back to article National Pupil Database engorged to 20 million individual kids' records

The UK Department for Eduction has enlarged its mega database containing sensitive personal pupil information to nearly 20 million individual records, according to a Freedom of Information response. The National Pupil Database contains a range of sensitive information dating from the year 2000, including name, postcode, …

  1. graeme leggett


    With the "retained over a longer timeframe for historical, statistical or research purposes" element, when the government/civil service is asked if education and support of the disadvantaged in society are getting worse under their stewardship, they could be shown to not be doing a good job.

    Without the data the opposition would claim that they are deliberately not keeping the data so they can't be exposed.

    Can't win.

    1. HollyHopDrive

      Re: Dilemma

      Mmmm.....and they didn't ask the question of "How much money has been obtained by selling / leasing / renting / lending / allowing access to the data to third parties" followed by "and how much of that was ploughed back into schools directly (not the wooly 'education system')" because I'm betting the second number is zero and the first number isn't insignificant.

      And in these times of austerity that they keep insisting we live, the maintenance of essential databases is one cost we could clearly live without if its only about the money yet alone the far bigger issues privacy.

      Camerons reign seems even worse than the blair years....and they were c-nuts for this stuff.

      1. John Smith 19 Gold badge

        "Camerons reign seems even worse than the blair years.." Note the timing

        This is another charming part (along with the massive GCHQ data slurping) of Blair's "legacy.

  2. Anonymous Coward
    Anonymous Coward

    Remove names

    It shouldn't be rocket science to make the records of school leavers anonymous each July. That way they have the data but it's not linked to an identifiable person for ever.

    Whatever, this system should not be Internet facing

    1. Tromos

      Re: Remove names

      Not as simple as just removing names. Give me the postcodes, age and ethnicity and I'll put most of the names back. A full postcode is far too much information for any reasonable measure of anonymity (same applies to the NHS debacle). Postal district should be adequate for the vast majority of needs.

      1. John H Woods Silver badge

        Re: Remove names

        "A full postcode is far too much information" -- Tromos

        Correct: it applies to, IIRC, an absolute maximum of 70 letter boxes. [Edit, maybe 80. But still not very many when you have other identifiers to narrow it down].

  3. Will Godfrey Silver badge

    What a surprise.


    I had a bad feeling about this as soon as there was the first wiff of a national database of children. This was my first concern. I most sincerely hope my second one is never realised!

  4. Anonymous Coward
    Anonymous Coward

    Dear Department of Education

    Please can I have access to your Child database for research purposes.

    Yours Sincerely.

    Ivor Feelum

    Peadough Ltd.

  5. Anonymous Coward
    Anonymous Coward

    right to be forgotten?

    could that be applied to this database or any database?

    Is this the UK's version of the US's 'Permanent Record'?

    1. Just Enough

      Re: right to be forgotten?

      No. It's England's version.

  6. ZSn

    Eye, eye

    Why do they need a huge database of pupils, are these from big eyes?

    1. Anonymous Coward
      Anonymous Coward

      Re: Eye, eye

      Why do they need a huge database of pupils

      Because it is the foundation of a planned national citizen database, that will include all your internet browsing, your financial records, your emails, phone call records, ANPR hits, your tax records, your air travel history. When will ID cards be back on the agenda? My guess is that it'll be being talked about in policy circles by the end of this parliament, and be back as legislation in the next.

      The reason for starting with the kids is first because government desperately want this cradle to grave spying, and because the kids data is borged without them being able to object. Look at the pathetic excuse given by the wankers about "creating innovative tools and services". Aside from mass surveillance as a service, can anybody offer one credible example of any innovative tool or service that has come from offering this to anybody willing to pay?

      1. John Brown (no body) Silver badge

        Re: Eye, eye

        "Because it is the foundation of a planned national citizen database, that will include all your internet browsing, your financial records, your emails, phone call records, ANPR hits, your tax records, your air travel history."

        Yes, I leapt to that conclusion just from reading the headline. The rest of the article merely confirmed my initial suspicions.

    2. Mike 16 Silver badge

      Re: Eye, eye

      You mean 5eyes, like a spider? A keane observation.

      I did originally think the article might be about the run-up to Apple making the Retina Display bi-directional.

  7. PleebSmasher
    Dead Vulture


    Quick, make a heat map of ethnicity, absences, and recipients of free school meals by postcode!

  8. 2460 Something

    Once again, no oversight or transparency. Keeping live data with no end-date is ridiculous. Seems like they are trying to bring national database in via the back door. And they will start updating Key contact information (so full telephone and address history), parents, siblings and children, occupations ... all in the name of historical accuracy in their 'statistical analysis'.

  9. Gezza

    tick, tick, tick ...

    personal data presumably includes all those lovely fingerprints used to gain access to library books and lunch. Biometric content on the next generation just waiting to be abused or hacked from no doubt impeccably secured school IT systems.

    1. Fraggle850

      Re: tick, tick, tick ...

      Individual schools only have access to data on their own pupils on their own local database. This data is submitted to DfE three times a year.

      1. Kane Silver badge

        Re: tick, tick, tick ...

        "Individual schools only have access to data on their own pupils on their own local database. This data is submitted to DfE three times a year."

        You seem to have an insightful knowledge of the inner workings of local/central government practices.

        Please, do tell more!

        1. Fraggle850

          Re: tick, tick, tick ...

          Not a lot to tell really. Each school maintains a database of their own pupils and there is a minimum mandatory subset of that data that DfE require. This contains a lot of sensitive information and changes slightly according to the whims of the current regime. This is uploaded to DfE three times a year and cross referenced against previous national submissions, with errors and changes flagged for clarification/rectification.

          Each collection, known as 'school census' grabs a core dataset as well as collection-specific data. For example one collection a year focuses on what classes pupils are taking on a specific day, at a specific time to get a snapshot of how the curriculum is being applied nationally.

          Crapita have around 80% of the market share for the database software (SIMS - 'database normalisation? We've heard of that' - not!). DfE provide a spec to the database providers for the upcoming census and they ensure that their database can extract the required data via a reporting routine. The reporting routine flags up missing data and errors or inconsistencies across submissions over time. These are corrected prior to the extraction and there is further work done with the extraction once it is on DfE's servers, possibly requiring re-extraction/submission. You could probably download this spec if you wanted to, I don't think it is controlled, just hidden in the usual government information jungle. Obviously, this being government, external suppliers and IT, the routine doesn't always work correctly.

  10. Fraggle850

    20 million sounds a lot

    I used to work as a data manager at a school. I was once given the lengthy and pointless task of obtaining a national exam data set. Lots of form-filling to justify getting the data, don't think it had names in it but lots of other sensitive stuff. Had to guarantee that we wouldn't x-ref it to other data sources to make it personally identifiable.

    The data set for one recent gcse cohort was 500k-ish records (with around 120 fields in each record IIRC). Assuming that is a reasonable proxy for the number of kids in any given school year group nationally then 20 million individual records suggests 40 years worth of data.

    1. DavCrav Silver badge

      Re: 20 million sounds a lot

      "then 20 million individual records suggests 40 years worth of data."

      Or, you know, everyone who has been at school since 2000, as it says in the article, so everyone back to 1982, more or less. 2016-1982=36.

      1. Fraggle850

        Re: 20 million sounds a lot

        Everyone who has been at school since 2000 = 13×500k in y2k = 6.5mil plus 500k/yr × 16 = 8mil = 14.5mil as a very rough calc. That's still 5.5mil short, or 11 years prior to y2k.

  11. BenR

    Mental note

    Got to remember when my little girl starts school to give nothing but false names and addresses then.

    1. Kane Silver badge

      Re: Mental note


    2. Number6

      Re: Mental note

      Opt for home education, then she doesn't need to have her life documented in great detail by the state and she can learn stuff properly and socialise in the real world instead of the classroom.

    3. GrumpyOldBloke

      Re: Mental note

      Not just the name and address, keep an eye on the assignments. Here in Oz we had an assignment at my kids primary school where the children were asked to submit their finger prints. Check essay's - topics like guilt, sorrow, fear and responsibility and ensure they are answered in the abstract. Even kids pictures can be problematic. One family here on Oz was investigated by the states child kidnapping services for drawing a stick figure princess with elongated fingers - elsewhere in the state kids were being beaten, abused and murdered but its much easier to go for a soft target. Teach them about social media and the permanence of data. Do some research on vaccination and make informed decisions on which ones to accept and which ones may only cure corporate profits. Similarly bogus ADHD diagnosis from poor teachers. There are also sites here advising aboriginal children on how to behave around police like ( they are a good read for all parents and apply to all state authority figures. School is a battleground and being a parent in this environment is a full time job, as it always has been

  12. FuzzyWuzzys


    "We at The Reg can report that a USB containing copies of the National Childrens School Database has gone missing on a train somewhere outside Dorking. It is not known why some complete f**ktard needed to copy the whole DB to an Excel spreadsheet and take it home but being a complete div, this is what they did!"


    "We at The Reg can report that due to lack of proper security and patches not being applied for the last 10 years, the front-end web servers of the National Childrens School Database were compromised and the data spewed over the nearest Wikileaks portal/Torrent server/available to buy on a backstreet forum. It's not know why the servers weren't secured but this is the UK Gov and doing IT properly has never been it's strong point!"

    1. MachDiamond Silver badge


      A laptop containing the entire database was stolen from a lowly functionaries back car seat as they were doing their weekly shop. It's unknown why this data was allowed to leave the custody of the Government Ministry of Spying on People. Further enquiries turned up the practice of the GMSP's encouraging employees to find new ways to leverage the data they manage.

    2. Trigonoceps occipitalis Silver badge

      Be Reasonable

      This will be a marvellous learning opportunity.

  13. x 7

    add this to the records and the result is scary

  14. Anonymous Coward
    Anonymous Coward

    I always hear about these "innovative tools and services" but I'm yet to actually see one, anyone else seen one in the wild?

    1. Rich 11 Silver badge


  15. Pat 11

    Subject access requests

    Would they honour subject access requests, I wonder?

    1. Christoph

      Re: Subject access requests

      Don't be silly - then they would have to let people correct all the errors.

  16. Tubz

    Perfect start to the Governments Big Brother database ready for use on controlling the next generation !

  17. earl grey

    it's for your own good citizen

    Move along, nothing to see here...

  18. John Smith 19 Gold badge

    Smells like the usual suspects want a clean load for a cradle to grave surveillance system.

    And I thought these vermin were mostly in the Home Office.

    1. Cardinal

      Re: Smells like the usual suspects want a clean load for a cradle to grave surveillance system.

      Wonder when the school nurse will start swabbing inside little mouths for DNA?

      (with a nice strawberry tasting swab of course!)

    2. Rich 11 Silver badge

      Re: Smells like the usual suspects want a clean load for a cradle to grave surveillance system.

      No, the vermin are mostly in government. Election after election after election.

  19. Graham Marsden

    "We do this by ensuring requestors...

    "...comply with strict terms and conditions covering the confidentiality and handling of data, security arrangements, and retention and use of the data.

    "And when they don't and the entire database is left on an unsecured datastick in the back of a taxi or on a lap-top on a train we will definitely give them *at least* a stern finger-wagging and, if necessary, a quite sharp smack on the wrist whilst we Learn Lessons that will stop this from ever happening again (until the next time...)"

  20. Anonymous Coward
    Anonymous Coward

    "She questioned why the government had created a fully identifiable database containing personal information to be kept indefinitely"

    And they wonder why the public don't trust them with their data. Next step perhaps; an "innovative" project to recoup costs to the taxpayer by giving the ad-pimps a slice of the action.

  21. David Pollard


    It looks to me as thought aspects of the RYOGENS project continue to be developed: Reducing Youth Offending Generic National Solution.

    Details of this ghastly project, which set out to collate early indicators of a criminal tendency in youngsters, are disappearing off the internet. The links here to Statewatch and the Guardian from 2004, however, still paint the picture.

    It's sad that many of those in a position of power and responsibility seem to take more interest in predicting criminality than they do in reducing the factors that apparently cause such a predisposition. The RYOGENS approach targets individuals as if putting the blame on them will solve the underlying problems in society.

  22. Fed up with restrictions

    Has anyone ever signed up to allow this information to be published? Surely, no information can be released unless the person allows them to according to the act. Releasing anonymous information is almost impossible where schools are concerned. The parents need to sign for children, so is the DoE not breaking the law anyway (or have I missed an updated in the law).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021