It has been an ongoing practice that those (adult) students who wish
to have their work marked and returned within 1-3 days can leave
self-addressed envelopes on top of a cabinet in the classroom so the
tutor can post the marked work to them.  A pile of blank envelopes is
available for students to use in this way. It is not a requirement for
anyone to do so - it is for the students convenience, and they all
know where the envelopes are and that the room is used by at least one
other group.   Is this a breach of student confidentiality or data
protection?  (Could the answer please be applicable to the UK?)

Do I understand correctly:  If they want to, the students put their
address on one of the blank envelopes, and the instructor uses it to
return the paper?

Is your worry that this may reveal to persons in the "other group(s)"
who is registered for this course?  And that this fact is a breach of
student confidentiality or data protection?
This is just a free comment and not an official answer, which only a
G-A Researcher can post, one with a blue name here.

It seems to be an informal and voluntary system, so it would appear
that the institution has no responsibility.
Perhaps, the fact that one is registered for a course is private
information that falls under data protection, but then only for the
organisation, i.e., that it may not reveal this from its records
without the person's approval  -
but in this case, it is not doing so.

Name and address by themselves are not protected data, as far as I
know, although sometimes people think that they are.  It depends on
who does what with them, and in what connection:  membership, account
relationship, etc.

Someone may suggest that the students should be reminded that they are
choosing to reveal their course registration and address, but from my
experience, this upsets people needlessly, opening a discussion of the
subject, making a nice informal system become official, which may
result its being abandoned because the institution prefers to avoid
absolutely any possible responsibility.

I hope you get an answer.

I agree with myoarin-ga.  How exactly would this qualify as a breach
of confidentility in any jurisdiction?

While it is true that a name linked to an address is certainly
personal information, the Data Protection Act covers only information
that forms part of a "relevant filing system". This may be manual or
automated, but broadly means that the data must be collected and
stored in a manner in which it can be retrieved again in data subject
order.

Provided the envelopes are kept with the papers rather than filed for
later use, then it is hard to see that they are captured by the Act.
It is also hard to see how the envelopes reveal any more than the
papers themselves (which presumably identify their authors) if these
are left on show prior to collection - a simple expedient would be a
locked post box for them to be put into.

By the way, it is certainly not a requirement of the Act that
information cannot be revealed without consent. It is a requirement of
the Act that at the time of collecting the data the identity of the
data controller the purpose the data is being collected for and any
people it might be disclosed to be given (eg faculty and students).