ContactPoint child database goes live despite security fears


Thinking of the children - but is that all?

By John Leyden • Get more from this author

Posted in Government, 17th May 2009 07:02 GMT


Analysis The Government has announced plans to push ahead with the next phase in launch of a controversial child protection database, despite ongoing concerns about the security of data held on the system.

The delayed ContactPoint system, which is due to include names and addresses on every child under 18 in England, will be accessed by frontline care workers in real-life trials for the first time from this Monday.

Security experts contacted by El Reg remain concerned that information housed on the database might leak out despite ministerial assurances on security provisions that will accompany the roll-out of the directory system.

From Monday onwards social workers, police, schools and health officials will have access to data held on the ContactPoint database. The start of frontline trials, announced in the House of Commons last week by Children's Secretary Ed Balls, follows repeated delays in the development of the system.
. . .
Creation of the multi-million pound database - which will hold information on an estimated 11m children in England in a form of online directory - was proposed in the wake of Victoria Climbié's killing by her abusive guardians in 2000. Police, social services and health agencies all noted signs of abuse in the run-up to her death, but each agency acted in isolation.

The database is designed to give social workers, police and hospital with common access to contact details on children and other professionals working with them, so that care professionals can more easily contact each other and exchange information. Case history files will not be housed on the system.

The database will include details such name, address, date of birth, gender, and contact details for parents or carers for each child in England. Contact details for the child’s school, family doctor and other careers working with the child will also be included within the same cross-reference entry.
. . .
Tim Loughton, the shadow children's minister, said: "Despite serious and widespread concerns about the security, integrity and necessity of this database, ministers seem determined to bulldoze it through."

Alex Burghart, an adviser to the shadow minister for children, told El Reg that the Conservatives were interested in both the financial and privacy implications of the proposed database. He said the opposition planned to call for the publication of a government-commissioned security report from Deloitte, an executive summary of which was published by the government back in February. The Conservatives also intend to closely monitor the progress of the project ahead of the next readiness assessment, which is due out in June.

Critics of the system are united in their belief that security has been designed as an afterthought. The presence of sensitive data with no effective opt-out, and questionable security controls, exercising researchers, opposition and other critics such as the Joseph Rowntree Reform Trust (paper of Database State here).

Many are concerned about how the proposed shielding mechanism will work in practice and whether the functions covered by the database will expand over time, so called mission-creep. Because the database provides a mechanism for registering all children that complements the National Identity Register its evolution and progress has become a political hot potato that New Labour government may find difficult to handle, even if the next phase of its roll-out runs smoothly. . . .

http://www.theregister.co.uk/2009/05/17/contactpoint_follow_up/