Appropriate monitoring

Guide for education settings and filtering providers

Schools (and registered childcare providers) in England and Wales are required “to ensure children are safe from terrorist and extremist material when accessing the internet in school, including by establishing appropriate levels of filtering”.  Furthermore, it expects that they “assess the risk of [their] children being drawn into terrorism, including support for extremist ideas that are part of terrorist ideology”.  There are a number of self review systems (e.g 360 degree safe) that will support a school in assessing their wider online safety policy and practice.

The Department for Education’s statutory guidance ‘Keeping Children Safe in Education’ obliges schools and colleges in England to “ensure appropriate filters and appropriate monitoring systems are in place and regularly review their effectiveness” and they “should be doing all that they reasonably can to limit children’s exposure to the above risks from the school’s or college’s IT system” however, schools will need to “be careful that “over blocking” does not lead to unreasonable restrictions as to what children can be taught with regards to online teaching and safeguarding.”

To further support schools and colleges in England to meet digital and technology standards, the Department for Education published Filtering and Monitoring Standards in March 2023. In addition to aspects of both filtering and monitoring systems, these standards detail the allocation of roles and responsibilities, and that schools and colleges should be checking their filtering and monitoring provision at least annually. Given the extent of personal data involved with some monitoring solutions, Schools and Colleges should consider undertaking a data protection impact assessment and ensure that the adopted monitoring strategy is integrated within organisational policies and alongside relevant data sharing agreements.

The aim of this document is to help schools (and providers) comprehend, in conjunction with their completed risk assessment, what should be considered as ‘appropriate’ monitoring.

Monitoring strategies

There are a range of monitoring strategies and systems however the appropriate monitoring strategy selected should be informed by your risk assessment and circumstances.  It is also vitally important to also review and refine the relevant policies as part of assessing (or implementing) a monitoring strategy or system.  The following are examples.

1) Physical Monitoring

Physical monitoring can contribute where circumstances and the risk assessment suggests low risk, with staff directly supervising children on a one to one ratio whilst using technology. This could be: physical supervision of children whilst using the Internet or assigning additional classroom support staff to monitor screen activity;. The following are possible limitations or points to consider

  • It is difficult to physically monitor any independent use of technology
  • Can be resource intensive
  • Less effective across a larger group or a group using mobile devices
  • Students often adapt screen behaviour to avoid monitoring
  • Advantage of immediate intervention when an issue arises which can be developed as a teaching opportunity

Regardless of monitoring strategy, physical monitoring may be required for devices or technologies that are not able to be monitored using other strategies, for example images or videos taken on mobile devices or cloud storage.

2) Internet and web access

Some Internet Service Providers or filtering providers provide logfile information that details and attributes websites access and search term usage against individuals. Through regular monitoring, this information could enable schools to identify and intervene with issues concerning access or searches.  The following are possible limitations or points to consider

  • Assign appropriate responsibility for analysing the logfile information. These reports can often be difficult to understand and may require time and specialist technical and/or safeguarding knowledge to analyse.
  • The frequency that block or monitoring lists are updated by your provider
  • The logfile information should be able to identify an individual user (or group as appropriate) for effective intervention
  • Logs need to be regularly reviewed, interpreted and alerts prioritised for intervention
  • Information held by the school that indicates potential harm, must be acted upon
  • Be aware of any limitations of the logfile information.  Schools should ensure clear and appropriate data retention policies and logfiles (Internet history) should include the identification of individuals and the duration to which all data is retained.

3) Active/Pro-active technology monitoring services

Where the risk is assessed as higher, Active or Pro-active monitoring technologies may be suitable.  These specialist services provide technology based monitoring systems that actively monitor use through keywords and other indicators across devices.  These can prove particularly effective in drawing attention to concerning behaviours, communications or access. These systems can take the form of:

Active monitoring where a system generates alerts for the school to act upon.  Active Monitoring is most effective where

  • There is sufficient internal capability and capacity to interrogate and interpret the volumes of information and alerts generated by the system
  • Appropriate Safeguarding expertise is assigned to review, prioritize and take action on alerts that signal potential harm.

Pro-active monitoring where alerts are managed or supported by a specialist third-party provider and may offer support with intervention.  Proactive monitoring is most effective where

  • School safeguarding staff are actively and immediately alerted to genuine risk of threats to health or life
  • The provided SLA meets the school requirements
  • Specialist organisations provide additional capability and capacity to support school safeguarding staff
  • High number of devices are operating

Schools should understand how any pro-active monitoring support is provided including if any automation is utilised and the safeguarding capability of the organisation’s teams.

Monitoring content

Recognising that no monitoring can guarantee to be 100% effective, schools should be satisfied that their monitoring strategy or system (including keywords if using technical monitoring services) at least covers the following content

  • Illegal – Is illegal (eg. Child abuse images and terrorist content). It is important that safeguards for illegal content cannot be disabled by the user
  • Bullying – Involve the repeated use of force, threat or coercion to abuse, intimidate or aggressively dominate others
  • Child Sexual Exploitation – Is encouraging the child into a coercive/manipulative sexual relationship. This may include encouragement to meet.
  • Discrimination – Promotes the unjust or prejudicial treatment of people with protected characteristics listed in the Equality Act 2010.
  • Drugs / Substance abuse – displays or promotes the illegal use of drugs or substances
  • Extremism – promotes terrorism and terrorist ideologies, violence or intolerance
  • Gambling – enables gambling
  • Pornography – displays sexual acts or explicit images
  • Self Harm – promotes or displays deliberate self harm
  • Violence – Displays or promotes the use of physical force intended to hurt or kill
  • Suicide – Suggest the user is considering suicide

Monitoring Strategy/System Features

Schools should consider how their system integrates within their policies and should satisfy themselves the extent that their monitoring strategy meets the following principles

  • Age appropriate – includes the ability to implement variable monitoring appropriate to age and vulnerability. This will in turn define which alerts are prioritised and responded to.  Further situations may warrant additional capability, for examples boarding schools or community based access
  • BYOD (Bring Your Own Device) – if the system includes the capability to monitor personal mobile and app technologies (ie not owned by the school), ensure it is deployed in accordance with policy and how data is managed.  Does it monitor beyond the school hours and location
  • Audit – Any changes to the monitoring system are logged enabling an audit trail that ensures transparency and that individuals are not able to make unilateral changes.
  • Data retention – should be clear what data is stored, where it is stored (physically – ie cloud/school infrastructure) and for how long.  This should also include any data backup provision
  • Devices – if software is required to be installed on devices, the monitoring system should be clear about the devices (and operating systems) it covers
  • Flexibility – changes in keywords (addition or subtraction) can be easily amended according to an agreed policy.
  • Group / Multi-site Management – the ability for deployment of central policy and central oversight or dashboard
  • Harmful Image detection – The inclusion or extent to which visual content is discovered, monitored and analysed (e.g. Image hash).
  • Impact – How do monitoring results inform your policy and practice?
  • Monitoring Policy – How are all users made aware that their online access is being monitored? How are expectations of appropriate use communicated and agreed?  Does the technology provider, offer any advice or guidance?
  • Multiple language support – the ability for the system to manage relevant languages to your school
  • Prioritisation – How alerts generated via monitoring are prioritised to enable a rapid response to immediate issues. What operational procedures are in place to facilitate that process?
  • Remote monitoring – with many children and staff working remotely, the ability, extent and management for the monitoring of devices (school and/or personal).  Included here is the hours of operation together with the explicit awareness of users.
  • Reporting – how alerts are recorded, communicated and escalated?

Monitoring systems require capable and competent staff with sufficient capacity to effectively manage them, together with the support and knowledge of the entire staff. Monitoring systems are there to support the effective safeguarding of children and the responsibility should therefore lie with the school leadership/governors and Designated Safeguarding Lead as part of the establishment’s broader safeguarding approach. Schools and Colleges should ensure that their staff, and in particular those responsible for and managing their monitoring strategy, have sufficient capacity and capability. Schools and Colleges should have policies and processes to support those staff responsible for managing monitoring systems. The UK Safer Internet Centre Helpline may be a source of support for schools looking for further advice in this regard.

Filtering and monitoring systems are only ever tools in helping to safeguard children when online and schools have an obligation to “consider how children may be taught about safeguarding, including online, through teaching and learning opportunities, as part of providing a broad and balanced curriculum”. To assist schools and colleges in shaping an effective curriculum, UK Safer Internet Centre published ProjectEVOLVE.

Risk assessment

UK Safer Internet Centre recommends that those responsible for Schools and Colleges undertake (and document) an annual online safety risk assessment at least annually or whenever any changes substantive occur, assessing their online safety provision that would include monitoring provision. The risk assessment should consider the risks that both children and staff may encounter online, together with associated mitigating actions and activities.

A risk assessment module has been integrated in 360 degree safe13. Here schools can consider identify and record the risks posed by technology and the internet to their school, children, staff and parents.

Checks and documentation

Schools and Colleges should regularly check that their filtering and monitoring systems are effective and applied to all devices. Checks should be conducted when significant changes take place (for example, technology, policy or legislation), in response to incidents and at least annually. These checks should be recorded, including details about the location, device and user alongside the result and any associated action.

Monitoring on mobile devices

Schools and colleges should satisfy themselves that monitoring systems are correctly working across all their devices’, including mobile devices. If your school owns mobile devices such as iPads or other tablets as part of your teaching strategy, then consider the following practices to ensure monitoring is in place (you may need the help of your ICT support to do this):

  • Audit the mobile device estate by detailing all the mobile devices they have
  • Understand and detail the applications (apps) they use and how these are managed (installed and deleted). Specifically, ensure that apps can be centrally, and routinely, removed from mobile devices. This is best achieved through the use of a Mobile Device Management (MDM)
  • Identify who is responsible for mobile devices as well as filtering and monitoring systems at the school, ensuring that the DSL is also aware (if different)
  • Test to provide confidence that the schools filtering and monitoring solution is working across all mobile devices, across installed apps (not just internet browsers) and in various physical locations. Schools can use testfiltering.com to help in this regard
  • Identify any vulnerable users of mobile devices, paying particular attention to ensure harmful content is not accessible on specific devices

This detail has been developed by the UK Safer Internet Centre, and in partnership and consultation with the 120 national ‘360 degree safe Online Safety Mark’ assessors and the NEN Safeguarding group (www.nen.gov.uk).

Be in the know

You’ll get knowledge, skills and tools to make the internet safer
for young people at your care. Each sent once per month.