No Security Blanket – why consent packages fail our children – care.data and more

As a mother, I want to know that my children’s personal data, when it is collected by any organisation, will be kept safe and used in ways I would expect. I see it as my responsibility safeguarding my children today, to also think of their future.

We should seek to protect the fundamentals in the Universal Declaration of human rights for all:

Everyone in the community should find the free and full development of his personality is possible. Everyone has the right to work, to free choice of employment.

In effect, these basic human rights seek to prevent discrimination and interference.

But it feels as though the world around us in England has gone mad. Risking stigma, discrimination, giving our kids’ personal information quite freely away and with it, their future autonomy.

Here’s five recent case studies and why they fail our young people.

The Department of Education’s National Pupil Database & Personal Demographics Service

What About Youth is reportedly using contact details directly from the Personal Demographic Service (PDS) data stored at HSCIC and the schools’ database, the Department of Education’s National Pupil Database, and giving them to IPSOS Mori, the poll research organisation to carry out the What About Youth? study on behalf of the Health and Social Care Information Centre, funded by the Department of Health. To contact our 14-16yr olds directly.

“Your contact details were taken from NHS Registration data, held by the Health and Social Care Information Centre and the Department of Education’s National Pupil Database, which contains details of every pupil in England. The NHS Registration data has been used as it is a reliable source of details such as name, address, date of birth and NHS Number. It does not include any medical data so we don’t know anything about any illnesses or conditions you have had or received treatment for.

We have received approval to use your contact details only for this study. We won’t be using them for any other purpose, nor will we share them with anyone else. “

I don’t know that any parent would find that an expected use of their personal contact details to be contacted by the third party directly.

How is the questionnaire coded I wonder, whilst “the answers will not have the child’s name and address on, so no-one who sees them will know whose they are,” the “aim of the study is to make it easier for doctors, nurses and local authorities to help young people.” So it would appear Local Authority is going to be coded at least. And your individual postcode. And child’s age and gender and ethnicity and more.

If the child (14-16yr olds) agrees to being re-contacted, I would want to know as a parent exactly how, when and for what. But parents are encouraged not to influence the child completing the form, so we may never know. The survey asks about all sorts of insecurities, not all of which I believe every 14 year old will have yet considered. Is it right that the State should intrude with these topics into my child’s private time and thoughts? The content deserves scrutiny from parents before the children are involved. At least, not done in school, we get a letter and know about it at home.

But how can the project ethically ask my child to give their consent to share intimate details not only about themselves but about our whole household and potentially agree to future contact, whilst expressly asking me not to be involved in the decision?

I wonder how pupils will feel whose parents suggest they would prefer their child does not complete it?

Surely if the Department of Education’s National Pupil Database is obligatory it should not assume OK to give out personal contact details to anyone? Some families choose to be ex-directory. Does the cross-purposes use of the Personal Demographics Service make that now impossible?

Should our children and parents, who trust that their personal details are used for registering for the basic rights of health and education, not be allowed to trust those contact details are held in confidence, rather than shared with third parties?

What is the government thinking about, as it manages our young people’s data privacy?

The National Citizen Service and Health Data stored at the Health and Information Centre

While I was looking more closely at the DAAG (HSCIC) minutes this week as related to care.data, I looked at the approval for consent advice and request for future data linkage with the National Citizen Service (NCS) project, open to all 16 and 17-year-olds in England. The request checked that the consent was appropriate for future sharing of Mental health and Hospital Records with the Cabinet Office.

While I was at it, I took a look a close look at the NCS sign up process. At the bottom of the online register in small print was the required check box to proceed:

I agree to my personal data being stored, shared and used by the NCS Trust and other organisations to inform me of NCS and graduate opportunities and to support the delivery of NCS and its graduate programme. I agree to the NCS Terms & Conditions and Privacy Policy.

Then you need to click down twice, to the T&C and Privacy Policy.
From the Terms&Conditions we need to take another step:

Information about you : We will never pass any details you provide to us on to anyone other than those specified in our privacy policy.

You also need to go to the separate Privacy Policy. which turns out stating there is virtually nothing private about managing your personal data after you enquire at all – but is in fact a  ‘Data Sharing Policy’:

 “By submitting the Expression of Interest form you agree to your personal data being stored, shared and used by the NCS Trust (the data controller) and the following organisations: NCS contractors and their sub-contractors, government bodies, strategic partners of NCS, fraud detection organisations, organisations supporting the delivery of NCS or other organisations (including any organisation running or supporting all or part of NCS in the future).”

You must agree or cannot proceed with the application.

Where does the consent to link to a child’s medical Mental Health and Hospital records get asked I wonder? Does it get expressly asked later in the project or on paper because it does not get asked online in the Young Person nor the Adult/Guardian’s sign up. Is this the consent process the DAAG approved? Is it just meant to be included in the blanket “government bodies”? Perhaps the wording is still to be amended?

Sign the child (and your own ‘Guardian’ details) up for NCS and there is no choice but to accept that data sharing agreement. You must accept it to sign up for the programme but there is an open ended who, when and for what in the blanket consent …”supporting all or part of NCS in the future.” The NCS sign-up and consent doesn’t explicitly mention sharing data with named sub-contractors anywhere either.

The charities involved may do great work. But why Serco? Is this the organisation that we would wish to be managing our young people’s personal data? Think I agree with Navca on this one. By signing away rights …”in the future,” we have no idea WHO will own the data  later.

Should our children who need this NCS programme most, not be allowed to particpate unless their personal and potentially medical details go to all these unknown future places?

UCAS and student applications – further education

When I read recently in the Guardian about Ucas selling student records of our under 18s applying to university I was equally surprised.

At a time when teen deaths from alcohol consumption often mixed with energy drinks appear regularly in the news, it is highly irresponsible to me as a parent, to know that a commercial company promoted new energy drinks by sending cans to 17,500 selected students in order to create a “social media buzz”. I know from my own experience, university is often the place we are first exposed to a regular bar life. And so does business.

This goes far beyond the scope of what our teens signing up should expect their data to be used for. Who will decide what products and what uses of data will be acceptable in future?

I am fed up of these blanket consent approaches which deny a service unless we also sign away the knowledge of our personal habits and preferences for others to commercially exploit.

This mixing of purposes in which data privacy is to one’s disadvantage, is an abuse of trust. And it is the importance of trust and exploiting mixed purposes, which for me, has been so starkly highlighted in the management of our medical records.

Dental Service – the NHS Business Service Authority


When I signed the form to pay for my recent dental treatment I read the small print. The Dental Admin Assistant shared my surprise to find that the data processing takes place outside the UK, and requires data sharing with processors in ‘India or Sri Lanka.” WHO WILL USE IT WHERE and FOR WHAT PURPOSES? I am required to sign the form to agree to pay for my treatment. It gives permission to share with Dept of Work and Pensions, HM Revenue and Customs, local authorities and CCGS (then PCTs). But why should the one signature to bind them all, mean sending my personal confidential data abroad, outwith EU data laws even?

Is there fair processing on this form, does it indicate properly for what purposes the wide ranging bodies will be given access? Surely they don’t all need it for “fraud prevention and to ensure correctness” about my dental check up?

If the government bodies are all working together and can share data at will under these blanket assumptions, without our explicit consent or knowledge, then a great number of people will be rightly concerned. I am concerned by powers this Memorandum gives NHS Protect and the Border Agency from 2011 and I am a legitimate resident. ” To provide a centre of excellence for NHS anti-crime work by applying a strategic, coordinated and intelligence led approach.”  I only went for a scale-and-polish!

This default to wide sharing seems to be increasingly seen as the norm. Surely it should be assumed that the minimum data should be shared with the minimum necessary recipients? Current policies seem to have confused a drive for Open Data with giving away our privacy.

How could it be done differently?

If I sign a form to pay for my dental treatment, surely it should be only that. If you want other permissions, ask in other check boxes. I believe our NHS should be managing our NHS data within our borders, but that is a separate debate.

This blanket consent approach excludes the service unless you are happy to give open ended access to your personal data to Government and its contractors.

Should I not be allowed to have NHS dental treatment, for which I pay on completion, unless my personal details go to all these other places?

Let’s consider an alternative. Enable the ability to say yes to paying for my treatment, without sharing fully identifiable data with other government bodies or sending it abroad.

It is one thing to share truly anonymised data. And quite another to extract identifiable personal details for at minimum ten years or longer. Time limit the consent.

If the 14-16yr old on the What About Youth questionnaire agrees to ‘future contact’ they presumably are agreeing to  having identifiable data and contact data kept with their answers, to enable that future contact.

If children agree to the NCS blanket sign up, they are signed up for an unspecified time. These sign ups remove our children’s autonomy later in life, and they can never get it back.

Right now, I wouldn’t let my children’s personal data anywhere near any of these systems if I wanted to retain any future control of it at all. But do I have a choice? My children are in school, and that will mean in the Department of Education’s National Pupil Database. And they will have NHS records. I see some subject access requests ahead.

Given past historical purposes of the ONSET project at the Home Office, Contact Point and DWP I would want to keep my kids’ data free from all of these.

Some may ask, why does it matter?

Because this joining up of services is interweaving systems whose aim is on the one hand compassion and care, with those on the other which are punitive and controlling. Their aims are not aligned. And inevitably it is the systems which shout loudest, under any government of the day, whose opinion tips the balance of purpose and decision making. And recent claims of micro managing in Health show, top down control usually wins.

Because I believe the earlier we label our children the harder it is for them to become anything more.  Inevitably labels shape expectations. Not only for the individual but those who interact with them. It is only the very best educators and social care staff or police or medics who manage to put those aside and see the individual in each episode of contact. The future intent for care.data is integration of data sharing between medical contact, social care and education, under local authorities, health and wellbeing boards and more. How far would the impact of one wrong label spread in a child’s lifetime, in different places?

Because our children should enter adulthood with as few restrictions placed upon their development and self-determination as possible. Even, I would argue, those children who need the contact with all those organisations. I could argue, all the more so, precisely because they have those extra needs and contact. They may need excellent care and transition between youth and adult services. They need it facilitated first and foremost by qualified individuals who are trusted to do the job they trained for and have a vocational passion to complete. Yes the staff need data, but proportionate to the individual need, for the time period it is needed. We need to protect the extra vulnerable in many extra ways.

And we also need to protect the fundamentals in the Universal Declaration of human rights for all. Everyone in the community should find the free and full development of his personality is possible. Everyone has the right to work, to free choice of employment. In effect, these basic human rights seek to prevent discrimination and interference.

Our young people don’t care about the risks of personal data sharing?

Our young people are more savvy than we give them credit for. In a world of shared selfies and social media, it can be wrongly assumed that they are careless with their own privacy. This  Electronic Patient Records work run by the Academy of Engineering in 2010, with support from the Wellcome Trust, came out with a report and seven key questions p.39 which are very pertinent today. The young people identified themselves the risks of prejudice and discrimination. The concerns they raise are no different from concerned adults. Our young people are switched on to the risks of personal data sharing.

When it comes to our children’s data, organisations should be going the extra mile to be transparent. I believe they should carefully consider how the public will perceive anything that looks hidden. Consents should be all up front on the top layer of sign up forms. One consent per sentence. If you want to contact my children, ask me first. And if you offer a public service, would you consider first not piggy-backing a commitment to sharing with other bodies or commercial companies on to the consent package?

Why these blanket consents fail our children

These blanket consents are ubiquitous in modern data sharing, from the obvious supermarket sign ups, to which even David Cameron does not consent, to the totally surprising in education and health. Yet he happily signed us up under a blanket assumed opt in to be ‘willing research patients.’ This mixing of purposes under one blanket consent, in which looking after your data privacy is to one’s disadvantage, or criticised as selfish, is an abuse of trust. And an abuse of our children’s future freedoms. They fail to give proper governance of who will own the data once shared. They fail to give proper information of what it may be used for. And they fail to clearly limit the time period for which the consent is given, and after which data will be destroyed.

Not only trust, but the needs of genuine purposes in the public interest are undermined by mixing all these purposes into one consent. Worse still, assuming yes for all these conflated uses unless you opt out.

If there had been singular purpose, care.data would have been easier to understand and less likely to have failed to win our support.

I for one, am fed up with blanket consent. We can do it differently. We can do better for our children.

 

{cartoon: From Al.com via Scott Stantis 2007}