Children’s Private Information: Data Protection Law Debate

Full Debate: Read Full Debate
Department: Department for Education

Children’s Private Information: Data Protection Law

Baroness Wilcox of Newport Excerpts
Monday 12th December 2022

(2 years ago)

Lords Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Baroness Chapman of Darlington Portrait Baroness Chapman of Darlington
- Hansard - - - Excerpts

To ask His Majesty’s Government what steps they are taking in response to the reprimand issued by the Information Commissioner’s Office to the Department for Education on 6 November for breaching data protection law regarding children’s private information.

Baroness Wilcox of Newport Portrait Baroness Wilcox of Newport (Lab)
- Hansard - -

On behalf of my noble friend Lady Chapman, and with her permission, I beg leave to ask the Question standing in her name on the Order Paper.

Baroness Barran Portrait The Parliamentary Under-Secretary of State, Department for Education (Baroness Barran) (Con)
- View Speech - Hansard - - - Excerpts

My Lords, the department takes the security of the data that it holds extremely seriously. At the time of the breach, it was already working closely with the Information Commissioner’s Office. The department has made significant, positive progress in improving its processes. The ICO has recommended in the reprimand notice that the department continue with its current improvement plans, and we will publish an update in early 2023.

Baroness Wilcox of Newport Portrait Baroness Wilcox of Newport (Lab)
- View Speech - Hansard - -

My Lords, I thank the Minister for her Answer, notwithstanding—for noble Lords who are not aware—that the Information Commissioner’s Office formally reprimanded the DfE for prolonged misuse of the data of 28 million students over a 16-month period. The department breached GDPR by allowing online gambling companies to use pupil information to build their age verification systems. The reprimand concluded that the processes put in place by the DfE were woeful. Can the Minister confirm how this happened, how the Government will prevent such a shocking breach happening again and whether they will apologise to the 28 million students affected?

Baroness Barran Portrait Baroness Barran (Con)
- View Speech - Hansard - - - Excerpts

I absolutely understand why the noble Baroness probes hard on this Question. The Government have made significant changes to their learner registration system, and those were noted by the Information Commissioner’s Office in its letter to the department in November this year. We previously did not have a centralised data protection function in the department. We were in the process of setting it up when we discovered this breach, and it is now in place.