Did UK.gov break the law with its child database?

Whitehall promises answers on specs of binned ContactPoint


Analysis Did the Department of Education (DoE) – or Children, Schools and Families (DCSF), as it was then known – knowingly break the law in its establishment of the ContactPoint database?

The instant answer is: we don’t know. However, a history of excuses, delay and avoidance of awkward questions is starting to mount up. If the department has nothing to hide, it is certainly acting as if it has.

Meanwhile, in a bizarre new development, the DoE contacted us to say that its previous refusal to reveal what data it had been planning to collect had been a mistake. In fact, the information coded as “commercially sensitive” was not after all commercially sensitive – and they are now free to release it to us.

The ContactPoint database was first mooted in 2004 as a response to failures in the social care system – most notoriously in the case of Victoria Climbié.

There, the fact that various case workers dealing with Victoria’s family failed to share their knowledge was considered to have contributed to the child’s eventual terrible death. As a result, the government determined that it would set up a database enabling any and every person likely to be called upon to look out for a child’s welfare to access current dealings with that child at the touch of a button.

That was the original vision: wide-ranging information about all children, available to all. It did not long survive public criticism, with fears that too much information on such a base would be a massive risk to child welfare in its own right. A slow but insistent whittling back of the categories of person allowed access to the base began.

Thus, from a base that would enable care workers and police to share information about children at risk, it dwindled to little more than a glorified interdepartmental telephone directory, linking the contact details of individuals who had had dealings with any particular child through a central online database. It would not even be available to all police or all care workers, being operated instead through a series of gatekeepers.

This, in turn, led to a number of arguments as to the numbers likely to have access to the database – and one of the first signs that the DCSF preferred to keep its good works hidden rather than see them exposed to the light of day. In 2008, following work by the Register looking at the categories that the government claimed would have access to the base, we suggested publically that far from the low figure trumpeted – of near 300,000 – the end result was likely to be closer to 1 million.

This was vigorously denied – but our story led, eventually, to a statement being sneaked out in the last days of the 2007/8 parliament to the effect that the numbers would be closer to 400,000 - or 25 per cent higher than originally announced.

However, the possible law-breaking lies in a rather different area. Instead of simply passing a law enabling the Secretary of State to set up a database for purposes of child protection, the Children Act 2004, refined by regulations published in 2007, went into mind-boggling detail as to what the Department might do. Section 12 of that Act reads rather more like a management data specification than UK legislation. It states that the Department may collect information such as the name, address, gender and date of birth, an identifying number and contact details of any person with parental responsibility.

Crucially, by including so much detail, it raises the possibility that collecting information not on this list is likely to be unlawful.

The categories of information included in that list are not many, nor are they difficult to capture. The largest cost, according to suppliers of systems of this kind, was likely to be around the ETL processes necessary for scraping contact details from a dozen or more different governmental systems in order to feed data into the ContactPoint base.

Nonetheless, the cost, widely publicised as £224m, looked well out of kilter with what was being proposed, and we began to wonder if the DCSF hadn’t actually exceeded its brief, and that it was not, in fact, collecting rather more than the legislation allowed.

An official statement from the DoE recently revealed: "The final total cost of setting up ContactPoint has not yet been determined but it will be less than the budget provision of £224m. The set-up costs cover the design, build and test of the system; however, the cost of coding and other individual elements of the work can not be separately identified."


Other stories you might like

  • Running Windows 10? Microsoft is preparing to fire up the update engines

    Winter Windows Is Coming

    It's coming. Microsoft is preparing to start shoveling the latest version of Windows 10 down the throats of refuseniks still clinging to older incarnations.

    The Windows Update team gave the heads-up through its Twitter orifice last week. Windows 10 2004 was already on its last gasp, have had support terminated in December. 20H2, on the other hand, should be good to go until May this year.

    Continue reading
  • Throw away your Ethernet cables* because MediaTek says Wi-Fi 7 will replace them

    *Don't do this

    MediaTek claims to have given the world's first live demo of Wi-Fi 7, and said that the upcoming wireless technology will be able to challenge wired Ethernet for high-bandwidth applications, once available.

    The fabless Taiwanese chip firm said it is currently showcasing two Wi-Fi 7 demos to key customers and industry collaborators, in order to demonstrate the technology's super-fast speeds and low latency transmission.

    Based on the IEEE 802.11be standard, the draft version of which was published last year, Wi-Fi 7 is expected to provide speeds several times faster than Wi-Fi 6 kit, offering connections of at least 30Gbps and possibly up to 40Gbps.

    Continue reading
  • Windows box won't boot? SystemRescue 9 may help

    An ISO image you can burn or drop onto a USB key

    The latest version of an old friend of the jobbing support bod has delivered a new kernel to help with fixing Microsoft's finest.

    It used to be called the System Rescue CD, but who uses CDs any more? Enter SystemRescue, an ISO image that you can burn, or just drop onto your Ventoy USB key, and which may help you to fix a borked Windows box. Or a borked Linux box, come to that.

    SystemRescue 9 includes Linux kernel 5.15 and a minimal Xfce 4.16 desktop (which isn't loaded by default). There is a modest selection of GUI tools: Firefox, VNC and RDP clients and servers, and various connectivity tools – SSH, FTP, IRC. There's also some security-related stuff such as Yubikey setup, KeePass, token management, and so on. The main course is a bunch of the usual Linux tools for partitioning, formatting, copying, and imaging disks. You can check SMART status, mount LVM volumes, rsync files, and other handy stuff.

    Continue reading

Biting the hand that feeds IT © 1998–2022