Big data

During the current COVID-19 crisis the amount of online activity is increasing exponentially, which means the quantity of personal data being collected is also growing. It seems timely then to reflect on some of the online safety issues.

Most websites you visit collect cookies, these are often separated into three or more types: required, functional and personalisation. In 2015 researchers found that a user who visited the 100 most popular websites would collect over 6,000 cookies, 83% of which were from third parties unrelated to the website visited. Some cookies help to improve the performance of software and devices, but the rest can be used to feed machine intelligence and prediction products, which are then sold to third parties. Before allowing cookies, it is worth seeing if you can access the website without accepting them. If not, then try and “manage” the cookies by only accepting the ones which are required.

Some companies also use web bugs or beacons, which are tiny, often invisible, graphics or HTML elements, embedded into web pages or email and designed to monitor user activity and collect personal information. Many email providers have moved towards not loading images when opening hypertext emails. Anti-spyware software can help you block these bugs in order to protect your privacy.

Think about if you want to sign in to various sites using your Google or Facebook account or if you would rather keep your accounts separate. It can be a good idea to log out of programs, such as email, once you have finished using them, to reduce the opportunity for being tracked across the Internet.

When setting up online subscription sites for pupils, it is best not to use their real names. Using initials or pre-agreed pseudonyms is safer.

Try to discourage younger pupils from excessive use of social media, as the negative feedback is often amplified more than positive feedback and this can lead to negative emotions. The data they share on such platforms can be sold to, and used by, third parties and forms part of pupils’ digital footprint. Research has identified FOMO (Fear of Missing Out) with compulsive social media use. Setting up a school-based system such as a Forum or Blog can help provide pupils with the interactions they want, but with controls put in place.

Increasingly, what we see on our screens adapts to every “Like”, click, video watched, tweet posted and search made. The more we use certain search engines, the more they find out about us, which is one reason why a growing number of people use “no tracking” search engines such as Duck Duck Go. Safe search engines like Swiggle are also widely used in schools.

A number of films and TV programmes have highlighted the dangers of “deepfake” videos and the more personal data such as videos of ourselves which are put online, the more we become a target for exploitation such as identity theft. Watch the Royal Institution Christmas Lecture extract on deep fake videos from minutes 49-57 to give you a better understanding of how information can be changed. Biometric data such as fingerprint, voice and facial images can be convenient and are sometimes used as security measures, for example to access a device, software or online bank account. By using video conferencing software, you are providing companies with some biometric data. There are serious privacy concerns when it comes to biometrics. It is possible some companies or individuals may make and keep a copy of the video stream or recording and potentially sell the data to third parties or indeed for their databases to be hacked into. Consequently it is important to have trust in the company you decide to use and read their terms of service before agreeing to them. Be mindful too that if a video system you use is not set up correctly then it is possible for uninvited guests to appear in your conference. Make all meetings private and only allow the host to screen share. It is good practice to carry out due diligence before using new software/apps and probably best to avoid live streaming with pupils, but if you are considering it then look at safeguarding tips such as those from the London Grid for Learning.

More and more “smart” devices are automatically collecting data about us and our lives using a range of sensors, microphones and cameras. This data can then be sold to other companies. It is worth checking the security / privacy settings to disable what you are not happy sharing.

Encouraging pupils to think critically about the digital content they see and access will help to keep them safe online. Some questions for them to consider are:

Is this website/URL/email fake? How can I tell?

What does this cookie do and what information am I sharing?

Which cookies am I prepared to accept?

Is this person who they say they are?

Why would someone want me to believe this?

How do I change the privacy settings?

Why is this app free and what does the company get in return?

Why does this person want my personal information?

Do I need to “Like” this post or “Subscribe” to this YouTube channel?

Further sources of information

Jaron Lanier – Ten arguments for deleting your social media accounts right now

Teaching online safety in schools (DfE guidanceJune 2019)

Shoshana Zuboff – The age of surveillance capitalism

Safeguarding considerations for lesson livestreaming

Biometrics and biometric data: What is it and is it secure?

Coronavirus: Racist 'zoombombing' at virtual synagogue