Subscribe to our free newsletter and stay ahead with the latest news from the academy, free school & UTC sector

Digital devices in schools - integral but it has its risks

Andrew Sheldon at Evidence Talks, explains what can be done to investigate abusive and illegal activities to ensure digital safety

Posted by Hannah Vickers | January 26, 2017 | Technology

Abuse of digital technology in schools is now an established, if highly regrettable, part of the operating environment for Head Teachers, school managers, local authorities and parents.

The ubiquitous availability and use of digital devices from school computers to childrens’ personal phones and tablets has created an entirely new platform for education.  Its benefits are without question, but the relative lack of control, moderation and surveillance available also creates the potential for serious abuse.

The potential for child abuse wherever large groups gather in one place is self-evident to anyone with a duty of care to exercise.  Establishing protocols and monitoring procedures to try and prevent abuse happening is likely to be high on any schools’ agenda but whether it’s the gradual infiltration of the system by a determined paedophile or a sudden rush of peer-to-peer cyber bullying, it’s time to look at identifying, investigating and dealing with those responsible.

While it’s never good news that abuse has taken place, the availability of systems to deal with it is cause for reassurance.  An abuser identified and dealt with is infinitely preferable to one continuing their activities.

[Cyber] attacks are increasing, in terms of both numbers and complexity, necessitating a dynamic, strategic approach to their mitigation

The science of digital forensics, widely used by law enforcement communities, security services, governments, legal organisations and corporate security managers around the world, has now been developed to a level where, with minimal training, even non-specialists can forensically preserve, examine,  analyse and produce evidence quality data from all manner of digital devices.  This significant step forward offers schools an affordable and highly effective instant response mechanism to identify illicit activity, its perpetrators and its victims.

This might involve predatory grooming behaviour involving data, communications and imagery from either the school’s computer or the perpetrator’s own mobile device.  It may be that personal data has been obtained from confidential records with grooming or even trafficking in mind.  Alternatively, it may be that cyber-bullying is taking place on or out of school but based around the learner community.

A report from NEN, the Education Network of UK government, says “all the evidence shows that (cyber) attacks are increasing, in terms of both numbers and complexity, necessitating a dynamic, strategic approach to their mitigation”.

The report goes into some detail on the nature and sophistication of cyber attacks, identifying areas of vulnerability that include ‘phishing’ exercises, the introduction of infected devices into networks either maliciously or accidentally and external attempts to compromise systems through malware propagation.

It identifies a number of response techniques from the relatively simple -such as robust management of user privileges and user education - to incident management planning, including a review and update of e-security and access training for pupils and staff.

Schools have significant power and authority, not only over the computers, systems and data that are already in their ownership, but over the misuse of personal digital devices used by children – or indeed staff – at school

It’s unfortunate but true that pupil to pupil or pupil to teacher abuse comes into the area of legitimate concern.  Potential scenarios include indecent photographs taken on a Smartphone, video recording of assault or harassment, recording a staged unsavoury classroom incident, the presence of pornography on a laptop or even the use of instant messaging to organise a fight.

In all cases the availability of digital forensics tools and systems can quickly, easily and forensically triage and review data on computers, laptops, tablets and phones.  There is even an option to use a USB thumbdrive or Mac expansion card that turns suitable laptops into a fully capable forensic intelligence device usable by non-technical staff to investigate.

Teachers and school managers are understandably concerned about the sensitivities of investigating teachers, fellow staff and, of course, children.  Nothing, however, can be set above the duty of care owed to pupils and parents.

Many are also unaware that properly interpreted and applied, powers do exist to search for and seize devices where there are reasonable grounds for suspicion and this extends to the confiscation and examination of mobile phones.

The following extracts from a DFE report, entitled Searching, Screening and Confiscation, published in 2014, clarify the circumstances with advice for Head Teachers, school staff and governing bodies.  

Appropriate action can be taken:

“school staff can search a pupil for any item if the pupil agrees” (limited by child’s age and other factors)

“Head Teachers and staff authorised by them have a statutory power to search pupils or their possessions without consent where they have reasonable grounds for suspecting that a pupil may have a prohibited item – and these include pornographic images or any article that the member of staff reasonably suspects has been or is likely to be used to commit an offence”

‘Digital challenges’ are real and present a dilemma to schools seeking to use digital technology to enhance student learning

Crucially

“Head Teachers and authorised staff can also search for any item banned by the school rules which has been identified in the rules as an item which may be searched for”

The current law also goes on to define possessions, including desks, lockers and bags, to provide guidance on confiscation and states…

“a person carrying out a search can seize anything they have reasonable grounds for suspecting is a prohibited item or is evidence in relation to an offence”.

In summary, schools have significant power and authority, not only over the computers, systems and data that are already in their ownership, but over the misuse of personal digital devices used by children – or indeed staff – at school.  In an age where many learners are actively encouraged to ‘bring their own’, this is an important factor.

Having established that schools are far from powerless to seize and confiscate digital devices, the question of data extraction and analysis – the forensic triage process – comes to the fore.

Current technologies and systems are immensely powerful, quick and relatively simple to work with.  Non-specialist staff can be trained rapidly to operate them and to produce evidence quality material, often in a matter of hours.  In a recent case, DWP staff successfully prosecuted a sophisticated ring of criminals involved in identity theft, trafficking and the production of false documents such as visas and passports.

What’s more, digital forensics delivers the kind of evidence that encourages guilty pleas, saving court time, legal costs and offering those affected the satisfaction and stress relief in seeing sentences passed without having to endure lengthy trials and cross-examination.

A report published in 2015 by the New Zealand Ministry of Education said this:

“… the many benefits of learning with digital technologies are accompanied by some challenges and potential risks for students and schools.  These ‘digital challenges’ are real and present a dilemma to schools seeking to use digital technology to enhance student learning”.  It went on to summarise these challenges as:

Cybersafety

Involves conduct or behaviour concerns. Examples include cyberbullying, smear campaigns, accessing inappropriate content, creating spoof websites or sexting.

Cybercrime

Involves illegal activity. Examples include sexual offending, accessing objectionable content or online fraud.

Cybersecurity

Involves unauthorised access or attacks on a computer system. Examples include hacking into someone’s social media service account, launching a distributed denial of service attach or loading malware onto a laptop.

It conceded too that “preventative approaches that rely on technical or other protection simply do not work”.

While this does not invalidate schools and colleges making every effort to encourage and maintain appropriate behaviour, it simply underlines the need for effective, restorative options.  Unchecked, abuse of digital devices can spread rapidly and of course illegal and frightening abuses from grooming and trafficking will be carried out if there is little or no chance of detection and prosecution.

The good news is that the technology, the availability and the affordability of digital forensics all exist to help discourage abuse and to bring its perpetrators to account.

Subscribe to our free newsletter and stay ahead with the latest news from the academy, free school & UTC sector

Related stories

How to deal with unreasonable complaints

Bring Your Own Device: 24/7 learning?

The Future of Security

Minimising the risk of school cyber attacks

Two thirds of schools lack funding for basic improvement

What are geofences and how do they protect children?

Planning for Cloud in 2017

Rural broadband access - is it still an issue?

Make your ICT & IT budgets go further at the Education Forum

Keeping IT safe and secure

Market place - view all

OKI

OKI is a global B2B printer manufacturer dedicated to creating cost...

Document Solutions

With our experience we help organisations to optimise their entire ...

Netgear

Welcome to the New School of Wireless.
Digital textbooks. Onl...

Sports facilities

Sports Facility Services Limited was set up in June 2013 with the ...

Interface

Interface is a global leader in the design and manufacture of susta...

Jamf software

Solutions for education. Power the digital classroom with Apple an...