Thread

🛡️
Article header

Long Term Harm

Published:

Part 5 - English Schools Have Become Surveillance Institutions

The surveillance of children in English schools isn't just a privacy concern for today, it creates lasting harms that extend far into adulthood and shape the kind of society we become.

Children learn what's normal from their daily experiences. When surveillance is omnipresent from age two onwards, it becomes invisible - not something to question or resist, but simply the way the world works.

Research by childhood psychologists has raised serious concerns about this normalisation effect. Tonya Rooney, a lecturer at the University of New England, Australia, warns that being surveilled from such a young age "may condition children to grow desensitised and immune to being filmed and watched in other spaces, and normalise the abnormal practice of having their every move recorded and observed."

The Office of the Privacy Commissioner of Canada's 2012 report on surveillance technologies and children concluded: "Some have posited that growing up with surveillance as a daily presence may even normalize the practice over time and influence a shift in social norms away from privacy." The report emphasized: "Surveillance in childhood can have a profound effect on understanding privacy later on life. Children learn through experience, and if they do not grow up in an environment where privacy is practiced, they may not learn how privacy works."

When children experience constant photographing, behavoural tracking, biometric scanning, and digital monitoring as standard features of school life, they internalise the message that privacy is neither expected nor valued. They grow into adults who:

  • Accept workplace surveillance without question
  • Don't object to increasingly intrusive government Digital ID schemes
  • View privacy advocates with suspicion - as people with "something to hide"
  • Never learned to value privacy because they never experienced it

This isn't speculation. As surveillance whistleblower Edward Snowden warned: "A child born today will grow up with no conception of privacy at all. They'll never know what it means to have a private moment to themselves, an unrecorded, un-analyzed thought."

This conditioning serves authoritarian interests. A population that has never experienced privacy - that sees surveillance as protection rather than control - is far less likely to resist when surveillance expands into new domains of life.

Data Exists Forever

Digital records don't fade like memories, The embarrassing moment captured on a school's Facebook page when you were seven, the behavioural note logged in CPOMS when you were struggling at age ten, the biometric template captured for school dinners - they're persistent.

The "Right to be Forgotten" under GDPR exists in theory. In practice, it's nearly impossible to enforce comprehensively once data has been shared widely. An image posted to a school blog gets cached by Google, archived by Internet Archive, screenshot and saved by parents. The dataset shared with researchers gets incorporated into published studies. Biometric templates stored by vendors may linger in backups.

Young adults are discovering that their childhood digital footprints follow them:

  • Employers searching online find old school blog posts about behavioural difficulties
  • University references may draw on childhood assessments data
  • Romantic partners stumble across embarrassing school social media posts
  • Identity thieves exploit information from school data breaches - names, date of birth, address, family details.

The first generation to have comprehensive digital records created without their consent is now reaching adulthood. We're only beginning to understand the long-term consequences.

If data exists, it will eventually be breached. This isn't pessimism-it's statistical certainty.

UK governments surveys of educational institutions reveal the scale of the problem:

  • In 2024, 52% of primary schools and 71% of secondary schools identified cyber security breaches or attacks in the previous 12 months
  • Phishing remained the most common threat, affecting 92% of primary schools an 89% of secondary schools that experienced breaches
  • Higher education institutions face even greater risk: 97% identified breaches or attacks in 2024

An ICO investigation published in September 2025 analysed 215 personal data breach reports from the education sector between January 2022 and August 2024 caused by insider attacks. The finding were alarming:

  • Students were responsible for 57% of insider-led breaches
  • In 30% of incidents, students used stolen login details - often simply guessing weak passwords or finding them written down
  • Staff mistakes caused 23% of breaches, including leaving devices unlocked or accessing data without authorisation
  • In one case, three Year 11 students unlawfully accessed a secondary school's information management system containing personal information on over 1,400 students

Schools and EdTech companies lack the sophisticated security infrastructure of financial institutions or government agencies. They're handling sensitive data about millions of children with limited cybersecurity budgets, overstretched IT staff, and teachers who may not understand data protection principles.

When breaches occur, what gets stolen is devastating:

  • Names, address, dates of birth - perfect material for identity theft
  • Behavioural record and SEN information - potential blackmail material
  • Photos of children - which can be used for deepfakes or worse
  • Biometric data - which can not be changed if compromised
Chilling effects on Development

Children are aware that their behaviour is constantly monitored, scored, and recorded learn to self-censor. They become less willing to take risks, make mistakes, or express unconventional opinions - all essential parts of healthy development.

Research on surveillance and child development has documented these concerning affects.

Academic studies note that "reliance on surveillance-based approaches to monitoring online activities of children (aged 5-14) may actually be leading to a greater danger: a decrease in opportunities for children to have experiences that help them develop autonomy and independence."

Professor Jason Nolan of Ryerson University, who researches early childhood and technology, found that children as young as 18 months are aware they are being watched and require privacy and autonomy for healthy psychological development.

When teachers are also surveillance operators (logging concerns in CPOMS, photographing constantly for Tapestry, tracking behaviour for ClassDojo) children learn they cannot fully trust the adults meant to support them. Every interaction might be documented. Every confidence might be logged.

This fundamentally alters the teacher-student relationship, transforming what should be supportive mentorship into monitored compliance.

Parents have lost meaningful control over their children's privacy:

  • State education is compulsory, and accessing it requires surrendering children's data
  • Photo consent forms are buried in enrolment paperwork with vague language
  • CPOMS records are created without parental knowledge or input
  • Schools share data with the National Pupil Database without requiring consent
  • Parents who try to protect their children's privacy find them excluded or stigmatised

The trust relationship between parents and schools - essential for effective education - breaks down when schools operate surveillance systems that parents cannot meaningfully opt out of or even fully see.

This isn't a partnership. It's coercion dressed up as safeguarding.

The harms described in this part compound over time. Today's surveilled children become tomorrow's surveilled adults, who raise the next generation of children in an even more comprehensive surveillance infrastructure. Privacy, once lost, is extraordinarily difficult to reclaim - especially when an entire generation never experienced it to begin with.

Sources:

  • Minut, "Growing Up in the Age of Surveillance," July 30, 2021, https://www.minut.com/blog/growing-up-in-the-age-of-surveillance
  • Office of the Privacy Commissioner of Canada, "Surveillance Technologies and Children," 2012, https://www.priv.gc.ca/en/opc-actions-and-decisions/research/explore-privacy-research/2012/opc_201210/
  • Fotel and Thomsen referenced in "Editorial: Surveillance and children," Surveillance & Society, July 6, 2010, https://www.researchgate.net/publication/284957216_Editorial_Surveillance_and_children
  • The Globe and Mail, "When does protecting your child become invasion of privacy?" February 21, 2014, https://www.theglobeandmail.com/life/parenting/when-does-protecting-your-child-become-invasion-of-privacy/article17041213/
  • UK Government, "Cyber security breaches survey 2024: education institutions annex," April 8, 2024, https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024/cyber-security-breaches-survey-2024-education-institutions-annex
  • Infosecurity Magazine, "ICO Warns of Student-Led Data Breaches in UK Schools," October 6, 2024, https://www.infosecurity-magazine.com/news/ico-student-data-breaches-uk/
  • UK Safer Internet Centre, "New cyber security data reveals the impact of attacks on schools," June 11, 2024, https://saferinternet.org.uk/blog/new-cyber-security-data-reveals-the-impact-of-attacks-on-schools/
  • Nolan, Jason, and McBride, Mercedes, "The Stranger Danger: Exploring Surveillance, Autonomy, and Privacy in Children's Use of Social Media," 2011, https://www.researchgate.net/publication/345131745_The_Stranger_Danger_Exploring_Surveillance_Autonomy_and_Privacy_in_Children's_Use_of_Social_Media
  • Snowden: 'A child born today will grow up with no conception of privacy' https://www.computerweekly.com/news/2240211686/Snowden-A-child-born-today-will-grow-up-with-no-conception-of-privacy

Replies (0)

No replies yet. Be the first to leave a comment!