MoD requests sensitive pupil data… by mistake

MoD requests sensitive pupil data... by mistake

The Ministry of Defence (MoD) has been blocked from obtaining highly sensitive personal data about school and college students, which had ostensibly been sought in order to help “target its messaging” around military careers.

A request to access the National Pupil Database (NPD) – which includes children’s addresses, absence figures and parental occupation – was made on behalf of the MoD last year. A spokesman for the government department told Schools Week this was an “error” made by an individual and not in line with its policy.

But ForcesWatch, a campaign group scrutinising army recruitment policies, said the fact the request was denied showed “how inappropriate the MoD’s intended use of the data was”.

The news came to light after the Department for Education (DfE) released details of all requests to access the NPD as part of its transparency process. Only nine out of more than 460 applications since 2012 have been refused.

The level of access requested by the MoD is labelled as ‘Tier 1’ and, if granted, enables users to see the most personal data possible about children.

It includes their full name, address, date of birth, ethnicity, detailed descriptions of a child’s special educational needs, if their parents are in the services, personalised exclusion and absence figures, as well as whether they receive free school meals and details of their academic progress.

The stated purpose of the MoD’s request was: “To determine if we can use targeted messaging to better inform young people of the career opportunities open to them in the Army (Regular and Reserve) so that their decisions about seeking a full or part time job are better informed.

“Details of courses/training an individual is undertaking will enable us to better focus the information we will send them.”

Mod3-rip

Since the transparency release, the MoD has stressed that the application was made by an “individual outside the Army’s recruitment branch”.

Applying to use the NPD is an extremely complex process. As part of 20 security questions, it asks applicants to provide their computer’s encryption details, as well as details of their network’s settings. For Tier 1 level data, applicants must describe line-by-line why they need each piece of sensitive information and why they are unable to use less sensitive information.

mod2-rip

For information to be released, approval must be given by senior DfE staff on the Data Management Advisory Panel.

A DfE spokesperson said: “We only disclose information from the NPD for the purpose of conducting research and analysis that will promote the education or well-being of children in England.”

Owen Everett, from ForcesWatch, said: “That the MoD have now attempted to obtain this vast database of school students’ personal data in an attempt to improve Army recruitment, at a time when Army recruitment continues to be struggling, and when the armed forces policy of recruiting 16 and 17 year-olds is shortly to be challenged in a judicial review, is no coincidence.”

He noted that children with few formal qualifications are overrepresented in the infantry and had a much greater risk of being killed.

“Which students in particular was the Army looking to better target their recruitment at?”

An MoD spokesperson said: “We can confirm that a request was made in error to the DfE for access to elements of the NPD by an individual who worked outside the Army’s recruitment branch. This is not in line with Army policy and the request has been halted.

“The Army does not target individual pupils for recruitment purposes. The Army only visit schools and colleges at the request of the educational establishment in question and provides general career advice and curriculum support to schools.”