The Police National Computer (PNC) data

As part of research on the effectiveness of public policies, IFS researchers sometimes use data from the Police National Computer (PNC) database.

The data

The Police National Computer database records information about offending behaviour for people over age 10 (the age of criminal responsibility). The data contains information about offences committed (for example, the date and type of offence) as well as information about outcomes in the criminal justice system (for example, trial verdict or sentence). The PNC data collects information at the individual-offence level.

In its entirety, the PNC data contains information on an offender’s personal information (such as name, address, and date of birth); characteristics (such as gender, ethnicity and disability); and details of the offence committed. The data are collected by the Ministry of Justice, as part of administering the criminal justice system in England.

The PNC data have been matched to the National Pupil Database (NPD), a longitudinal database linking pupil/student characteristics to school and college learning aims and achievement information for children in state-funded schools in England. These datasets have been matched to understand characteristics, attainment and absence of children and young people who have contact with the criminal justice system.

Which parts of the data we use

We do not use the data in its entirety and we do not receive any directly identifying information about you such as your name, full address or full date of birth. to carry out our research. Although directly identifying information has been removed because the data we use is sometimes very detailed, there is a small risk that you could be identified which is why your data are protected by law. To reduce this risk, we carry out data minimisation. This means that we only request and receive the information that we need to carry out our research. Different research questions use different extracts of data to ensure that we only access data that is strictly necessary for the purpose in question, and all access to the data is strictly limited to the named researchers working on that research project.

What we use the data for

Work using the PNC database aims to investigate the effectiveness of interventions targeted at children and families on offending behaviour by children and young people. For example, we are conducting a project evaluating the impact of Sure Start Local Programmes and Children’s Centres on children and young people’s offending. We process the records of only a subset of children – those born in the early just before and during the Sure Start rollout who may have been exposed to Sure Start centres. To perform this research, these data are linked (by DfE) to other data we have collected, for example information on where Sure Start Local Programmes and Children’s Centres were located in order to measure children’s exposure to the programme.

Processing of PNC data includes:

  • Creating summary statistics
  • Using statistical techniques and modelling to answer research questions

How long will we keep the data?

PNC data that are made available via the ONS’s Secure Research Service are stored for the duration of a research project. This is typically two to four years, but extensions are given when necessary in order to complete longer-term projects.

How do we take care of your data?

Access to these data is restricted and tightly controlled and are only accessed by us in the Office for National Statistics “Safe Setting” called the Secure Research Service. No data is stored directly by us. Applications to use the data are strictly vetted by the Department for Education (DfE) and the Ministry of Justice (MOJ) and any researchers have to be approved via the ONS’s Approved Researcher Scheme. Individual researchers are also vetted by the DfE and MOJ, which among other requirements conducts a criminal record check on all researchers using the NPD data.

We ensure that all our researchers who use these data receive training on how to use the data safely. Only approved researchers working on projects that have been deemed to have public benefit are able to use the data, and they can only use it to answer specific research questions that have been approved in advance. We will only ever publish non-disclosive outputs which have been approved by the Safe Setting, which means that it will be impossible to identify you from anything that is published.

All researchers are vetted and trained and access is restricted only to those researchers working on the project. In addition, IFS has external accreditation in data security – we are compliant with ISO27001:2013 and we are Cyber Essentials certified.

Legal bases for using the data

Our lawful basis for processing these data is: legitimate interest, section 6(1)(f). We have a legitimate interest in conducting non-commercial, robust social and economic research to inform research and policy.

Because these data sometimes contain information about your health and/or ethnicity, they are classed as Special Category data. Our lawful basis for processing this special category data is:

Article 9(2)j processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

Your rights

This webpage is designed to inform you how we are using your data.

Because we cannot identify you and we do not have direct control over the data, it is not possible for us to process other requests in respect of your rights. If you would like to exercise any of your rights please contact the Department for Education @email.  They will deal with your request and any outcome of your request will be passed on to us by them.

If you have complaint you can contact the Information Commissioner’s Office

Our contact details

If you wish to discuss the way that we use your data, please contact Sarah Cattan [email protected] or you can write to her at

The Institute for Fiscal Studies
7 Ridgmount Street

If you have concerns over the way that we use your data please contact the data protection officer you should email @email or write to them at the above address.