back to article MP slams school biometric guidance

An MP has attacked the government's biometrics advice to schools for failing to enshrine in law a parent's right to be consulted. Lib Dems MP Greg Mulholland told the Commons on 23 July 2007 that the guidance failed to introduce a legal requirement for schools to acquire parental consent before collecting their child's …

COMMENTS

This topic is closed for new posts.
  1. Name

    Indoctrination

    This is just the biometric security industry priming kids to accept that gathering biometric data is a normal everyday activity so that when they grow up they won't object to having to give a DNA sample every time they want to buy a newspaper from the corner shop.

  2. Bob Jones

    23 years too late, but here comes Big Brother!

    Well they were a bit late, 23 years to be exact, but 1984 is clearly here.

    Schools need biometric data on our children, the future of this country, why?

    Are they terrorists or sex offenders? They must be one of them, why else would we track them?

    Lib Dems are almost right, this shouldn't be happening in the first place, wether parents have a choice or not, what right does the state have to take our childrens biometric data?

  3. Anonymous Coward
    Anonymous Coward

    Who is right?

    Objectors to school fingerprinting say that the numbers generated by the scan - to which the print is reduced - can be somehow be reused to extract the original fingerprint.

    The government says this isn't possible.

    Who is right - has this concept been proven?

  4. Anonymous Coward
    Anonymous Coward

    re: Who is right?

    Quote: "Objectors to school fingerprinting say that the numbers generated by the scan - to which the print is reduced - can be somehow be reused to extract the original fingerprint."

    it depends on the technology and sampling methods use, even if it was not possible now, it could be with the next generation of readers and by then you will not be able to refuse to give up your bio data. Therefore it's best prevent it now.

    I would be wary even if safe guards where put on the data, as history has proved that these get taken away and the data becomes open to other uses.

    As an examples of the abuses I am referring to, consider the number plate reading technologies in use. First used to track suspect vehicles and now used to raise revenue by road charging. Who knows where it will lead to? If you knew that car registrations were going to be used for unspecified reasons later, would you have been happy about that?

    It might not be such a big deal with car registrations but the point is once you hand over your bio data, you have lost control of how it is used.

  5. Tom Chiverton Silver badge

    right

    "it is inaccurate to say that it will not be possible to reverse-engineer the data stored in order to obtain the original fingerprint"

    Look at the definition of a hash. It contains less information than the data that was hashed (i.e. the fingerprint) so it's impossible to reconstruct the data from the hash.

  6. Matt

    hmm

    well if the numbers can be used to check that the finger print is the fingerprint it expects then it's only rational to expect that with the right technology you could create a reconstruction of the finger print using those numbers... Or else it wouldn't be very useful at checking the finger print.

    Anyway who the hell believes government officials who are just repeating what a government contractor has said. He's no different to a sales person.

    That olympics project'll cost you 6billion, wait 9billion no 12billion, what do you mean olympics?

  7. Ben Norcutt

    Can't lose fingers

    Yes swipecards, proximity cards, rf tags could be used but students can't forget or lose their fingers.

  8. Anonymous Coward
    Anonymous Coward

    Re: 'Who is right - has this concept been proven?'

    Not the way described - I'd imagine the biometric data is reduced to a hash value using one of the standard algorithms. That's a one-way process.

    However, you are then at the mercy of the security of the hash function - does it genuinely produce unique values for each input? Or is it possible to spoof the hash in a reasonable amount of time so that two different inputs can be forced to produce the same hash?

  9. MikeWW

    The art of comedy is timing

    I find it hilarious that they chose to release the guidance during the six week summer break. All teachers and head teachers care about during this time is their tan and the exam results, not necessarily in that order.

    Any IT personnel that work during the holidays are only bothered about getting any projects completed, carrying out routine maintenance and their tan, in that order.

  10. Roger Paul

    Missing the point

    I think any question of reverse engineering is entirely beside the point. this data collection is not neccessary. Registers tend to work pretty well and act as a time for bonding between form tutor and tutor group. If you want something similar for lunch queues then fine, but why use fingerprints? Whats wrong with a student ID number?

    I agree with 'Name'. By the time these kids grow up it'll be too late to teach how wrong it is for this data to be collected.

  11. Graham Marsden

    Err, right...

    It doesn't matter a damn whether a fingerprint can be reverse hashed or not, what matters is that the damn fingerprint shouldn't be asked for in the first place!

    I think that unless we're very careful, we're soon going to start regretting allowing our Government to consider that our Identity and our DNA and our Finger Prints and so on as *their* property instead of *ours*.

    All schemes like this do is con children and parents into thinking "well, there's no harm in this" so another liberty (the right to go about your lawful business without let or hinderance) is whittled away a bit more.

  12. Darren Share

    Twats

    Any school arrogant enough to suppose that they don't need my permission to take my son's information in this manner will not be my son's school for very long. Home shcooling here we come!

  13. Anonymous Coward
    Anonymous Coward

    The future of biometrics

    I am against fingerprinting school children. Not because of all the current arguements against it, but because of what the future holds.

    If my children become accustomed to giving finger prints to whom ever requests them, in 20 years time, will we see policemen walking down the street with a gadget, and having the power to demand prints there and then?

    It really scares me that my children may take that to be the norm.

  14. Anonymous Coward
    Anonymous Coward

    The norm

    Good point about what we consider to be 'the norm'. What most people consider normal now - CCTV, centralised databases - would have been shocking 10 or 20 years ago. But the state is playing the long game here - because the changes have happened gradually people have barely noticed.

    Well, the pace of things certainly seems to be accelerating now - maybe we have a year or two to save what shreds of privacy we have left. After that, if we want to know how our liberties slipped away, and who is to blame, we will have only to look in the mirror.

  15. Brian Drury

    Some Info About School Fingerprinting

    We have to ask ourselves why, out of all the thousands of schools that have fingerprinted their pupils, not one (as far as I am aware) has asked parental permission to do so.

    I would have thought that asking permission would have been the first thing head teachers (or any reasonable person) would think of doing.

    The government argues that, since fingerprints are not actually stored on the system, parental knowledge and consent are not required.

    This is quite an incredible position. If the fingerprint data on the computer is sufficient to identify an individual - who cares if an image of the fingerprint is stored or not ? - it makes no difference.

    The "fingerprints are not actually stored" argument is just a diversion used by the government to fool us into believing that the data held on school systems is not sensitive - which is patently untrue.

    Teachers have been told that the fingerprint data is "a code”, "a bar code" or "a number". It is actually (in the case of Junior Librarian) 300 bytes of data that forms a map of the minutiae (significant points) of a child's fingerprint ( http://www.leavethemkidsalone.com has a good diagram of this).

    See:

    http://www.microlib.co.uk/news/press_releases/IDK%20Press%20Release%203rd%20July%202006.pdf#search=%22Identikit%20300%20byte%22

    for a description of this by MLS (Micro Librarian Systems Ltd) - the suppliers of Junior Librarian and Eclipse products.

    For school lunch fingerprinting systems, there is QuickDine, supplied by LCR Limited, which uses the M2SYS flagship fingerprint software, Bio-Plugin.

    Here is a link to a M2SYS publicity page that gives this information:

    http://www.m2sys.com/pr032107.htm

    M2SYS's FAQ gives a similar description of their system to the letter by MLS:

    http://www.m2sys.com/sitemap.htm

    It's interesting to note that they state that (on a standalone PC) their system can match in 1 second a fingerprint against 20,000 samples in their database (pretty good for a school lunch system !).

    The Information Commissioner believes that (w.r.t the biometric technology used by MLS):

    “although theoretically possible to use the information obtained from this system to match finger prints taken from the scene of a crime,the resources this would require make this highly impractical” see:

    http://www.privacyinternational.org/countries/uk/kidsprint/comm.jpg

    This may be true for hackers, but it is not true for the Government.

    If, as biometric suppliers frequently claim, the fingerprint templates are of no use to the police, why did The Minister for Schools and Learners (Jim Knight) state:

    “Not only do we know of no circumstance where biometric data have been used by the police, BUT THEY COULD ONLY ACCESS THE DATA AS PART OF AN INVESTIGATION INTO A SPECIFIC CRIME.” see:

    http://www.publications.parliament.uk/pa/cm200607/cmhansrd/cm070723/debtext/70723-0019.htm

    Although the data is encrypted, the Government has the power to demand encryption keys from the system supplier, under the terms of the Regulation of Investigatory Powers Act 2000 Part III, so that is not an obstacle to them.

    What guarantee is there that the Library systems actually operate, and will continue to operate in the way that teachers and parents have been led to believe they do ?

    The computers containing the fingerprint data will surely be connected to the Internet, so that software updates can be installed.

    Can we really be sure that there is no existing back-door mechanism that will automatically transmit fingerprint data or images to police/government databases ?

    Can we be certain that the government will never commission a software update that will introduce a back-door mechanism at some time in the future ?

    The schools would probably be unaware of this happening until it is too late (if at all).

    Since the current systems have been introduced without parental knowledge or consent, why should the government keep us informed of any subsequent changes to the systems ?

    Once the fingerprints are in the hands of the government, they will never be deleted and could be compared against prints found at crime scenes, in the same way that Mr. Blair has publicly stated will happen with fingerprints on the National Identity Register - see:

    http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/02/20/nidcards20.xml

    Automatic fingerprint matching is inherently imperfect, crime scene prints have a worryingly large chance of being incorrectly matched with an those of an innocent person.

    See paragraph 170 of:

    http://www.publications.parliament.uk/pa/cm200304/cmselect/cmhaff/130/13007.htm#a28

    for details of false match rates.

    If a child has never touched a fingerprint scanner, there is zero probability of being incorrectly investigated for a crime.

    If a child has touched a scanner he or she will be at the mercy of the matching algorithm for the rest of their lives.

This topic is closed for new posts.