How does allowing pupils to edit and manage there data affect the dpa.
Pupils would then have the option to hide data.
They can also use ficticious data eg town if they want. As a school we only need their names and their enrolement to courses and staff access to the pupil e-mail addresses and this could be through pupils beimg subscribed to forums.
Surely we are then only looking at the security of the data, eg unauthorised access.