As school leaders, our duty to safeguard children and young people seamlessly extends into online spaces. While publishing images on our websites and social media channels helps to share and celebrate achievements and show the vibrancy of school life, advancements in technology have introduced an alarming risk: the unauthorised harvesting and manipulation of school imagery.
A growing concern is where photos of pupils or staff are taken from websites, social media channels and marketing materials. These images are then processed using artificial intelligence tools - such as freely available ‘nudification’ apps - to create non-consensual, synthetic sexual imagery, including AI-generated child sexual abuse material (AI CSAM). The AI tools used to create such abhorrent and illegal images (photos and videos) are neither difficult to find nor use. The reality of this threat requires our attention and proactive leadership.
The Internet Watch Foundation (IWF) has also published recent data about the significant increase in AI Generated CSAM being found by their analysts, suggesting that this technology is already in the wrong hands.
This has led to new guidance being published this month by the UK Online Harms Early Warning Working Group.
Is this just fear-mongering? Whilst, of course, we want to continue celebrating the successes of our school and children, the risk landscape has undoubtedly changed. This is no longer a hypothetical scenario, and neither is it victimless. If most parents and carers knew that their child's image on a website or social media channel could be used to make very real looking, sometimes violent abuse material, would they still consent to their images being published?
The creation of synthetic intimate imagery carries severe real-world consequences
Perpetrators can use manipulated images to blackmail individuals or the school itself, demanding money under the threat of public exposure.
The non-consensual sharing and modification of student photos directly compromises the safety of vulnerable children, such as Looked After Children or those on child protection plans, by exposing personal data or location routines.
The emotional toll on the victims, whether they are pupils or staff members, and their families, is immense. Dealing with these breaches is also heavily distressing for the safeguarding teams managing the fallout. And if deepfakes are shared on the web, they are difficult to totally remove, and so the consequences can be long term.
Senior leadership teams should arrange for a review of what imagery of staff, children, and leaders is publicly available, and then consider the actions required to prevent harm. Such as:
Re-evaluate Image Necessity- Ask the fundamental question: Are face-on photos actually required? Why not replace direct portraits with alternative angles, group shots, or photos taken from a distance or over the shoulder? We have seen some schools now using avatars or drawings of school staff, leaders and governors instead of photographs.
While navigating these technological threats, schools must exercise extreme caution regarding their own use of AI tools to alter images. Please see the LGfL AI Policy Toolkit for further support with adopting a safeguarding-first approach to using AI in school.
Manipulating student images via unapproved and unchecked AI can lead to privacy breaches and violate UK GDPR obligations. Completing a Data Protection Impact Assessment on any AI tools used is paramount to ensure schools are compliant with legislation.
The existence and use of AI in schools are not issues for the DSL to resolve. This requires strong leadership, clear policies, transparent communication and robust governance.
Senior leaders must actively engage and seek the support of governors and trustees to ensure they are aware of emerging threats and the school’s response to protect school users.
Equally, we must communicate openly with parents and carers. Provide them with clear information regarding the risks of online image misuse and the specific steps the school is implementing to protect their children. We should also take the opportunity to ask parents to reconsider the content they (and their family members) share of their children online. A harmless picture can reveal a child's location, school, and daily habits through background details and data hidden in the image (metadata). These images are easily saved, traded in private networks, or altered using AI.
Image sharing consent processes should be reviewed and re-signed annually to keep pace with changing technologies. Furthermore, where pupils have the age and capacity to make their own decisions, best practice dictates obtaining their own consent alongside parental agreement, respecting their growing autonomy.
For more support on engaging with parents:
We are already aware of cases where pupils have taken and created sexual images of peers and staff. Therefore, it is also critical to evaluate how robust and effective our curriculum is at tackling some of these complex and fast moving issues. This must include helping pupils to know what to do if they believe a synthetic image of themselves or a peer has been created or shared.
Safeguarding our school community against AI manipulation isn't about erasing our digital presence; it is about building a culture of responsible digital behaviour. By taking proactive steps and leading transparent conversations with all of our stakeholders, we build greater trust and ensure our online spaces remain safe environments for everyone.
For support with reporting routes (such as Report Remove, Take It Down, or Stop NCII), take a look at reporting.lgfl.net or refer to the full guidance published by the UK Online Harms Early Warning Working Group.
Subscribe to our SafeguardED newsletter for further updates and follow us on LinkedIn.
The images in this article have been created using Gen AI.