“The student’s school attendance and classroom work participation are complicated by serious behavioral issues, limited ability to concentrate, emotional instability; the student is also having trouble maintaining friendships,” reads one description by a class teacher of a student who yelled during class and wrote “the teacher is stupid” on the chalkboard.

Unacceptable leak

“This summer, a boy came to the kindergarten and said his mother had hit him and that he has backache. He had exhibited signs of physical punishment before. The kid has been living with his father since then,” a letter sent to the police about an orphan whose mother regained her parental rights in court reads.

“Fits of rage manifested in destroying school property and physically attacking (using feet, hands and head) the body and head of a teacher who intervened. It took the student 30-45 minutes to calm down,” a school psychologist described repeated tantrums of a student on their personal development card sent to the Rajaleidja counselling committee.

These are only a few examples among hundreds that came up when the author set about combing through the database after a few cases were highlighted.

The Estonian Schools Information System (EKIS) holds roughly 4-5 million entries entered since 2009. The system combines the document registers of more than 500 schools and kindergartens. This means that the total number of documents and identities of people improperly made public stretches into thousands at least. Sensitive information leaked from the document registers of around 50 institutions.

It was possible to monitor the progress of a child from one document to another over several years: from counselling program Rajaleidja’s recommendation to move them to the opportunity class to criminal charges of physical abuse.

Descriptions of close relatives of at least two very well-known persons could also be found on EKIS.

Chancellor of Justice, Ombudsman for Children Ülle Madise believes it is utterly unacceptable this kind of data was publicly available. “The situation needs to be resolved as quickly as possible. We need to find out how it was possible and what to do to make sure it would never happen again,” Madise told investigative journalism program “Radar”.

Local governments, Police and Border Guard Board, Innove Foundation, education ministry and hospitals that maintain similar information systems also said that public access to sensitive information cannot be allowed.