"I have not been able to find a single piece of published research which suggests that the use of biometrics in schools promotes healthy eating or improves reading skills amongst children. I am concerned that these reasons are being given as a justification for fingerprinting children. There is absolutely no evidence for such claims." Dr Sandra Leaton Gray, Director of Studies, Sociology of Education, Homerton College, Cambridge

"From a parent's perspective I see no benefit. My child is registered in school, he/she has been registered in school for the last 2-4 years, has taken books from the library, has purchased school dinners and snacks perfectly satisfactory, so is not getting anything extra for exposing his/her identity to some level of risk." Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc)   (read more from Andrew Clymer)

"It is absolutely premature to begin using 'conventional biometrics' in schools." Kim Cameron, architect of identity and access in the connected systems division at Microsoft, 31 March 2007   (read more from Kim Cameron)

"There is an element of risk storing thumbprint [templates] on a school computer... No system can guarantee the security of information against future technology. Attempting to protect lifetime relevant information is extremely tricky and potentially costly." Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc)   (read more from Andrew Clymer)

"If a child has never touched a fingerprint scanner, there is zero probability of being incorrectly investigated for a crime. Once a child has touched a scanner they will be at the mercy of the matching algorithm for the rest of their lives." Brian Drury, IT security consultant   (read more from Brian Drury)

"I would never condone holding large amounts of biometric information on almost any school site. Fundamentally, such information may be used one day to legally validate the individual, e.g. on a passport. Consequently the value of this information, and the length of time it has this value, is high." Dom Devitto, Information security consultant   (read more from Dom Devitto)

"Encrypted biometric systems must be implemented with a very high level of integrity and trust. Certainly relying on a school to manage the acquisition and storage of such sensitive data as identity is not sensible." David French, Wellington, NZ - 30 plus years' experience in IT   (read more from David French)

Stolen laptop contains details of 11000 children   IT Week, 27 Mar 2007

Parents might like to consider the following: "Who, under existing legislation, including the Children Act and the government's stated commitment to widespread data sharing, may access my child's biometric template and associated data as stored on the system? The police? Social services? Civil servants? Technicians from the manufacturer carrying out routine maintenance? The large private multinational PFI companies that now run some LEAs e.g. Amey, Nord Anglia? The private companies running City Academies that may have access to children's data?" Such access might take place without the knowledge or consent of parents or pupils.

Would the school permit 'fishing expeditions' in the stored biometric data (e.g. if the local police were trying to find a match for a crime mark they suspected may have been left by a child from the school)? What would the school do if such a search revealed TWO probable matches? Bear in mind that current and future legislation may well override and invalidate a school's assurances on keeping children's biometric templates secure.

"Getting kids hooked into treating biometrics capture as a standard thing sends a chill down my spine, and smacks of a long-term attempt to bring it in for everybody." I.T. consultant Richard Leyton (personal quote/opinion)

"We enjoy working with our new thumb print scanner on the PC. We are going to Toynbee after the summer holidays, but we are glad because they have the thumbprint machine there too. Other year groups use it as well as us and we are getting used to it now." Chloe (pupil, Fryern Junior School, Eastleigh, Hampshire)

"[Fingerprinting children at school] sets a dark precedent, conditioning students at a young age to embrace the idea of Big Brother-style biometric tracking. If ever there was a generation that would not oppose a government system for universal ID, it's this one." Chris Hoofnagle, associate director of the Electronic Privacy Information Center in Washington DC.

"The patterns of activity we develop during early years clearly set the tone for how we behave in later life. Encouraging our children to give out their thumbprints on a daily basis leads them to think this is a natural activity. Who else will they give their biometrics to, without consulting their parents and asking questions like “why, and what will it be used for?” Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc)   (read more from Andrew Clymer)

Manufacturers claim that installing biometric systems nay help schools to reduce resources spent on routinr administrative tasks and thereby achieve significant cost savings.

In the case of Library systems, a pupil could just as easily be appointed as library monitor and would have responsibility for checking books in and out, assisted by a barcode scanner if necessary. If a manual system was used, there would be zero capital cost for implementing such a system, and it would help to teach pupils responsibility.

Where catering is concerned, targets for healthy eating could be achieved simply by eliminating unhealthy foods from the menu. It is hard to see how the high intial cost of biometric cashless catering systems (around œ25,000 per school) could be offset by savings.

Where biometric registration is concerned, schools may face extra administrative tasks to comply with health and safety requirements.

"Each child is expected to place their thumbprint on the machine daily. There is no carrot to make them do this, and equally there is no guarantee that the scanner will read the print. Scanners fail to read prints when they are dirty or that the child themselves has perhaps damaged their thumbprint via a scratch or other abrasion. Hence such a system needs a backup strategy. One currently being proposed is that the administration staff will at some point print the role call and then confirm by visiting each non fully-attended class room that the printout is in fact an accurate record." Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc)   (read more from Andrew Clymer)

Expenditure on systems that include biometric elements may help schools to meet LEA innovation / IT spending targets.

A number of Local Education Authorities have expressed an intention to roll out biometric-related systems to ALL schools under their jurisdiction within the next few years.

Junior Librarian and Alice Junior, which both have the option to fingerprint children, can be purchased with e-learning credits - part of the DfES's Curriculum Online project, a source of funding for schools for the purchase of certified curriculum-based software and digital content. And Ramesys, who work with over 12000 schools, LEAs and RBCs have made Junior Librarian's manufacturer a business partner.

For every œ1,000 a school spends on teaching software using e-Learning credits, an 80/20 rule allows them to spend œ200 on associated odds and ends.

Capita Education Services have made Vericool (school fingerprint registration system) and EasyTrace (fingerprint-based cashless catering, access control and electronic registration), premier partners with access to their SQL database AND a commercial arrangement for the reselling or endorsement or their products.

How not to introduce biometrics:

A row has blown up after it was revealed children as young as six have had their fingerprints taken - to borrow books from their school libraries. The move has sparked outrage among parents. One parent, whose daughter had her prints taken when she was just six-years-old, said: "I'm just not happy at all. These are children, not terrorists or criminals."   15-03-07 Sheffield Today - read more

At one school in Bradford, every child was fingerprinted the day after they received a letter from a parent, who is a computer expert, expressing serious concerns. Parents vowed to fight on.   28-03-07 Parent's blog - read more

Dudley Council's ever-popular "Tips For Fingerprinting Children"    14-09-06  read more

"[Biometric registration] needs a backup strategy, [for example] that the administration staff will at some point print the roll call and then confirm by visiting each non fully-attended class room that the printout is in fact an accurate record... How long will the overall registration process now take? Currently each teacher takes his/her own register, this is happening in parallel. The proposed backstop is a largely a sequential process. This obviously means it will take longer to provide full clarity of who is present in school, perhaps a big deal in the case of emergency evacuation.
Issues that will effect this time are:

• Admin staff busy dealing with another task
• Printer jams, or out of toner/paper
• Computer crashes
• Power loss in the building
• Network failure
• Scanner fails in classroom

"The school districts didn't think the problem through. Either they were seduced by the technology, or by the companies that built the system... The security gained is not worth the money and privacy spent. If the goal is to make children safer, the money would be better spent elsewhere." Bruce Schneier, respected US writer and lecturer on issues surrounding security and privacy, who has testified before Congress and authored eight books and dozens of articles and academic papers.   (read more from Bruce Schneier)

"Consider replacing this product with other based on more mature technology and exposing children and schools to less long term danger and liability." Kim Cameron, architect of identity and access in the connected systems division at Microsoft, 31 March 2007   (read more from Kim Cameron - 2nd quote)

"It is highly likely that in less than ten years Chip and PIN may be replaced by Chip and thumbprint. We will see the increasing use of biometrics to protect the things we most need to protect. Like all forms of password protection we are encouraged to keep this information private, in fact we are told to destroy any paper copies. Obviously banks keep this information in some form in order to validate our identity at the point of transaction, this information as you can imagine needs to be kept extremely securely... Imagine that hackers did not have to crack a bank's computer; they could hack small businesses, local libraries or even a school's computer... Currently there is little to no reason to hack a school's computer, but in the future the trade of biometric information may be as common as spam or mailing lists today." Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc)   (read more from Andrew Clymer)

Organisations and individuals within organisations have a duty of care obligation to ensure that the confidential data they hold is not released in an unauthorised or accidental way, particularly that relating to employees or pupils. This includes storage media such as hard disk drives. Non-compliance can lead to heavy fines, compensation for individuals whom have suffered unauthorised disclosure of confidential data (section 13 DPA 99), and damaging media exposure.

On 9th February 2007 an advisory statement was issued by the Information Commissioner's Office (ICO) telling schools to erase children's biometric data from school computers by using professional data cleansing companies: "under the Data Protection Act schools must also dispose of the data using professional data cleansing companies once the child has left or if it no longer of use."

It is the school's responsibility to destroy any personal data that may be stored on the machines. Just hitting the delete button is simply not enough to wipe the data. To ensure maximum data security the school will need to use a professional data wiping solution that makes recovery of the data very difficult. A check should also be carried out to ensure the data has been properly overwritten, and schools should obtain certificates of disposal for their records, as proof of compliance.

It is important to bear in mind that recent advances in computer forensics allow data to be recovered from hard discs under most circumstances. Hence totally secure destruction can only be achieved by shredding and or incineration of the hard disk or other media on which the data is stored. This will have a significant cost implication for schools.

Even if the data is simply wiped using a professional data cleansing company, the cost can be significant - a typical cost of US$5 per record could be incurred.

Early Day Motion 686 concerning biometric data collection in schools (19.01.2007) has attracted considerable cross-party support.   (read more about this)

"I am astonished to learn that fingerprinting of children is done at schools and for such a relatively minor matter of borrowing books from the school library. A major concern must be who would have access to this data and what happens to it after children leave the school. It is particularly wrong that this is being done without parents' consent" The Rt Hon David Davis MP, Conservative Shadow Home Secretary, 27th July 2006

"I believe that the collection of biometric data from young pupils without parental consent is illegal and must cease." Sarah Teather MP, Liberal Democrat Shadow Education Secretary, 20th January 2007

"There really are some civil liberty issues... [Schools] should not be doing this. They should find another method of identification for borrowing library books." Nick Gibb MP, Conservative Shadow Minister For Schools, 13th October 2006

"It's outrageous that Ministers have allowed schools to continue this potentially illegal behaviour for so long without stepping in." Greg Mulholland MP, Liberal Democrat Education Spokesperson

"Are you not concerned about the impression children are going to get of what it is to live in a free country and what it is to be British if, in order to get the right school meals, they have fingerprints taken? It seems to me completely astonishing." Baroness Carnegy, Conservative, 19th March 2007, speaking in the House of Lords   (read more from Baroness Carnegy)

"The practice of fingerprinting in schools has been banned in China as being too intrusive and an infringement of children's rights? Here, it is widespread. We have even had a head teacher tricking three year-olds into giving their fingerprints by playing a spy game. Will the Government ban schools from carrying out this practice, unless parents specifically opt into the system following full and independent information about the so-called benefits of the system and the dangers of identity fraud?" Baroness Walmsley, Liberal Democrat, 19th March 2007, speaking in the House of Lords   (read more from Baroness Walmsley)

Primary school fingerprint firm now worth £8 million... "The size of the UK market means there remains significant opportunity for growth... The drive into new technology areas such as biometric user identification, will further fuel market growth... [The company] is now in an excellent position to further expand in the UK and overseas." Managing Information, 2 August 2006   (read more about this)

"The market potential is limitless... Nurseries are exactly the kind of businesses that franchisees will target... This new market has no real boundries." Franchise Magazine, January 2007   (note that this article concerns fingerprinting ADULTS visiting nurseries, another potential source of revenue)

"Global biometric revenues are projected to grow from $2.1B in 2006 to $5.7B in 2010, driven by large-scale government programs and dynamic private-sector initiatives - Fingerprint is expected to gain 43.6% of the biometrics market in 2006, followed by face recognition at 19.0% - Annual iris recognition revenues are projected to exceed $250m by 2008." International Biometric Group 23 January 2006   (read more about this)

At the start of 2006, there were only a handful of companies selling biometrics to schools. Today, there are nearly twenty.

"Officials at the Department for Education said the matter was one for head teachers and governing bodies, who had to ensure they stayed within the law." BBC News 23 July 2002   (read more about this)

"Any responsibility for dealing with third party queries lies with the end-user and not [name of manufacturer]." from advice issued to schools by one of the major biometric manufacturers.

Learning through habituation
Habituation occurs when we learn not to respond to repeated occurrences of a stimulus. Usually this occurs with repeated presentation of a stimulus and the child learning that it does not signal anything important. It is one of the six main tactics used in behaviour modification.

MSN Encarta gives the following example: "A person who moves to a house on a busy street may initially be distracted (an orienting response) every time a loud vehicle drives by. After living in the house for some time, however, the person will no longer be distracted by the street noise; the person becomes habituated to it and the orienting response disappears." One researcher calls habituation "the most fundamental form of learning." (P. Strarton, Psychobiology of the Human Newborn, London, J. Wiley, 1982], 235).

"[Fingerprinting children at school] sets a dark precedent, conditioning students at a young age to embrace the idea of Big Brother-style biometric tracking. If ever there was a generation that would not oppose a government system for universal ID, it's this one." Chris Hoofnagle, associate director of the Electronic Privacy Information Center in Washington DC.

"We enjoy working with our new thumb print scanner on the PC. We are going to Toynbee after the summer holidays, but we are glad because they have the thumbprint machine there too. Other year groups use it as well as us and we are getting used to it now." Chloe (pupil, Fryern Junior School, Eastleigh, Hampshire)

"Getting kids hooked into treating biometrics capture as a standard thing sends a chill down my spine, and smacks of a long-term attempt to bring it in for everybody." I.T. consultant Richard Leyton (personal quote/opinion)

"Children from a young age regard giving up their fingerprint as a natural day-to-day occurrence without understanding the potential consequences." Andrew Clymer, senior identity management security expert (more than 8 years with Cisco Systems, Visa, Fidelity, Merrill Lynch, etc)   (read more from Andrew Clymer)

"There are international standards such as M1 (aka M1/02-0142 or INCITS 398 or NISTIR 6529 - the latter partially sponsored by the U.S. National Security Agency) and Open AuTHentication (OATH) which allow for fingerprint templates from different manufacturers to be compatible and interchangeable. A fingerprint template from such a system could be read by any other, including systems used by government." (read more about this)

"When the use of biometrics grows, an ordinary person will be enrolled in various biometrically controlled databases, such as travel documents, driver licenses, health care, access control, banking, shopping, etc. Current biometric systems can use the same biometric template for all of them. The template becomes the ultimate unique identifier of the person... The different databases, even if some of them are anonymous, may be linked together to create comprehensive personal profiles for all the users. To do this, no fresh biometric sample is even required... The privacy implications explode at this point." Ann Cavoukian, Privacy Commissioner of Ontario, and biometrics scientist Alex Stoianov   (read more from Ann Cavoukian and Alex Stoianov)

"Obtaining fingerprints from students for the purpose of recording school attendance seems very extreme... I fear that it will create a backlash against the use of biometric authentication." Eugene Schultz, Ph.D., CISM, CISSP, CTO of High Tower Software, co-founder and original project manager of the US Department of Energy's Computer Incident Advisory Capability (CIAC).   (read more from Eugene Schultz)

"Even if the systems where 100% trustworthy and secure, governments, law enforcement officers and lunch monitors certainly are not." David French, 30 plus years in IT, Wellington NZ   (read more from David French)

"A compromised database of individual biometrics or their templates affects the privacy of all individuals." Kim Cameron, architect of identity and access in Microsoft's connected systems division   (read more from Kim Cameron)

"Suppose that a mistake is made and someone's biometric data is compromised. What it the procedure to restore service?
Are they supposed to go get new fingers? New eyeballs? What?" Eric Norman, University of Wisconsin-Madison   (read more from Eric Norman)