How does a school ensure that its website does not inadvertently break the law, or compromise the safety and privacy of its pupils? Susie Roome considers the relevant law and provides some practical advice on how to limit the risks to your school and pupils from the content of your school website

School websites can be a dynamic and creative method of communication between a school, its pupils, staff and the wider community. Websites can serve a wide purpose – from promoting the school to prospective parents and staff, to a gallery for pupils’ work, a resource for teaching and learning, or to assist in recruitment. However, this range of exciting opportunities is mirrored by the equally wide range of legal risks that can apply to a website. So how does a school ensure that its website does not inadvertently break the law, or compromise the safety and privacy of its pupils?

What legal issues apply to websites? Every school owes a common-law duty of care to its pupils, to take reasonable care to ensure that every child at the school is safe from harm. Schools must also make sure that the use of photographs and personal information on websites complies with the Data Protection Act 1998. Intellectual property and copyright issues are also relevant, where school websites use or repeat images or text from an outside source – such as pictures downloaded from the internet. Another key legal issue is the increasing trend of cyberbullying, which includes the use of defamatory blogs and personal websites, all commonly linked to school websites.

How do you take reasonable care of the pupils?

The duty to keep children safe from harm may sound daunting in the context of the virtual nature of a website. But the duty is to take reasonable care, not to be perfect. There are some very simple steps that will go a long way to discharging this duty and ensuring the safety of your pupils.

The key is to ensure that no individual child can be identified or contacted as a result of the website. BECTA, the government’s lead agency for ICT and education, suggests that schools should never place names next to photographs of children, never use full names and only use group photos. Only use images of pupils in suitable dress. Be alert – do not announce that Joe Bloggs scored the only goal in a football match, then publish a photo showing a child scoring a goal. Predatory individuals will be able to put two and two together and identify the child.

But remember, a sensible approach is required to strike a balance between protection and the promotion of the school and its pupils. A school in Essex hit the headlines in March 2008 for blanking out children’s faces on its website, and replacing them with ‘cartoon smiley faces’. This was widely considered a step too far.

What about inappropriate content?
Schools need to be careful to ensure that their websites do not contain inappropriate or offensive content – for example, violent, sexual or hateful comment. This is particularly relevant to the growing prevalence of cyberbullying, which we discussed in “What is cyberbullying?” and “Tackling cyberbullying against teachers”.

Again, some fairly simple steps can reduce the risk of inappropriate content making its way onto a school website. Make the website the responsibility of a senior member of staff, and ensure that a clear policy is in place for its creation, updating and monitoring. The policy should include approval requirements; and, if pupils are involved, then they should be supervised and given clear guidelines. There should be routine checks to ensure that no personal information or inappropriate content has slipped through the net. Finally, schools should, if possible, avoid the use of webcams or live feeds, over which they have little control.

How does the Data Protection Act 1998 apply to school websites?
Issues with data protection can apply to photographs and personal information posted on a school website, such as exam results or visitors books. But the school will not breach the Act as long as the individuals in question (and parents/guardians) are aware that this is happening, and aware of the context in which the data will be used. So the golden rule is to always seek consent, and get it in writing.

How does copyright law apply?
Generally, copyright gives the creator of materials control over how they are used. Schools must be certain that they are not infringing the copyright of others through any materials available on their website, or risk a hefty fine. Copyright may apply to text, images, music or video that originates from other sources. A school that uses images from the internet on its own website will likely be infringing copyright, unless the creator of that image consents. Schools should therefore be very careful about the source of any material that is loaded onto their site, and if in doubt as to whether copyright would apply, don’t use it!

What guidance can I look at for help?
There is a lot of relevant guidance to help. Your first port of call should be the BECTA website, which has published the general guidance ‘The key features of a safe school website’, and more specific guidance on copyright and data protection. You can also look at and the DCSF website has some good guidance on cyberbullying. The Office of the Information Commissioner gives some practical advice on data protection and freedom of information.

If you follow this guidance and keep in mind the few key recommendations discussed in this article, then your website should be an exciting and creative tool that will enhance and promote your pupils’ learning and their school, while maintaining the safety of all involved.

This e-bulletin issue was first published in September 2008

About the author: Susie Roome