The first potential vulnerability when creating content is the device not being securely setup.
Check with learners that they have taken these steps to reduce the risk of content being stolen from their device:
- their device account (Windows, iOS or android) has a strong password (three random words)
- makes use of 2-factor authentication (2FA)
- additional security features, such as fingerprints or facial recognition
- has a unique account for each user (if shared device, such as a tablet or laptop)
- a screenlock that requires a passcode or biometric (face or fingerprint) to log in to stop unauthorised access (hacking)
- the latest operating system (usually iOS, android or Windows) installed as this usually fixes potential security vulnerabilities
- installed apps from approved providers, such as App Store or Play Store to avoid potentially malicious apps that allow content to be stolen through a ‘backdoor’
Learners should also consider where created content is stored – this will typically be on the device but can also be stored on cloud storage, such as OneDrive, iCloud or Drive, and this adds the risk of remote hacking and content theft
- apple devices have a content filter, called communication safety in Messages, in their ‘screen time’ settings that blocks potentially nude content sent or received on children’s phones
Another potential vulnerability when creating content is the accounts on the device or online platform not being secure enough and allowing others to access created content.
Check with learners that they have taken these steps on their apps to reduce the risk of content being stolen from their accounts:
- they use a secure, perhaps separate, email account (with its own unique username, secure password and 2FA)
- they use their device security, such as account and biometrics, to log in to apps as this means they need to have the device in-hand to access the account
- they do not share access to their account with anyone
- they know how to use the settings and security features to set the platform up to only share information they are willing to share – this might include turning off data or location tracking, for example
When using devices or online platforms to create content, learners should understand that online platforms and services, including apps, carry greater risk of being shared without permission as the content created on these is almost always stored on their server, which is the company’s computer, and not the child or young person’s device.
Should created content ever be shared with, or without, permission then learners should have the knowledge, skills and support to report and recover from the potential risks associated with this:
Anyone under the age of 18 is considered a child by law and ANY content that contains exploitative or indecent images or video of children is child sexual abuse and illegal.
Educators should follow Local Authority child protection procedures. Children and young people who experience this should report it to CEOP (Child Exploitation and Online Protection).
It is not illegal to film or photograph someone without consent, however, any exploitative or indecent images or video of children is child sexual abuse and illegal.
Educators should follow Local Authority child protection procedures. Children and young people who experience this should report it to CEOP (Child Exploitation and Online Protection).
Digital content that may have been created consensually but once consent is revoked it can be challenging to stop the other party sharing it. The Internet Watch Foundation Report/Remove tool can be used to request any exploitative or indecent images and video are removed from online servers.