ContactPoint: Even more nightmarish

July 23rd, 2007

Thanks to Dare to know:

The ContactPoint regulations slipped through the House of Lords on Wednesday 18th, despite resistance from a number of sources, including ARCH. Hansard has the full story.

Look at some of the evidence supplied to the House of Lords. Firstly, from Carpgemini the contractor:

* Up to 330,000 registered users.
* Database will contain records of all 11 million children in England.
* Approximately 200,000 enquiries per day, peaking at about 50 transactions per second.
* Average response times of 1 second for a keyed enquiry.
* 99.9% availability for 24 hours a day, 7 days per week.

That is a lot of accesses. It means that one million accesses per week will be made, and that the entire ContactPoint database will be copied in not less than 11 weeks.

and the nspcc chimes in with something completely illogical:

2. Paragraph 4(1)(a) refers to a child “who at that time is ordinarily resident in England.” We are concerned about how local authorities will interpret “ordinarily resident’ as it could result in particularly vulnerable children being excluded from Contact Point. We have previously raised this matter with the DfES, as neither the draft regulations nor the draft guidance gives a clear interpretation of this. The potential consequence of this is that vulnerable groups of children could be left outside the remit of Contact Point. For example, adults may present children as only being temporarily in the country, as in the case of Victoria Climbié. These children may in fact be trafficked, privately fostered or sent to this country to work and are arguably some of the most vulnerable – because they are often invisible – children in the country.

3. We would suggest that the DfES review this regulation as a matter of urgency. We would propose that the definition used in the Children Act 1989 under section 47(1) (a) “Where a local authority are informed that a child who lives, or is found, in their area” is a better guide for local authorities. In our view it would be better inappropriately to include a child on Contact Point and remove them at a later date than not to include them at all.

Retention of information – Regulation 7

4. We have previously raised concerns in relation to Regulation 7. If it is intended to archive information until the age of 24 years then this should be with the consent of the person concerned when they attain the age of 18 years. Although the information is archived, this measure arguably extends the database well into adulthood. It raises serious concerns about the privacy and confidentiality of information about a person’s childhood. This is possibly one issue which children and young people and parents have not sufficiently been consulted about.

My emphasis.

So, they want people innapropriately put into this monstrosity? Obviously they have no idea about databases and that in order for them to be really useful, they have to be accurate.

They say that, “It raises serious concerns about the privacy and confidentiality of information about a person’s childhood”. Why should this be of concern to someone only when they are 24? What about the concern of the parents?

Not very clear thinkers these people.

But there was someone with their brain switched to ‘on’:

Memorandum by the Young NCB (Young National Children’s Bureau)

1.  Young NCB, the young people’s membership network run by NCB, have submitted a set of comments on ContactPoint which the organisation has gathered from young people previously involved in DfES’ consultation processes on the scheme. Those concerned are all aged under 18.

Do you think that ContactPoint will adequately achieve its aim of “supporting more effective prevention and early intervention, to ensure that children get the additional services they need as early as possible”? If so, can you say what you think the benefits of ContactPoint are? If not, can you explain any reservations that you may have?

2.  I think it is possible in some cases ContactPoint will lead to earlier intervention, but I think the benefits are completely outweighed by the risks. The irony is that the people this system aims to help, those in danger of abuse, may not even be on the system if they don’t have a school or a doctor in which case they will still slip under the net.

3.  I think that ContactPoint will only achieve its aim if thorough and extensive training is given to all professionals using the system. If everyone concerned does not use and understand the system, it will fail. I think that to a certain extent ContactPoint will help, since it should encourage information-sharing and more contact between professionals.

Do you think that the interests of children, young people and families have been adequately taken into account in the proposals for ContactPoint? Can you give reasons for your answer?

4.  No, hardly anyone knows about ContactPoint, probably because the government are aware of what would happen if people did find out, i.e. a huge backlash and public outcry. They’ve spoken to about 15 people and when I worked with them I found them patronizing and unhelpful, they’ve clearly made up their mind regardless of what we think.

5.  The fact that children may refuse to allow their details to be on the index, but that this may be overridden suggests that this notion of a child’s ‘consent’ is practically meaningless. What is even more worrying is that young people will ‘not necessarily’ be told if their wish has been overridden.

6.  I am also not convinced about the security measures in place to stop the system being abused. Computer systems are never, ever completely safe; the threat of hacking is always there. Plus there is always the danger that a professional might use the system to gain personal details about a child or children. It would only need one or two instances of child abuse resulting from exploitation of the system being splashed all over the media for the public’s confidence (and most importantly young people’s and families’ confidence) in ContactPoint to be destroyed. It is worth thinking about whether this risk is greater than the potential benefit gained from the system. I think that extremely harsh penalties for abusing ContactPoint would need to be in place to help stop this happening, but even that could not be wholly successful.

7.  I am also worried that young people’s personal liberty will be hugely undermined by this system. Dozens of people in their local area – perhaps more – will be able to access personal details and, possibly, very sensitive information about them.

8.  I also do not think that a wide-ranging enough consultation has been carried out for ContactPoint. The huge majority of children and young people have absolutely no idea about the proposal, and so when ContactPoint arrives they will have no time to voice their concerns.

If you have other comments to offer, feel free to do so.

9.  The flaw in this system is not the system itself rather human nature, in that with access to this system people can make all sorts of harmful assumptions, particularly when people are ‘flagged’ or seen to be using sensitive services. The other big worry is that knowing people will potentially have access to this information will stop people using sensitive services, and considering we have the highest teenage pregnancy rate in Europe and binge drinking is on the rise that’s not a risk we can afford to run. The system is too big to be safe, too many people have access to private information and children’s right to privacy is being completely disregarded, a very dangerous situation to be in.

Ah yes, intelligence!

Another group that bought a clue:

Security of data:

27. ContactPoint is a national database partitioned into local authority areas. Although the regulations will specify the categories of practitioner to be granted access, the final decision as to who may do so will be left to local authorities. The government expects that around 330,000 people will have access to ContactPoint.

28. It is impossible to create a system on this scale that is both functional and secure. The government tacitly acknowledges this by advancing an intention that the records of celebrity children and those who are, for example, escaping domestic violence will not appear on ContactPoint. Nonetheless, the government insists that the system will be secure and points to the fact that everyone with access will undergo CRB checks; access will be by two-factor authentication and an audit system will detect improper access.

29. Criminal record checks have limited value. Within the education and social care sectors, increasing numbers of staff are from overseas and it is not possible to check their histories beyond, at most, obtaining information as to whether they have criminal convictions. Schools are advised that:

‘If attempts have been made to make checks (through obtaining a Certificate of Good Conduct or similar) but it has not been possible then the school is not required to take further action.’ [31]

At best, CRB checks detect known criminals but it is well known that paedophiles have usually committed many offences before being caught, if they are caught at all.

30. The Criminal Records Bureau warns:

The CRB cannot currently access overseas criminal records or other relevant information as part of its Disclosure service. If you are to recruit people from overseas and wish to check their overseas criminal record, a CRB Check may not provide a complete picture of their criminal record that may or may not exist.[32]

31. Two-factor authentication does not protect the system from all outside attack, particularly as ContactPoint will be accessed via Internet protocols, nor does it prevent careless disclosure or the unauthorised sharing of login information. Last year The Leeds Teaching Hospitals NHS Trust reported a ‘wholesale sharing and passing on of system log-in identifications and passwords’, recording 70,000 cases of inappropriate access to systems, including medical records, in one month.[33]

32. An audit system does not prevent all improper access. The Police National Computer, for example, has a substantial audit resource and yet the Independent Police Complaints Commission comments:

‘Every year sees complaints alleging the unauthorised disclosure of information from the Police National Computer. Forces have reviewed their methods of preventing unlawful entry but there will always be a few officers willing to risk their careers by obtaining data improperly.'[34]

33. Given the scale of what is proposed, it is vital that ContactPoint does not go ahead until Parliament has ensured that all of the security issues are resolved. Indeed, consideration of the regulations will be Parliament’s last opportunity to ensure that ContactPoint does not in fact endanger children and their families.

34. ContactPoint is not essential. The traditional method of finding out who else knows a child is to ask the child or parents. If professionals are competent and ensure that families have their contact details, this system works well (unless there are genuine child protection concerns). It also leaves control of personal information with parents and children in accordance with their Article 8 rights to respect for their private and family life and freedom from unnecessary state interference.

And finally, the a last gasp of common sense from The Lords:

The Government intend to use the system to improve the care of and provision for children. Their intentions are of the best kind and are shared in principle by all noble Lords. Yet it is the very system that they seek to rely on that risks stigmatising children and discouraging them from seeking help where necessary.

The Minister said that the regulations had the backing of many children’s welfare organisations. However, the majority of young people and parents consulted by the DCFS oppose the measures, and the major children’s charities—the NCB, the NSPCC, Action on Rights for Children and a coalition led by BAAF—have voiced serious objections. Noble Lords will have received the excellent briefing from the Independent Schools Council.The ContactPoint system, we are told, is intended to prevent another Victoria Climbié situation. However, that is not quite accurate. The agenda for the collection of children’s data began with the programme originally called “identification, referral and tracing”, which predates the Laming inquiry and does not mention child protection in its original criteria. Moreover, the child protection specialist Chris Mills has already ascertained that the system would not have applied to Victoria Climbié, given her temporary residency in this country.

We all wish to see an end to the horrors that befell Victoria Climbié and others. Inasmuch as the system will create a culture of over-reliance on what will always be a flawed database, it would divert attention from the children who most need protection from those who profess to care for them. It appears that the children of the rich and famous may be exempted if there is a risk of kidnap. While I fully understand why that should be the case, it strikes me as the most damning admission of the inability of the system to protect the details of children, not to mention the injustice of treating one set of children differently from the rest.

Indeed. My emphasis…. and yet, it passed.

[…]

http://www.publications.parliament.uk

Reading through all of the submissions makes ContactPoint seem like even more of a nightmare, if that is possible. Because people are so very stupid.

The response from Barnardo’s is astonishing in its complete lack of any real understanding about this system and what it will really do and the real issues swarming around it:

8. The trailblazer authorities and DfES have consulted with children and families, particular on matters such as confidentiality and security. Barnardo’s experience within the trailblazer project was that young people want to be able to access services when they need them and they make a connection between this and information sharing; we found this particularly in cases of young people with disability, where they did not want to tell their story over and over again.

9. ContactPoint will contain no case data, simply demographics to help practitioners verify that they are working with the same person. It will be up to practitioners (as is the case now) to decide what they can share, with whom and how much. Again, work in the trailblazers (Sheffield in particular) illustrated that young people are happy for their information to be shared where they and their needs are respected and where information is shared appropriately for purposes which they understand.

So they don’t want to tell their story again and again, yet the DB will not hold these stories. Amazing.

What also shocks me is the fact that children were consulted about something that is beyond their capacity to fully understand and that will have consequences not only for them both as children and into their adulthood, but for their parents and the next generation of children. Every aspect about consulting children over ContactPoint is wrong; the only people who should have been consulted are parents, since ContactPoint will hold the data of people who are not legally responsible for themselves.

Perhaps ‘consulted’ is not what they really mean; its more likely that they ran some focus groups to see what the reactions were.

I am amazed that organizations dedicated to protecting children are FOR contact point; they must be amongst the most delusional people out there, and their total disregard for human rights is breathtaking. These people act like children are created in hatcheries and are a form of state property, without parents, families or any rights.

What a terrible business!

One Response to “ContactPoint: Even more nightmarish”

  1. BLOGDIAL » Blog Archive » ContactPoint: the BLOGDIAL predictions begin to come true Says:

    […] http://irdial.com/blogdial/?p=770 “None of these incidents led to data in ContactPoint being compromised, none involved any data being printed or downloaded from ContactPoint, and there is no evidence that any of these instances indicated malicious intent.” […]

Leave a Reply

You must be logged in to post a comment.