How to get the most out of the DFE’s Teaching Online Safety in Schools Guidance, Instalment 3: How to navigate the internet and manage information.

Posted by Schools Broadband on 01/11/2019

In June 2019 the DfE released the non-statutory guidance for schools, 'Teaching Online Safety in Schools'. We’ve partnered with e-safety adviser Alan Mackenzie to bring schools and MATs 5 helpful bitesize instalments along with expert insight to make it easier to digest. In this this third instalment Alan discusses how to navigate the internet and the 10 specific harms to be aware of.

Take a look at our previous instalments: Instalment 1 How to get the most out of the DFE’s Teaching Online Safety in Schools Guidance & Instalment 2; 5 Ways to Encourage Pupils to Navigate the Online World Safely

As mentioned in our previous instalment, online risks that may lead to harm is a huge area. The Teaching Online Safety guidance document usefully splits Harms and Risks into 3 main areas:
 
  • How to navigate the internet and manage information;
  • How to stay safe online;
  • Wellbeing.
This week we're taking a look at the first area, how to navigate the internet and manage information which considers 10 specific harms:

1. Age restrictions.

There are many reasons why online services have age restrictions. The most commonly understood are those related to content (e.g. in games) or data protection (digital consent at 13). Conversations with children and young people around age restrictions are useful not only to raise the awareness of why these restrictions are in place, but also to openly discuss (without judgement) why many choose to ignore the restrictions and what the potential content, contact and conduct risks may be. Remember that in different countries, different age restrictions are used. For example in the UK the age of digital consent (where a young person can consent to their personal information being used) is 13. In other countries it is 14 or even 16. This is a useful conversation starter to consider why these ages are in place and why the Government of that country has picked those ages. Furthermore different app stores (e.g. Apple or Google/Android) can have different content ratings as well as age ratings.

2. How content can be used and shared.

From big companies using your information (digital footprint) for advertising, to individuals making inappropriate contact, publicly available content can be used by anyone for almost any purpose, and due to the ingenuity of search engines and the way in which they discover that content, it's easy for anybody to find. Are privacy settings on apps 100% effective? Can social media providers use your information even if your privacy settings are set to private? Are there occasions where having a public social media profile may be beneficial for older students (think future employers)? Students must also consider the legality of information, particularly what they are posting or sharing, from youth-produced sexual images to copyright infringement and extremist content.

3. Disinformation, misinformation and hoaxes.

Misinformation and hoaxes online are becoming much more widespread, from political scandals and measles vaccinations to Momo challenges. All of us need to consider what we are seeing, sharing and potentially promoting. But we also need to remember that not all of this is deliberate, it could be misinformed information or simply an opinion. Unfortunately the viral nature of some of these can give the perception that it must be true, after all if so many people are sharing the content, surely they can't all be wrong? Sadly, many are sharing without thought, often due to the shock factor as in the Momo hoax. Use real examples to discuss these issues with students, if you can't think of any recent ones simply type into Google 'Snapchat hoax', 'Fortnite hoax' or something similar but which is relevant to the age of the students.

4, 5, 6 & 7 Fake websites, Fraud, Password Phishing and Personal Data.

In the Teaching Online Safety in Schools guidance more often than not, topics 4, 5, 6 and 7 are all very closely related and could (or should) all be discussed together. 

Fraudulent activity online, particularly identity theft, is getting bigger and, as with all risks and issues, criminals will attack users on popular services. Whilst email scams still abound, criminal activity within gaming and social media are on the rise significantly. Whilst there can be differences, quite often the ways in which the fraudulent activity is carried out are all very similar:

 
  • A fake email or post on your timeline is received.
  • It uses social engineering techniques to persuade you of something, e.g. you have just won an iPad, an unpaid invoice, someone has tried to log into your account, your password has been compromised etc. This is commonly called 'phishing' and usually comes from a supposed reputable company. Tens of thousands of these emails can be sent out at any one time in the hope that the criminals will 'catch' a few. If an individual is targeted directly, this is know as spear phishing.
  • The email or post will convince the user to carry out an action, such as visit a website to reset the password or input details to claim the prize. This directs to a fake website, often looking exactly like the real one; this is known as pharming.
  • The voice (telephone call) version of this is called 'vishing', and the text version is called 'smishing'.
The advice is all quite similar and includes:
 
  • Always be suspicious and use Google, for example if you have received an email/post for a £50 voucher from Sainsbury's, type 'Sainsbury's voucher hoax' into Google and see what comes up.
  • Check the address of the sender (if it's an email).
  • Never visit a site from the post/email.
  • Check the site is secure by observing the padlock in the URL and that the address includes 'https' at the beginning, but note that this advice is no longer as reliable as it once was. All this denotes is that website is secure, not trustworthy.
8.    Persuasive design

We looked briefly at persuasive design in week 2. Persuasive design, sometimes known as sticky design or captology (computers as persuasive technologies) are techniques used by companies to get more users onto their platform, keep them in there for longer and keep them coming back. Examples of this would include the default autoplay on YouTube or Snapchat streaks which rewards users for continually sharing posts and punishes when they don't. Other examples would include the myriad of notifications which, if not managed properly, can be overwhelming. Persuasive design has really come to the fore over the last year or two as many are questioning the ethics of companies in their drive to make more money, whilst potentially having a negative effect on the wellbeing of some users.

9.    Privacy settings

At their most basic, privacy settings are either on or off, but there can be others such as 'friends only', 'friends of friends' etc. Most online services and games (that have contact functionality) have privacy settings. These can be used to control who you are sharing data with but emphasis must be placed on the fact that just because a privacy setting is on doesn't mean that it is private, for example a screenshot can be taken very easily. Equally some users may be lulled into a false sense of security, thinking that they can post anything they want because it's private.

10.    Targeting of online content, including on social media and search engines.

A commonly cited rule to children and young people is, "Don't share personal information online." But what is personal information? There are the obvious ones, name, address etc., but we need to also raise awareness of the not so obvious, such as cookies, what you share, what you like, what you browse and search for and much more. Arguably this is personal information given that companies are using this information to personally target users. Many users are completely unaware of the terms and conditions of the services they are using and who can blame them; many Ts&Cs are so long and written in a language that very few adults can understand, let alone children and young people. A very useful reference which is perfect for use in the classroom is the 'Simplified Social Media Terms and Conditions' documents from the Children's Commissioner - https://www.childrenscommissioner.gov.uk/publication/simplified-social-media-terms-and-conditions-for-facebook-instagram-snapchat-youtube-and-whatsapp/

Key Points:
 
  1.  This section is huge and we have tried to keep this article as short as possible for clarity. The 10 subjects really only scrape the surface, however they are all incredibly important subject areas if users are to navigate the internet and manage personal information safely.
  2. Knowing how information can be shared, who might use that information and for what purpose gives children and young people critical skills which are vital online. 
  3. None of these areas are particularly difficult and good descriptors along with advice on curriculum topics are covered within the Teaching Online Safety in Schools guidance.

If you’d like to understand more about enabling safe and secure online learning in your school with one of the most education specific web filtering services available, call a member of our team on 01133 222 333 or email info@schoolsbroadband.co.uk