For educators

We spoke to 165 children and some of their teachers and parents. We found that children struggle to understand how the internet collects data about them and parents and teachers find it hard to know how to support children.

Sonia Livingstone, LSE


Download our Brief for educators

We developed this toolkit for teachers, school librarians and other educators keen to teach children about their data and privacy online, including data protection, the digital economy and a range of privacy issues. It is aimed at children of secondary school age and provides information and resources you can recommend to children, use in the classroom, or use in your own practice, grouped around the key areas below. We also provide guidance about privacy in libraries.

Learning objectives:

  • To promote children’s understanding of the digital environment and support them to make good decisions about privacy online
  • To help children understand why privacy online is important and how their online data is generated and used
  • To improve children’s knowledge about privacy risks, protective strategies and help-seeking
  • To teach children about their privacy rights and how to protect them

Learn more about privacy online

Online privacy: what’s the issue?

We share a lot about ourselves online – our looks, our friends, what we enjoy or dislike. Other people, like family and friends, share information about us too – when they post a photo of us or tag us at some place.  We may be happy to share some things online but other things we’d rather keep to ourselves.

The internet collects information that maybe we didn't mean to share. The apps and devices we use automatically collect information, such as the device we’re using, our location, or what we watch or click on or search for. Over time, this information (our ‘data’) gets more detailed. When companies, advertisers, even future employers use it for their own purposes, this may be helpful, but it may be unfair or harmful.

Resources to use in teaching

Resources to use in your practice

Resources to recommend to children

Who is tracking us and collecting our data?

Sometimes apps collect information that’s unexpected - for example, most torch apps track your location. If apps ask to access your contacts, photos or microphone, they may keep this information.

Even if you don’t let them access your contacts, they may get access anyway, if your friends allow access to contacts. So, our data travels between devices and apps.

Companies like WhatsApp and Instagram collect data about us from other companies they do business with – like the App Store or Google Play. Apps often keep working and collect data even when they’re not being used. Data also travels to companies we’ve never used! It’s hard to know where our data ends up or how long it stays there, even after we have deleted our original profile.

So, how does this happen? When we visit a website or use an app, small pieces of data (cookies) are placed on our device to track and record what we do. Some cookies are functional – for example, they remember our username and password. Other cookies help the company analyse its users and make services more profitable. There are also ‘third party cookies’ – these are used to sell our data to companies who want to advertise their products to us. For example, Spotify lets over 60 companies place cookies on your device, including Google, Amazon and Facebook. In this way, companies can track us even when we don’t use their services.

So, how can our data be used? Our data can be copied, analysed, stored, combined with other data, shared and sold to others – advertisers, companies, governments. Some of the companies who track us are ‘data brokers’ – their business is to buy and sell data. Data brokers collect data from different sites and then ‘profile’ individual users – they put each of us into groups with other people like us. Then companies can work out things about us that we haven’t shared.

Resources to use in teaching 

Resources to use in your practice

Resources to recommend to children and here

What can go wrong?

We often think that we have nothing to hide or that the data collected doesn’t identify us (e.g. IP address, gender or time spent online). Well, think again! When all the data is combined, it creates a precise picture of who we are - where we live, what we do in our spare time, our family members, our opinions. Combined with other data that is already available, like school or medical records, it can be used to identify us and can be used in the future.

How long does our data stay online? In practice, personal data may be there forever. It may be fine to share something now, but we can’t be sure how it could be used in the future – perhaps  when we apply for a job or a phone contract, housing or insurance.

Once we’ve been ‘profiled,’ the information and advertising we see gets filtered – showing us some things and hiding others. This may mean that our decisions, and even our view of the world, rely on partial – perhaps biased - information.

Also, incidents with leaked personal data are common and include unauthorised access to people’s address, date of birth, telephone number, email, passwords, photos and bank account.

Resources to use in teaching

Resources to recommend to children

How to protect privacy online?

Privacy is something to think about every time we use the internet. There are a lot of things we can do to protect our privacy online. Here are some suggestions and resources to share with children.

» Know what you are agreeing to

Learn what data your apps and devices collect about you. What do they share with others? Who can see your stuff? Who owns what you post? Read the Terms and Conditions about privacy (read a child-friendly version for some apps here).  

» Tighten your privacy

Check your privacy settings. Consider making your profile private and disabling functions you don’t need (e.g. your location, third party cookies, advertising and interest preferences, profile visibility).

» Clean your device

Go through your apps regularly and remove anything you don’t use to avoid unnecessary apps collecting your data. Clean the cookies and browsing history on your devices.

» Clean your online profiles

Delete any social media profiles you no longer use. Review your profiles and see if you want to delete anything: e.g. photos, comments, posts, friends, groups, likes, your profile information.

» Know what you look like online

Try to find out what the internet knows about you by searching your name. Try to remove any content that you think should not be online.

» Know what to share

Never share your passwords. Avoid sharing your location. Only post information you are happy for everyone to see – even 10 years from now. Be aware of your online reputation and protect your own privacy and that of your friends.

» Make a positive digital footprint

The internet can be a great place to socialise, have fun and learn. You can create a positive online reputation about yourself by being considerate and thoughtful.

Resources to use in teaching 

Resources to use in your practice 

Resources to recommend to children

What rights do children have?

Children are entitled to extra protection, so, it’s important not to give an older age when using apps and online services. It is also important to talk to children about the rights they have as internet users. These include the right to:

» Be informed: you have the right to see a clear and easily-understood privacy notice that explains what the company is, what data they collect, and how they will use your data

» Access your data: you have the right to ask any company to give you a copy of all the personal data they hold about you

» Correct your data: you can correct any incorrect personal data or complete incomplete data they hold about you. It’s called right to rectification

» Delete your personal data: you have the right to have your personal data deleted. It’s called right to erasure

» Limit data use: you can restrict how companies use or process your personal data in some cases

» Object to data use: you can ask any company to stop processing your data, even if it’s gained in a legal way

» Move your data: you can request all your data to be sent from one company to another. It’s called right to data portability

» Refuse automated decisions and profiling: sometimes computers process your data and make decisions on their own, without a person. You have the right to object to this use of your personal data

» Complain: you can report concerns to the Information Commissioner’s Office (ICO).

Resources to use in teaching 

Resources to recommend to children

Educational videos and games for children

Privacy can be fun! Here are some videos and games that we selected with the help of children. Children can solve some privacy challenges and check how privacy-aware they are – while having fun!

Where to get help?

We all want to enjoy being online and feel safe but sometimes things can go wrong. This is why it is important to report any wrongdoings and seek help when we know someone needs it. Here are some ways you can do this.


Reporting a problem online

Reporting directly to companies

Helplines for children

  • Childline: 08001111, confidential help on any issue
  • Papyrus: 0800 068 4141, confidential suicide prevention advice
  • The Mix: 0808 808 4994, essential support for under 25s
  • YoungMinds Crisis Messenger: text YM to 85258 for 24/7 support for mental health crisis

Privacy in the library

School and public libraries have an important role in providing access to information and the internet which brings a range of privacy-related responsibilities associated with the monitoring, data gathering, and safety of their users.

  • Data privacy project: aimed at library staff it discusses how information travels and is shared online, what risks users commonly encounter online, and how libraries can better protect privacy. Includes online training modules on: library technology timeline, mapping data flows, risk assessment, and supporting materials (quiz, slides, handouts, guides on fundamental concepts and tactics and tools).
  • Leading the way: a guide to privacy for public library staff designed to help library staff to consider the kind of data they collate, hold and share about those who engage with their services, and how ‘privacy-friendly’ their systems and resources are. It includes practical steps that can be taken by those seeking to enhance the approach to privacy across different aspects of their service (Carnegie UK Trust).