Subscribe to this blog
The commenters on the recent post about biometric technology in schools have spurred me on to investigate this more fully. I've tabled a number of questions to the DFES to ask them about what guidelines they give local education authorities on this stuff. I've also asked them to list the types of technology used. If you have any experiences in your area, I'd be interested to know.
Trackbacks
Comments (or post a new one)
November 2, 2006 1:05 PM | permalink
One way conversions such as that are often mooted as privacy-enhancing, but they have flaws. for example, if the converted profile is not unique to your child, then how can it be used for its intended purpose? It being changed to something other than a fingerprint doesn't make it any less of a proxy for your childs identity.
November 2, 2006 1:06 PM | permalink
Well, it's fairly trivial that it can't be converted back into a fingerprint, although I suspect that's not quite what you mean.
I believe what you actually mean is that the fingerprint data is run through a hashing function which produces a small key (say, 16 bytes) which is then stored. Primarily for reasons of efficiency, than anything else.
Of course, unless it's an open source system, you have zero way of knowing if this is actually the case. The school will have been assured by some sales rep, who will have been instructed by his boss. I doubt any of those people has ever read (or, more importantly understood) the code that makes it happen.
In any case, that's somewhat irrelevant: fingerprints are being taken in schools, without explicit permission ahead of time. Was the closely-typed A4 sent out requiring your signature, or was it purely informational? Do you think the average busy parent would take the time to read properly a closely-typed sheet of A4 about storage of biometric data in order to assist in library services, whether they had to sign it or not? Was signing it (or more importantly, taking of the fingerprints) a pre-requisite to access to library services? If yes, then we have a major problem right there.
And Tom: good call. I suspect I know what the DfES response will read like, but I'd be interested to read it nonetheless.
November 2, 2006 2:11 PM | permalink
I'd rather educate my children at home than send them to a school where they reduced to a few bytes of electronic data. Privacy considerations aside, its demeaning if nothing else and fosters an atmosphere of suspicion. With the IPPR releasing a report stating that our teenagers are the worst behaved in europe next week, should we really be hammering away at the already damaged self esteem of the future of our society?
November 3, 2006 8:24 AM | permalink
Get a grip people!
My daughters school is not simply reducing her to "a few bytes of electronic data" - I am certain that she would not recognise this absurd charecterisation, it is allowing her to use a library in an efficient and fun way.
And this busy parent did bother to read the information, and it seemed reasoned and sensible.
There isn't always a conspiracy!
November 3, 2006 1:47 PM | permalink
Were you asked to give consent: yes, or no?
It's still taking your daughter's fingerprints, whatever it's used for, and that's something that needs proper debate before, not after, it happens.
And, again, what happens in that school to the pupils whose parents don't allow their prints to be taken? Can they still use the library facilities?
November 4, 2006 3:36 PM | permalink
When the Open Rights Group wrote about fingerprinting kids I remember they got a lot of people commenting.
Biometric data is unique and important, and as a society we should only use it for very important purposes. Taking any biometric data from children and using it for trivial purposes is a dreadful precedence to set.
Also on the don't worry the finger print is not stored argument. Suppose a crime is committed in the school and the police find a clear thumbprint. The police run the print through the same algorithm used in the library or the canteen to produce a number. The police compare this number to all the numbers stored in the database and identify the perpetrator. The same system made by the same company is also used by the German military.
LeaveThemKidsAlone is an organisation against schools fingerprinting of children and they will be able to provide you with allot of information. Also the Open Rights Group have been collecting press reports on school fingerprinting.
November 4, 2006 4:50 PM | permalink
The conversion of a single fingerprint scan to a number is not meant to be privacy enhancing, it is simply efficiency. The child does not even have all ten prints scanned.
These things are not police style or standard fingerprints. They are used instead of a card or PIN along with the childs name and class to record the loan of a book. Just like PINs it doesn't matter if they are not unique.
There are far more
November 5, 2006 8:08 PM | permalink
Many independent IT security experts say that this whole business is not nearly as innocent as manufacturers would have us believe. Some even that claim actual biometric data from these scanners could be compromised and find its way into the public domain.
See http://www.LeaveThemKidsAlone.com/security.htm for details.
At my daughter's former school, as with thousands of others right across the UK, parents were not asked for consent, merely informed that fingerprinting would take place. We were informed by letter at home time on the last day of term, with fingerprinting due to commence in the first week after the holidays.
I'd like to see parents asked for their explicit consent. My daughter cannot even use a saw or hammer in woodwork classes, eat popcorn on a school trip, or be photographed in the school play without my written permission. So what's so special about fingerprinting that schools make an exception?
November 9, 2006 11:11 PM | permalink
Interestingly, Hong Kong have just banned (at least temporarily) the practice for exactly the reasons people over here are calling for it.
http://www.theregister.co.uk/2006/11/09/hongkong_kiddyprinting/
November 1, 2006 4:27 PM | permalink
What I should also have mentioned when I posted about the finger print scanner in my daughters school was the A4 of closely typed information sent out by the school.
This included the fact that the "fingerprint" itself is not stored, rather the print is converted into a digital representation which cannot then be converted back into a fingerprint.
No big brother here!