.identityblog.com/?p=743 See also various posts between 27 March-1 April. Back

202   http://www.mobiles2go.com/m2g/ Back

203   http://www.kinderguard.co.uk/technology/ Back

204   Code of Practice for the use of passive location services in the UK: http://www.mobilebroadbandgroup.com/documents/UKCoP_location_servs_210706v_pub_clean.pdf Back

205   Commons Hansard 23 October 2006 Col 1244: http://www.publications.parliament.uk/pa/cm200506/cmhansrd/cm061023/debtext/61023-0005.htm Back

206   See eg Childlocate website front page: http://www.childlocate.co.uk/ Back

207   Edinburgh Study of Youth Transitions and Crime: "Social Inclusion and Early Desistance from Crime" David J Smith: Back

208   BBC News "Who's the Daddy?": http://news.bbc.co.uk/1/hi/uk/3023513.stm Back