E-safety is the term used to describe the concept of keeping users safe while browsing the internet, particularly those in vulnerable categories, such as children and the elderly.
The basic foundation of e-safety is to protect users from potentially harmful content or activities, such as grooming, pornography, or cyber bullying, and includes both websites and apps.
Staying safe online has become an integral part of our daily lives, especially when it comes to children. In marked contrast to older generations who may not understand how touchscreens work, kids today presume that everything works with a swipe.
This can be challenging for parents, particularly when it comes to keeping their children safe on the web. Even though lawmakers and regulators may think they understand what kids are doing online and on social media, the ever-changing nature of technology constantly presents new dangers.
How e-safety is classified
The three important areas of risk when it comes to e-safety are Content, Contact, and Conduct.
Content refers to the material being accessed online, and understanding whether it poses a risk of being harmful, illegal, and/or inappropriate. Content can be defined in a variety of ways, including but not limited to: text, sound, images, and video.
Contact refers to the types of individuals that vulnerable people may interact with online, and how communication may occur. This includes the methods by which vulnerable people may be targeted, and the information that is exchanged.
The power of the One True Zero Trust Platform
Delivering unparalleled security and superior economic value
Finally, Conduct is all about the nature of the exchanges, and whether the manner by which these communications occur are potentially exploitative or harmful, even if the content itself is not necessarily harmful.
When it comes to young children, a lot of a child's internet time will be conducted within a school environment and it's a key place where e-safety will be implemented. The NSPCC has a number of guidelines for schools and educators to follow when protecting pupils online.
"A whole school approach to e-safety can help involve staff, governors, parents and pupils themselves in keeping children and young people safe online," it says.
Its resources help educational establishments implement the e-safety policies and procedures, IT infrastructure and support schools need, as well as helping schools and colleges develop "a trained workforce who are confident in online safety, identifying and responding to concerns".
Why is e-safety so important?
According to research by Internet Matters, more and more children between six and 16 are going online without their parents' oversight. Most parents said they didn't always monitor how their children were using the web, despite anxieties about unregulated screen time for youngsters, and the unintended consequences.
The availability of hardware, such as laptops and tablets, and the increased role these play in essential activities such as work and study, is one key reason why children are increasingly browsing the internet without supervision.
Another reason is the heightening acceptance of children owning their own electronic devices. It's now common for younger people to take a more independent approach to their online activity. Unfortunately, large swathes of the internet are categorically not child-friendly, and unless proactive measures are put in place by guardians, children can be left exposed to risks and dangerous content.
A further study in 2017 by the UK Safer Internet Centre revealed that 70% of those aged eight to 17 had witnessed graphic content that was not suitable for their age group. Similarly, research by the American Psychology Association found that children are first exposed to online pornography at roughly the age of 13.
With regards to cyber bullying, an ONS survey revealed that one in five between ten and 15 had experienced at the very least one form of online bullying in the year ending March 2020, which equates to roughly 764,000 children. Around a quarter of victims, however, kept this to themselves.
What is being done to improve e-safety?
Laws are beginning to catch up in some areas, albeit very slowly. The UK, for example, have sought to make it harder for harmful or inappropriate content to circulate online, particularly through social media.
The Online Safety Bill, a draft of which was first presented in May 2021, seeks to make it easier to force social media companies to remove illegal content and prevent it from appearing on feeds. It also seeks to bring in compulsory age checks on content deemed potentially inappropriate, and offer a route for parents and guardians to report harmful content. The law would also grant the communications regulator Ofcom the powers to take action against companies that fail to remove content.
The bill itself has faced a number of delays and roadblocks, as well as opposition from business groups that argue the rules would stifle smaller businesses and start-ups that may lack the tools and resources required to adhere to the compulsory duty of care.
Teaching e-safety in schools
In the UK, online safety was introduced into all key stages of the curriculum in 2012, with schools required to teach children about how to stay safe online from the age of 5. The various levels of guidance are aimed at different age groups, ensuring all ages understand the risks and are able to alert an adult should they be concerned about someone's behaviour online or feel they are being targeted by cyber bullies.
According to the UK regulator Ofsted, schools are obliged to demonstrate that they are protecting both students and staff from harmful or illegal content as well as educating them on how technology should be used. Schools should also have the means to act in an appropriate manner when an issue is flagged to them, which includes reporting the incident to the governing body, parents and, if necessary, the authorities.
Who is responsible for e-safety?
Although Ofsted lists e-safety as the responsibility of schools, parents and carers have just as significant of a role to play in educating the youth on the dangers of the web. Family members and other adults should pay attention to what children are up to online and they can do so by implementing processes to check whether the internet and connected devices are being used in a safe and secure manner. Just like their children's' teachers, parents and carers should also dedicate the time to educate themselves about e-safety and how to deal with issues when they arise.
The top five fists of perimeter firewalls
...and the one way to overcome them all
Businesses should also take responsibility - and action - to protect their younger users against dangerous online activity. They can do that by making it easier for users to alert the authorities of any illegal or harmful content, as well as monitoring their services to minimise the risk to children and young people when online. This could include enforcing age restrictions for certain services, ensuring services have the tools in place to report inappropriate content and having clear communication channels with authorities in case it is necessary to file a report.
However, not every step taken by tech companies to ensure the safety of their youngest users has been met with public approval. In August 2021, Apple was criticised for its plans to scan photos on US iPhones for evidence of CSAM as they are uploaded to the iCloud storage services, as well as introduce an iMessage surveillance technology that aimed to flag any explicit content received by a child to their parent or guardian.
This raised concerns over user privacy, with more than 90 civil society organisations, including the UK’s Big Brother Watch and Liberty, urging CEO Tim Cook to abandon the policies. According to privacy activists, the algorithm used to scan for images had the potential to mistakenly flag CSAM content, or even be abused by authoritarian governments.
Meanwhile, the iMessage surveillance tech could be exploited by “abusive adults” and lead to LGBTQ children being outed against their will. Weeks later, Apple announced the decision to delay the rollout of the technology, citing “feedback from customers, advocacy groups, researchers, and others”.
At the same time, Facebook halted its work on a version of its Instagram social network for children, citing a need for more collaboration with parents and policymakers, after leaked internal research documents showed that it was aware of Instagram’s negative effect on teen girls' mental health. However, the tech giant added the option of end-to-end encryption e2ee) for voice and video calls on its Messenger communications platform, defying warnings from the UK government that the technology will hinder law enforcement efforts to track down and arrest child abusers.
E-safety during lockdown
The coronavirus lockdown saw a significant rise in online sexual abuse against children, who are now required to stay at home and therefore beyond the safety of security filters used by schools.
In fact, the spike in cases had been so significant that, in April, the National Crime Agency (NCA) issued a statement advising parents to carefully monitor what their children are doing online when they use the internet to access school resources.
Although Ofsted places the responsibility of e-safety on school, remote learning means that parents and carers have a greater role to play in the online safety of their children. A spokesperson for the department told ITPro that "how Ofsted is overseeing remote learning, including matters of e-safety, is currently under review".
In order to raise awareness of the threat, the NCA has launched 15-minute activities to parents and carers to do with their children which provide e-safety resources and exercises for families of children across all age groups.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.