Sarah Murphy MS for Bridgend and Porthcawl has welcomed new Welsh Government guidance to clarify the processes that schools and colleges need to undertake prior to adopting biometric technology.
Children’s rights and digital experts like Defend Digital Me argue that technologies using fingerprints and facial recognition of children in educational settings pose serious threats to pupils’ privacy and personal data.
Biometric data is currently used across schools in the UK as a replacement for cash within the school canteens.
The updated guidance launched by Welsh Government Minister for Education and Welsh Language, Jeremy Miles at Bryntirion Comprehensive school in Bridgend includes:
- Encouraging schools to consider alternative options to biometric systems which are less intrusive.
- Promote the rights of the child protected in law regarding their right to privacy.
- Reinforce the message that learners have a choice regarding the collection of their biometric data. Pupils can opt in or opt out at any time without any detrimental effect to the services they receive from their school or college.
- Require schools and colleges to undertake a Data Protection Impact Assessment when processing biometric data and encourage schools to undertake a Children’s Rights Impact Assessment (CRIA) when they collect learners’ biometric data.
- Schools and colleges should provide privacy information to learners, that complies with UKGDPR.
Sarah Murphy commented on the use of biometric data
“ In 2021, I was made aware of local schools in Bridgend introducing technologies to collect and use fingerprints of children for lunchtime meals. Technologies once used by state intelligence agencies are now being used on our children for monetary transactions.
“This became even more of concern for me after realising that no risk assessment was being taken regarding the use of this data on the children in our community, and that children were being discriminated against if they did not consent to using their fingerprints in the canteen.
“Consent letters sent to parents have framed this as safer for children, but I would argue that with any biometric surveillance, there is the possibility of irreversible data leaks and wrongdoing.
“When somebody has a password, it is something you can change or reset – a fingerprint is something you are. Once that data is compromised, it is compromised for life.
“I want to thank the Minister for his work on this and I welcome the launch of this guidance today, and I am keen to continue working on this with the Minister and Welsh Government. Children must have their right to privacy and consent upheld in education.“
Pippa King, an expert into the use of biometric data in schools commented
“Schools in Europe have been fined for using biometric technology in school – facial recognition and fingerprints – as processing a student’s biometric data breaches GDPR.
It would be prudent that UK schools do not put themselves at risk of contravening GDPR, and the risk of a fine, and opt for a less data intrusive method that biometric technology does not offer.”
The use of biometric data in schools is currently banned in the states of Florida and New York.