Usernames - Should they identify a pupil?

[Edu-IT]

Bit of an odd title, but I couldn't think of anything more appropriate.

I was discussing with John last night network usernames and he told me that according to BECTA you should not use usernames for pupils that identify them by age or name, such as 09jbloggs.

Has anyone got any links to this information? Anyone do it?

[tmcd35]

I think I read this on the Becta site once. My reading of it would be...

• no year identifier
• no gender identifier
• no full names
• no firstnames

So JBloggs is fine but 09JBloggs, JohnBloggs, JohnB, 09BloggsJohn - would all be bad as they all contain quiet a bit of info that makes it easier for an outsider to identify the exact student?

Personally I can't see any other way of creating 800 unique usernames that the students will remember other than use their surname in some way.

[Edu-IT]

I suppose you could use a unique ID if they have one in SIMS/SERCO MIS etc.

[plexer]

I can't see an issue with usernames which are local to your school lan.

It's more things such as email where the address should identify their, age, gender, location esafety guidelines really.

Ben

[Edu-IT]

It's more things such as email where the address should identify their, age, gender, location esafety guidelines really.

That I can understand.

[Dos_Box]

Sounds like a typical piece of advice given by people who haven't quite followed things through. A couple of points though:

1. Does the username and password get used in a public place or outside the school?
2. Will teachers only ever use their childrens pupils number to adress them when outside of the school on trips etc?
3. Will pupils ever be able to identify themsleves by a random series of numbers\letters given to them and remember it and will the school pay for someone to man the 'I've forgotten my username' desk?


Nice when you're given advice without a few examples of solutions!

[AngryTechnician]

For the very reasons Dos_Box touches on, this is why Becta struggles to gain respect from a lot of school technical staff, myself included. So much of their advice is half-baked I rarely even bother to read it these days.

All my logon usernames include the person's real name, and always have. I'd actually like to hear an example of why it would be bad to use this even for email addresses, because I'm having a hard time imagining a scenario where a student would be using their school email address publicly with a requirement of anonymity.

[SC-UK]

A school I know uses roll numbers (I think I mean roll numbers) from SIMS.

Pupil knows this number well as it is used for other things.

[laserblazer]

12bloggsf would be year 5 here!

[Gibbo]

12bloggsf would be year 5 here!

That will be my year 7 intake in September 2012!

[GrumbleDook]

With all respect to DB and AT ... B*11*cks

Becta put out the recommendation based on data protection guidance and esafety guidance from a heap of places and just collate it. Having a go at them for doing this is pretty pointless and hiding your head in the sands about wider issues.

1 - a kid emails a mate about something, who then replies but includes a mate outside of the school. The person outside of the school is an adult, and then now might have name, approx age (cause they understand that 09 at the beginning of the userid in the email means they started at the school in 2009) the surname or forename (so many schools have it as jbloggs or janetb) and they are also likely to get the forename from the email too. It is not about a single piece of data that makes it dangerous but when you string it together.

2 - People hate giving real, flesh and blood people a number as their identity. "I'm not a number, I am a free man!" I hear you cry ... well, how many of use know our NI number off the top of our head. I am pretty sure that ex-forces / police / etc can remember their numbers too! There is nothing wrong with introducing this to the kids as long as it is done in a timely, professional and sensible fashion. Roll numbers from MIS are fine ... if your school uses ID cards then get this number onto the ID card. If someone wants a password reseting then just ask for their card. Job done ... simples!

3 - When Becta (and others) give guidance or a framework too many people say "this is the way we have now been told to do it!" so they don't give too many examples anymore because people don't think for themselves and just point the finger if it is not right for their school. They just can't win. Before you have a go at the lack of examples about it why not say ... "hey, let's think of some ways to improve this!"

I bet that if I was to suggest we do this though we will get a slack handful that say something, but people are more than happy to jump on the bandwagon about BSF, job applications, salary scales ... I guess we all have different priorities.

[soveryapt]

I have to agree with GrumbleDook on this one. The important word in all of this is GUIDANCE. They offer advice for solutions and better ways forward of doing things for us in schools, this doesn't mean we have to jump at it and obey their every offering, but simply look at the procedures and form our own best practice that will work for the school.

As GD pointed out, it's not the one piece of information, but the string of it together. It's a sad state of affairs that we live in a world where we have to be so aware of potential abuse scenarios.

In one of my schools, we're looking at ways of stopping pupils using the current e-mail systems at home, as they don't have any need in this particular school to do that. This will probably end up being a internally hosted solution (we have Exchange, so will probably look to introduce students onto this as well as staff) but its for that very reason, abuse. We firstly don't want them to go accessing all the e-mails for the other pupils as they have the same password to make it easier for our ICT Coordinator, but for cyber-bullying as well as the other even less savoury versions of abuse.

Anyone who gives out advice, unless it comes with a law backing it that we should adhere to x y and z we should look at with our sensible heads on and see if there is even a glimmer of something that we can use to make our networks and system more secure and less open to any form of abuse for/by/to the pupils.

That said, using a roll number doesn't remove that personal touch unless they're going to send an e-mail from 12345@school.com to pupil 67890@school.com saying:

Dear 67890

Blah blah .. yatta yatta ..

Regards
12345

then it's a bit pointless. Ok, from logistical points of view, using their roll number is great as you're not going to get duplicates (well, you shouldn't do).

Anyway, I think I've said enough for now! lol.

[AngryTechnician]

That said, using a roll number doesn't remove that personal touch unless they're going to send an e-mail from 12345@school.com to pupil 67890@school.com saying:

Dear 67890

Blah blah .. yatta yatta ..

Regards
12345


then it's a bit pointless. Ok, from logistical points of view, using their roll number is great as you're not going to get duplicates (well, you shouldn't do).

My point exactly. The email address is used in isolation so incredibly rarely that any message including their email address is almost certainly going to include their real name as part of the message. So, no disrespect GrumbleDook, but the example you gave is one I had already considered and I don't think it holds much water. You are quite right in saying that "it is not about a single piece of data", which is precisely why I would argue against using a roll number from MIS, since that's a second piece of data the 3rd party now has in addition to the name that was in the message.

My criticism of Becta was a general one, not just to do with the DP guidance the OP mentioned. They do also put out recommendations that aren't simply based on collations of other people's guidance; last time I checked they were still insisting that Schools Agreement was bad value for money (which I disagree with) and their report 2 years ago that concluded Office 2007 was not worth upgrading to used a frankly laughable methodology.

[GrumbleDook]

@The AngryTechnician
The example was from several real ones, where one child who had been groomed / molested was forced to help groom another child and from where someone used family members and friends to unwittingly get access to kids that could be susceptible to grooming. That is the reason I raise it.

I know it is about managing the risk and some schools will choose to educate pupils and staff to try and protect that way, others will choose solutions such as anonymising userids. I just don't want people to think that the things put forward have not been thought about carefully.

It is also worth saying that the roll number is a school specific piece of information that is only used for set reasons, and should it be used by someone you would not expect it from then alarm bells ring. An example would be spammers randomly sending to number@school.com and not having a first name to say "dear 21435" instead ... so Roll Number is not a sensitive piece of information and unlikely to contribute to adding significant data to identify someone (paraphrasing comments from the company who looked at DP for Becta).

[AngryTechnician]

I appreciate the example is both real and horrifying, but I maintain that having a pseudonymous email address would probably not have helped in such a case, so I just don't think it was a great example of why we shouldn't use names in email addresses. That said, I did find an example (below) which I think does make a good case for an email address that isn't simply their name.

On re-reading the thread it occurred to me no-one has yet posted where this guidance on usernames/email addresses actually came from. I couldn't find anything from Becta about usernames specifically, but I found two references on email addresses:

1. The first, here, talks about the requirements to become an accredited ISP, and says:
   
   

   The provider will enable the institution to reduce the risk to pupils by having email addresses that protect pupils' anonymity.

   As per my above argument, I don't believe that obfuscating/omitting the students name in their email address does protect their anonymity in the vast majority of cases.
   
   
   
2. The second piece of advice I could find is this page which says:
   
   

   Careful consideration should be given to the format of email addresses to reduce the risk of unsolicited attention directed towards individual pupils from people outside the school. For example, if individual pupil addresses were created in a format such as firstname.lastname@schoolname.geogra...ation .sch.uk, there is a risk of people from outside the school being able to guess a valid email address and hence contact pupils direct. This is reduced if a non-specific convention is used, such as a combination of letters and numbers.

   This is certainly a different way of looking at it; one I hadn't considered, and that I agree with. It's not anonymity that is compromised, but their protection from exposure to unknown 3rd parties. This is mitigated somewhat by the fact that the 3rd party must either already know the name of the pupil, or is planning to simply guess some common names.

This is sound advice, but I stand by my criticism of some of Becta's other work, which can tend towards 'ideal world' examples rather than pragmatism, something I think is often desperately needed by schools suffering from a lack of experienced or skilled IT staff. Something can be thought through carefully and still be in need of having common sense applied. In addition, there is a difference between not reading Becta's guidance religiously and sticking my head in the sand. Other methods of policymaking do exist.