We share a lot about ourselves online – our looks, our friends, what we enjoy or dislike. Other people, like family and friends, share information about us too – when they post a photo of us or tag us at some place.  We may be happy to share some things online but other things we’d rather keep to ourselves.

The internet collects information that maybe we didn't mean to share. The apps and devices we use automatically collect information, such as the device we’re using, our location, or what we watch or click on or search for. Over time, this information (our ‘data’) gets more detailed. When companies, advertisers, even future employers use it for their own purposes, this may be helpful, but it may be unfair or harmful.

Resources to use in teaching

• Protecting personal information online – PSHE: lesson plans for primary and secondary levels to cover all the key areas of personal information and internet safety (Information Commissioner’s Office)
• Educational resources for teachers: resources for teachers to help educate children about privacy (including lesson plans, presentation packages, activity sheets, videos and a graphic novel (comics) with discussion guide) (Office of the Privacy Commissioner of Canada)
• Digital literacy library: privacy and reputation: lesson plans and activities designed to help young people develop skills needed to navigate the digital world, critically consume information and responsibly produce and share content (Facebook)
• Media smarts digital literacy: a classroom guide with practical tools to teach digital literacy skills (ethics and empathy, privacy and security, community engagement, digital health, consumer awareness, finding and verifying and making and remixing). With an overview of privacy resources (Media Smarts)
• QuickStart computing: essential subject knowledge, with a framework and guidance for planning, teaching and assessing progress. With a focus on privacy: living in a digital society and the ethics of algorithms (Computing at school)

Resources to use in your practice

• Educator toolkit for teacher and student privacy - a practical guide for protecting personal data (Parent Coalition for Student Privacy and Badass Teachers Association)
• Essential digital skills framework: defines the skills needed to safely benefit from, participate in and contribute to the digital world (Department for Education)
• Education for a connected world: framework describing the digital knowledge and skills that children should develop at different ages and stages of their lives (UK Council for Internet Safety)

Resources to recommend to children

Sometimes apps collect information that’s unexpected - for example, most torch apps track your location. If apps ask to access your contacts, photos or microphone, they may keep this information.

Even if you don’t let them access your contacts, they may get access anyway, if your friends allow access to contacts. So, our data travels between devices and apps.

Companies like WhatsApp and Instagram collect data about us from other companies they do business with – like the App Store or Google Play. Apps often keep working and collect data even when they’re not being used. Data also travels to companies we’ve never used! It’s hard to know where our data ends up or how long it stays there, even after we have deleted our original profile.

So, how does this happen? When we visit a website or use an app, small pieces of data (cookies) are placed on our device to track and record what we do. Some cookies are functional – for example, they remember our username and password. Other cookies help the company analyse its users and make services more profitable. There are also ‘third party cookies’ – these are used to sell our data to companies who want to advertise their products to us. For example, Spotify lets over 60 companies place cookies on your device, including Google, Amazon and Facebook. In this way, companies can track us even when we don’t use their services.

So, how can our data be used? Our data can be copied, analysed, stored, combined with other data, shared and sold to others – advertisers, companies, governments. Some of the companies who track us are ‘data brokers’ – their business is to buy and sell data. Data brokers collect data from different sites and then ‘profile’ individual users – they put each of us into groups with other people like us. Then companies can work out things about us that we haven’t shared.

Resources to use in teaching 

• How do you collect information about me?: read the BBC’s guidance on privacy and data collection (2 mins, BBC)
• Who knows about me: guidance mapping the key points at which children’s data is collected and exploring the implications (Children’s Commissioner for England)
• Data brokers: you are being packaged and sold: read and watch this material about data harvesting by brokers (4 mins, Social Engineer)
• Do not track: a personalised series of short videos about privacy and the web economy explaining how and why we are being tracked online (2-3 mins each, Do Not Track)
• Our data bodies: a workbook of education activities focused on data, surveillance, and data justice. Additional exercises

Resources to use in your practice

• EdTech rating reviews: Privacy evaluations aimed to help educators choose education technology for schools (Common Sense Privacy Evaluation Initiative)
• Digital intelligence (DQ) curriculum: an online education platform to teach children digital citizenship skills, including digital footprint management and cyber security management (DQ Institute)

Resources to recommend to children and here

We often think that we have nothing to hide or that the data collected doesn’t identify us (e.g. IP address, gender or time spent online). Well, think again! When all the data is combined, it creates a precise picture of who we are - where we live, what we do in our spare time, our family members, our opinions. Combined with other data that is already available, like school or medical records, it can be used to identify us and can be used in the future.

How long does our data stay online? In practice, personal data may be there forever. It may be fine to share something now, but we can’t be sure how it could be used in the future – perhaps  when we apply for a job or a phone contract, housing or insurance.

Once we’ve been ‘profiled,’ the information and advertising we see gets filtered – showing us some things and hiding others. This may mean that our decisions, and even our view of the world, rely on partial – perhaps biased - information.

Also, incidents with leaked personal data are common and include unauthorised access to people’s address, date of birth, telephone number, email, passwords, photos and bank account.

Resources to use in teaching

• Quick-guide series: handouts (one 2-sided page) for use in classrooms. Topics include: secure passwords, cyberbullying, teen sexting, safe online shopping and creativity & copyright (6 mins, Connect Safely)
• Your digital footprint: what is a digital footprint and how it affects you (3 mins, Australian Government)
• Data harm record: a running record of ‘data harms’, harms that have been caused by uses of big data with the aim of learning from where things have gone wrong (10 mins, Data Justice Lab)
• Kids online anonymity & lifelong autonomy (KOALA): a stack of story cards that can be used to discuss privacy risks with children (KOALA project, Oxford University)
• UNICEF end violence: a video of children responding to questions about things people found out about them from the internet (3 mins, UNICEF)

Resources to recommend to children

Privacy is something to think about every time we use the internet. There are a lot of things we can do to protect our privacy online. Here are some suggestions and resources to share with children.

» Know what you are agreeing to

Learn what data your apps and devices collect about you. What do they share with others? Who can see your stuff? Who owns what you post? Read the Terms and Conditions about privacy (read a child-friendly version for some apps here).  

» Tighten your privacy

Check your privacy settings. Consider making your profile private and disabling functions you don’t need (e.g. your location, third party cookies, advertising and interest preferences, profile visibility).

» Clean your device

Go through your apps regularly and remove anything you don’t use to avoid unnecessary apps collecting your data. Clean the cookies and browsing history on your devices.

» Clean your online profiles

Delete any social media profiles you no longer use. Review your profiles and see if you want to delete anything: e.g. photos, comments, posts, friends, groups, likes, your profile information.

» Know what you look like online

Try to find out what the internet knows about you by searching your name. Try to remove any content that you think should not be online.

» Know what to share

Never share your passwords. Avoid sharing your location. Only post information you are happy for everyone to see – even 10 years from now. Be aware of your online reputation and protect your own privacy and that of your friends.

» Make a positive digital footprint

The internet can be a great place to socialise, have fun and learn. You can create a positive online reputation about yourself by being considerate and thoughtful.

Resources to use in teaching 

• Protecting personal information online – PSHE: lesson plans for primary and secondary levels to cover all the key areas of personal information and internet safety (Information Commissioner’s Office)
• Onine identity: a series of education packs to encourage young people aged 3-18 to explore how they manage their online identity (4 mins, Childnet).  
• Data detox: an online toolkit for improving control over online digital profiles (Tactical Technology Collective)

Resources to use in your practice 

• Cloud education services and devices in schools: discusses the benefits and risks of using technology in schools (5 mins, Electronic Frontier Foundation)

Resources to recommend to children

Children are entitled to extra protection, so, it’s important not to give an older age when using apps and online services. It is also important to talk to children about the rights they have as internet users. These include the right to:

» Be informed: you have the right to see a clear and easily-understood privacy notice that explains what the company is, what data they collect, and how they will use your data

» Access your data: you have the right to ask any company to give you a copy of all the personal data they hold about you

» Correct your data: you can correct any incorrect personal data or complete incomplete data they hold about you. It’s called right to rectification

» Delete your personal data: you have the right to have your personal data deleted. It’s called right to erasure

» Limit data use: you can restrict how companies use or process your personal data in some cases

» Object to data use: you can ask any company to stop processing your data, even if it’s gained in a legal way

» Move your data: you can request all your data to be sent from one company to another. It’s called right to data portability

» Refuse automated decisions and profiling: sometimes computers process your data and make decisions on their own, without a person. You have the right to object to this use of your personal data

» Complain: you can report concerns to the Information Commissioner’s Office (ICO).

Resources to use in teaching 

• Personal data and data protection rights: materials (lesson plans, slides, worksheets) helping teachers to explore with their students the concept of personal data and data protection rights in a social media context (Data Protection Commission)
• Your data matters: a tool explaining rights and providing practical advice (Information Commissioner’s Office)
  
  
• Magna carta: my digital rights: a teaching resource containing a series of video scenarios and teachers’ notes for Key Stages 3, 4 and 5, focusing on the topics of freedom of expression, protection and privacy, and access (World Wide Web Foundation, British Library, Southbank Centre and British Council)

Resources to recommend to children

Privacy can be fun! Here are some videos and games that we selected with the help of children. Children can solve some privacy challenges and check how privacy-aware they are – while having fun!

We all want to enjoy being online and feel safe but sometimes things can go wrong. This is why it is important to report any wrongdoings and seek help when we know someone needs it. Here are some ways you can do this.

Helplines

• NSPCC helpline: 0808 800 5000, provides help and support to parents, professionals and families
• Professionals Online Safety Helpline: 0844 381 4772 or helpline@saferinternet.org.uk; guidance on all aspects of digital and online issues for professionals working with children and young people
• Education Support Partnership: 08000 562 561, providing mental health and wellbeing support services to all education staff and organisations 
• Bullying UK: 0808 800 2222; help and advice for parents, carers and schools to deal with all forms of bullying
• Child Protection Support Service (CPSS): 028 9598 5590; for school staff with any safeguarding and child protection concerns
• Department for Education extremism helpline: teachers can call: 0207 340 7264 or email: Counter.extremism@education.gov.uk

Reporting a problem online

• Child Exploitation Online Protection Centre for reporting child sexual abuse images
• Internet Watch Foundation for reporting child sexual abuse images
• True Vision for reporting online hate speech
• ParentPort for reporting media content (advert, television or radio programme, film, newspaper, magazine, video game) unsuitable for children

Reporting directly to companies

• YouTube: you can report a privacy violation, a video, an abusive user, age-inappropriate content restrictions. YouTube Help Centre
• Instagram: you can report privacy issues, harassment or bullying, hacked or hate accounts and other issues
• Snapchat: you can report a safety concern, abuse, a story or lens
• Tumblr: report offensive content, block a user
• Facebook: report a privacy violation, report a profile, post, photo or video, pages, comments or messages
• X: report offensive content, a hacked account, report an ad
• Tik Tok: report content (an account, a comment, a video), block someone, if your account is hacked
• Ask.fm: report use of your picture; a fake profile

Helplines for children

• Childline: 08001111, confidential help on any issue
• Papyrus: 0800 068 4141, confidential suicide prevention advice
• The Mix: 0808 808 4994, essential support for under 25s
• YoungMinds Crisis Messenger: text YM to 85258 for 24/7 support for mental health crisis

School and public libraries have an important role in providing access to information and the internet which brings a range of privacy-related responsibilities associated with the monitoring, data gathering, and safety of their users.

• Data privacy project: aimed at library staff it discusses how information travels and is shared online, what risks users commonly encounter online, and how libraries can better protect privacy. Includes online training modules on: library technology timeline, mapping data flows, risk assessment, and supporting materials (quiz, slides, handouts, guides on fundamental concepts and tactics and tools).
• Leading the way: a guide to privacy for public library staff designed to help library staff to consider the kind of data they collate, hold and share about those who engage with their services, and how ‘privacy-friendly’ their systems and resources are. It includes practical steps that can be taken by those seeking to enhance the approach to privacy across different aspects of their service (Carnegie UK Trust).