3.7 Databases

ITGS students must have a thorough understanding of databases, which form the basis of many IT systems. Chapter 7 of the book covers this topic from basic flat file databases to multiple table relational databases, with detailed examples and practical exercises and projects to help students apply the material they have learnt. This addresses the ITGS syllabus section 3.7 Databases, along with the very common social and ethical issues of 1.1 Reliability and Integrity, 1.2 Security, and 1.3 Privacy and Anonymity. Textbook support resources:

  • Database Management Systems
  • Database structure
  • Flat file databases
  • Normalisation and relational databases
  • Queries
  • Forms
  • Reports
  • Database Integrity
  • Database Privacy
  • Database Security
  • Data protection laws
Textbook exercise - databases

Exercise 7.10

Suggested grading rubric for exercise 7-10 on page 155 of the textbook. This includes grades for table and field design, validation, and queries, plus forms and UI.

Updated: 2014-10-03
Database projects

Help for practical database projects

GCFLearnFree and its YouTube channel have a great range of video lessons for Microsoft Access and other Office applications. Dummies.com has tutorials on several aspects and specific features of Microsoft Access. These resources are also useful for students completing a database for their internal assessment project.
Updated: 2014-10-03

Privacy issues: Lesson activity idea

This short activity works well as a starter task when introducing databases. The lesson can start with a brief discussion of what students think is meant by 'privacy' and in particular 'anonymity', in the context of the ITGS social / ethical issue.

On a small piece of paper, ask students to write down three things about themselves - two which are true and one which is false. They can write the items in any order but must not write their names on the page or share their answers with others.

As a teacher, collect the pieces of paper. Explain to the students that you will read the three 'facts' from one of the sheets and the class must determine who the information relates to, and which fact is the odd one out.

It is often quite surprising how accurately students can guess these things. This can be a good lead into a discussion about whether data really can be anonymous (the pieces of paper the students used were 'anonymous', after all) and the types of data that might be colleted by organisations and businesses.

This activity leads well into exercises 9-14 and 9-15 on page 214 of the textbook (search engine data privacy) and to the articles below about consumer data privacy.
Updated: 2014-10-03
Search engine privacy

Privacy issues: Search engine data

A Face Is Exposed for AOL Searcher No. 4417749 (NYTimes) is an incredibly interesting - and frightening - look at "anonymity". In short, a New York Times journalist is able to track down an interview a woman based solely on her "anonymous" search queries. This article ties in well with exercise 9-14 on page 214 of the textbook.

The data, released by AOL and concerning about 650,000 users, was quickly removed but remains available on several mirror sites - further highlighting the privacy concerns about releasing information on the Internet.
Updated: 2018-06-11
Database privacy issues

Privacy issues: Consumer data

Modern retailers gather and use huge amounts of data about their business and  customers in order to improve their efficiency. The Business and Employment page contains resources detailing how consumer data is collected and used.
Updated: 2014-10-03
Social networks privacy

Privacy issues: Social networks

Like search engines, social networks make a lot of money through targeted advertising - which is only possible by collecting data about their users. Facebook data is greater than the sum of your likes (Forbes) describes how user data is collected and used to infer further information - including a user's gender, race, political affiliation, and sexual orientation.
Updated: 2014-10-03
Database privacy issues

Privacy issues: Data matching

Ordering Pizza in 2015 from the American Civil Liberties Union (ACLU) is a great video speculating how businesses might use data matching (computer matching) on their customers' library records, credit reports, and even medical records to create a wider picture of their likes and habits.
Updated: 2014-10-03

Database integrity issues

The lack of data integrity can cause serious social impacts. While a 'computer glitch' blamed for a 12 quadrillion euro telephone bill may be easy to spot and even quite humourous, other impacts are more serious.

The Transport Security Administration (TSA) is notorious for errors on its terrorist watch list, which has led to many passengers being inconvenienced, including an  Eight-Year-Old boy (Wired) called Mikey (NYTimes).

Elsewhere, Dead girl given truancy warning (BBC) and Outrage at 500,000 DNA database mistakes (Telegraph) highlight the risks of incorrect or out of date data. In the infamous 2000 US election battle between Al Gore and George W Bush, the integrity of a database of convicted felons (who should be unable to vote) was called into question, potentially disenfranchising many voters.
Updated: 2014-10-03
Database security issues

Database security issues

Unfortunately significant database breaches tend to make the headlines every few months, meaning there is no shortage of examples for discussion in ITGS lessons. Also on the rise are 'ransomware' attacks, where hackers encrypt users' data and demand payment to decrypt it. Some companies have paid up to $40,000 to get their data back. Examples of database breaches include:

May 2017: Debenhams Flowers data breach hits 26,000

May 2017: Hacked plastic surgery photos published online

May 2017: India's Zomato says data from 17 million users stolen

November 2016: Mobile phone company Three suffered a security breach when criminals used an authorised Three login to access the company's database and steal personal details. The details were used to intercept expensive mobile phones being sent to customers as upgrades.

September 2016: Yahoo confirmed a 'state sponsored' hacker stole personal data from 500 million accounts back in 2014.

September 2016: Talk Talk were fined £400,000 over the theft of more than 150,000 customer details

August 2016: Personal details of up to 2.4 million people may have been stolen from Carphone Warehouse

August 2016: Accounting and payroll software company Sage said its systems were compromised and data for 280 UK businesses may have been stolen.

August 2016: Yahoo investigated a data breach in its MySpace and LinkedIn divisions, after it was claimed 200 million Yahoo IDs were stolen.

June 2016: The personal details of 112,000 French police officers became publicly available after a disgruntled worker for a support company uploaded them to Google Drive.

June 2016: Chinese hackers were suspected of stealing the details of almost 4 million people from the Office of Personnel Management (OPM), a branch of the US government

April 2015: the US Office of Personnel Management revealed a hack had exposed 1.1 biometric records to unauthorised access. In September 2015 this number was increased to 5.6 million fingerprints.

The textbook details several cases of lost data by the British government, including the Ministry of Defence's loss of personal data of 600,000 people. Many organisations have lost data, including 132 UK councils, the National Health Service (memory stick left on a train), and even  NASA (stolen laptop). Meanwhile, Computer World reports that over half of UK firms have lost data in security breaches.

Not to be outdone, the HMRC lost sensitive personal data of 25 million people after sending it out, unencrypted, on two CDs - which were subsequently lost.

Under the Data Protection Act, companies can be fined for losing sensitive data, and in a few cases this has happened: Zurich Insurance was fined £2.3m in 2010, Shopacheck was fined for losing data on over half a million customers in 2012, and the NHS was fined £200,000 for losing the data of 3,000 patients in 2013.

Updated: 2017-07-04
Online offender database

Online offender databases

Online databases of offenders - sometimes containing photographs and addresses - are publicly available in several US states, and raise important issues related to data reliability and integrity, privacy, and security. Online offender databases are covered on the politics and government page.
Updated: 2014-10-03

Other database examples

Data means a lot to businesses, and understanding it can help them significantly improve their efficiency. So much so, that in 2009  NetFlix offered over $50,000 to anyone who could improve their automatic film recommendation algorithm by 10%. Figuring Out Movies You'd Really Like (Scientific American) explains how.

Casinos use controversial database to net cheats, counters discusses the infamous Griffin database - used by casinos in Las Vegas to identify so-called 'advantage players' as well as cheats and other people considered undesirable by the gambling industry. The article raises many issues related to data integrity and privacy.
Updated: 2014-10-03
Data protection act

The Data Protection Act (DPA) (UK)

Though UK-specific, The Data Protection Act (DPA) is a good example of data protection legislation, controlling how data can be collected, stored, and used. BBC Bitesize has good coverage of the act, as does Teach-ICT. The UK government also has a surprisingly easy to understand explanation on Gov.uk.
Updated: 2017-06-29
Free database software

Lesson resources: Useful Software

ITGS practical activities do not necessarily require commercial software. There are a number of free database programs which can be used, including:
  • LibreOffice is an open source office suit with a database component.
  • Zoho Creator is an online database application (registration required).

Updated: 2014-10-03
ITGS keyword bingo

Lesson resources: Keyword Bingo

Give students one or two cards containing ITGS database key words, then read out the definitions. Students need to match one of their keywords (not all cards contain all key words). The first student to get all key words wins. This set of cards covers only key terms related to the Hardware and Software chapters of the book. Download: Student cards, teacher clues.
Updated: 2014-10-03
ITGS revision flashcards

Lesson resources: Revision Flashcards

Databases revision flashcards to test students on the key terms. The 'Learn' and 'Test' modes of Quizlet work best.
Updated: 2014-10-03
Targeted advertising

Targeted advertising and consumer data

The collection of customer data and its use for targeted advertising raise a lot of privacy issues. The following news articles give examples of the information companies know about you, and how they acquire it. Data mining also opens the door for less salubrious technologies, such as offering special deals only to certain users (WSJ), and even providing personalised pricing (BBC). How Target Figured Out A Teen Girl Was Pregnant Before Her Father Did (Forbes) is a particularly worrying example of data mining being used to make decisions about a customer.

Other advances - if that is the right word - have enabled companies to match online data with offline activities. Facebook will peer into your grocery bag, for example, explains how supermarket loyalty card data (which is often tied to an email address) can be bought and matched against social network email addresses.

The Wall Street Journal offers these tips to reduce online identity tracking.
Updated: 2014-10-03
Electronic Medical Records

Electronic Medical Records (EMR) & Electronic Health Records (EHR)

Electronic medical records resources:
Updated: 2014-11-07
DNA databases

Government databases: DNA databases

DNA databases are used by some governments to store DNA samples taken from people arrested or convicted of a crime. CODIS (Combined DNA Index System) is operated by the FBI, and the UK's National Criminal Intelligence DNA Database are the two largest DNA databases in the world. Their web pages explain some of the issues and impacts of DNA databases.

DNA Database: Key case studies (BBC) highlights some of the successes (and failures) of DNA databases in solving old crimes.

Accuracy (data integrity) is a critical issue in any database: Outrage at 500,000 DNA database mistakes (The Telegraph) discusses problems with the UK's National DNA Database.

Another related issue is the possibility of 'genetic profiling' - i.e. discriminating against people (for example, for employment or insurance purposes) based on genetic markers that may indicate susceptibility to particular diseases.
Updated: 2014-11-07
Citizen databases

Government databases: Citizen information

Governments routinely (and necessarily) collect and store data about their citizens. However, large, connected computerised databases open the door for new possibilities - good and bad.

In some cases, electronic databases simply offer a quicker way to perform tasks that have long been possible - though privacy concerns may still be raised.. The ATF Wants 'Massive' Online Database to Find Out Who Your Friends Are, for example, discusses a large database requested by the US Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) to help with criminal investigations.

U.S. Terrorism agency to tap a vast database of citizens (Wall Stret Journal) details a March 2012 proposal - which was passed into law - allowing the National Counterterrorism Center to examine government data on citizens even if they were not suspected of a crime.
Updated: 2014-11-07
Crime prediction

Police use of IT: Risk profiling and crime prediction

Since 2001 governments and airports have invested huge sums of money in systems to detect potential terrorist threats. Software which analyses passengers' data to establish their 'risk score' is explained in Risk profiling software tackles the terrorist threat (BBC), while Airport Screening Concerns Civil Liberties Groups (NY Times) discusses the inherent concerns about profiling and privacy. Finally, Deception Is Futile When Big Brother's Lie Detector Turns Its Eyes on You (Wired) details software that can - relatively accurately - detect liars at border control points.

A similar technological development is 'predictive policing': the use of software and large amounts of data to make predictions about where crimes might occur - and even who might commit them - before they happen. The following articles and videos cover this topic:
Updated: 2017-07-12
Crime map

Police use of IT: Crime mapping tools

Several sites provide online crime mapping data. The UK police run Local Crime and Policing information - just type in the name of any UK town or village. Website plots area Crime-by-Crime (BBC) explains the site in more detail.

CrimeReports.co.uk is another site that maps crimes in the UK, US, and Canada. Trulia Crime Maps covers the US, creating 'heatmaps' of different crime types.

Online crime mapping clearly raises several ITGS social and ethical issues: the article Will crime maps work? (BBC) discusses some of the potential impacts. Online offender databases, which go one step further and include the personal details of offenders on their sites, are covered below.
Updated: 2014-11-07
Offender databases

Police use of IT: Offender databases

Online offenders databases remain a controversial topic, with security, privacy, and integrity being key issues. Nevertheless, many such databases exists, especially in the US: Family Watchdog lists details of sex offenders living in the community (US), while the Michigan Public Sex Offender Registry (PSOR) contains records of sex offenders in the state of Michigan. Florida Department of Corrections Offender Database has online records of prison inmates, released inmates, and fugitives. The Sensible Sentencing Trust is a similar database of offenders in New Zealand - interestingly this is not operated by the government, which could raise further issues related to privacy and integrity.

Mugged by a Mug Shot Online (NY Times) discusses some of the potential long term ramifications of exposing such data.

Updated: 2014-11-07
Access the Missing Manual book cover

Access 2010: The Missing Manual

by Matthew MacDonald
Amazon.com | Amazon.co.uk | Worldwide (free shipping)

This book is a very helpful guide for students completing ITGS projects using Microsoft Access. The book covers many topics that students typically enquire about, including making queries that alter data, report design, and creating menu systems using forms. As with Creating a Web Site (above), the content is creating organised and presented, with plenty of examples and screenshots to guide readers. The web site also features downloadable examples that go along with the explanations in each chapter.

There is also an edition for Access 2007.
Updated: 2014-11-07
Search engine privacy activity

Search engines and privacy

This lesson examines some of the privacy issues related to the data collection performed by most major search engines. Students will examine the infamous AOL data release and analyse their own web histories. This is a useful lesson for studying databases and the Internet, but I have also used it as a standalone lesson when introducing the ITGS course to pre-IB students. The slides for the lesson can be downloaded from SlideShare.

Updated: 2014-11-11


This interactive page presents students with a large database containing more than half a dozen tables and although 1000 records. Students can create queries using SQL and see the results immediately. It is even possible to insert and delete records! W3Schools also has a range of help pages for the various SQL commands.

Although knowledge of SQL is not strictly essential for ITGS, this is a good resource to help familiarize students with database structures and query techniques in a way that isn't possible with graphical tools such as Microsoft Access.

Updated: 2016-02-07
Bicycle rental schemes

Bicycle Rental Schemes

Public bicycle rental schemes - where registered members of the public are free to borrow a series of bikes spread a city or town - are available in a number of cities worldwide. These schemes make good case studies for ITGS because they integrate all three strands of the ITGS triangle, including 2.1 Business and Employment (Transport), 3.1 Hardware, and 3.3 Networks. Registration and payment also raises concerns about 1.2 Security and 1.3 Privacy and Anonymity. An ITGS past paper (May 2009) even featured a question which focused on these schemes. Examples of bike rental schemes for study include:

Bike Sharing Map also has a list of similar schemes all over the world.
Updated: 2016-02-27
Your phone company is watching

Your phone company is watching

Malte Spitz discusses the collection and retention of mobile phone data. The talk links to the databases and the Politics and Government area of the ITGS syllabus and features some great visualisations that show how large amounts of data can be combined to build up patterns about people's lives. Where do people live? Where do they sleep? Are they having an affair? Are they 'likely' to commit a crime? All of these and more can be predicted from captured call data. So many ITGS social and ethical issues are raised.

You can watch the video here.

Updated: 2016-07-07
Data security

Data security and privacy - legal impacts

The Data Protection Act (DPA) proscribes legal penalties for companies who fail to adequately protect personal data on their systems. Equally, it is an offence for users to access data for uses other than the original intended use. It is harder to find examples of these penalties being given, but there are examples:

Updated: 2017-07-04