Know and understand risks of using the internet including inappropriate and criminal material, restricting data through parental, educational and ISP control

Topic 10 – Communication and e‑Safety

Learning Objectives

  • Identify and explain all components of a correctly formatted email and the security measures that protect it.

  • Describe the main purposes of the Internet, evaluate its advantages and disadvantages, and differentiate between related terms (Internet, Intranet, Extranet, WWW, HTTP/HTTPS, FTP, SSL/TLS, blogs, wikis, social‑networking sites, cloud services).

  • Analyse the major e‑safety risks, their impact on individuals and society, and the legal/ethical framework that governs online behaviour.

  • Evaluate how parental, educational and ISP controls restrict inappropriate or criminal material and protect personal data.

  • Apply practical skills: compose a safe, correctly formatted email; configure safe‑search; set up basic parental controls; produce evidence with screenshots.

1. Email Communication

1.1 Parts of an email (purpose of each field)

  • To: primary recipient(s); the message is addressed directly to them.

  • Cc (Carbon Copy): recipients who need to be informed but are not expected to act.

  • Bcc (Blind Carbon Copy): recipients hidden from each other – protects privacy and avoids exposing large address lists.

  • Subject line: a concise summary; helps the receiver decide priority.

  • Greeting: polite opening (e.g., “Dear Mr Smith,”).

  • Body: main message – keep paragraphs short, use clear language.

  • Closing: courteous sign‑off (e.g., “Kind regards,”).

  • Signature: name, role, school/organisation, contact details; may also contain a disclaimer about confidentiality and data protection.

  • Attachments: files added to the email (PDF, JPG, DOCX, etc.).

1.2 Email groups and distribution lists

  • Group email address: a single address that forwards to multiple members (e.g., science‑dept@school.edu).

  • Useful for class projects, staff notices, or club communications.

  • When using a group address, always consider whether members should see each other’s addresses – use Bcc if privacy is required.

1.3 Netiquette (online etiquette)

  • Use a clear, polite tone; avoid ALL CAPS (interpreted as shouting).

  • Keep subject lines relevant and concise – 6‑8 words is ideal.

  • CC/BCC etiquette:

    • CC only when the recipient needs to be kept in the loop.

    • BCC for large mailing lists or when you must hide addresses.

  • Forwarding rules:

    • Never forward a message without the original sender’s permission.

    • Remove any unnecessary personal data before forwarding.

  • Proof‑read for spelling, grammar and tone before sending.

  • Respect confidentiality – do not share school‑internal information without authorisation.

1.4 Managing attachments

  • Prefer widely supported, non‑executable formats: PDF, JPG, PNG, DOCX, XLSX.

  • Keep file size under the provider’s limit (usually 10‑25 MB). For larger files use cloud‑sharing links.

  • Scan every attachment with up‑to‑date antivirus software before opening.

  • When sending a link, set appropriate sharing permissions (view‑only vs. edit).

1.5 Email security and safe‑email practice

  • Spam: unsolicited bulk messages, often commercial.

  • Phishing: fraudulent messages that pretend to be from a trusted source to obtain personal data.

  • Malware attachments: files that install viruses, ransomware or trojans.

  • Encryption: protects the content of an email while it travels (e.g., S/MIME or PGP). Schools may require encrypted communication for sensitive data.

  • Digital signatures: verify the sender’s identity and ensure the message has not been altered.

  • Two‑factor authentication (2FA): adds a second verification step (code sent to phone, authenticator app) for email accounts.

  • Red flags to watch for:

    • Poor spelling or grammar.

    • Urgent or threatening language (“Your account will be closed…”).

    • Mismatched URLs (hover to view the real address).

    • Unexpected attachments, especially .exe, .bat, .js.

  • What to do when you suspect a phishing or spam email:

    1. Do not click any links or open attachments.

    2. Mark the message as spam or report it to your email provider.

    3. If the email appears to be from your school, forward it to the IT support team.

    4. Delete the email after reporting.

2. Effective Use of the Internet

2.1 Common purposes

  • Research and information gathering.

  • Communication – email, instant messaging, video‑conferencing.

  • E‑learning platforms and virtual classrooms.

  • Entertainment – streaming, gaming, social media.

  • E‑commerce, online banking and government services.

2.2 Advantages and disadvantages (with evaluation prompts)

AdvantageDisadvantage
Instant access to a vast amount of information.Information overload; difficulty judging reliability.
Global communication and collaboration in real time.Risk of mis‑communication, loss of privacy and cultural misunderstand‑ings.
Flexible learning – MOOCs, virtual labs, recorded lessons.Dependence on reliable connectivity and suitable devices; digital divide.
Convenient online services (banking, shopping, public services).Exposure to fraud, scams and cyber‑crime.
Platforms for creativity – blogs, wikis, multimedia publishing.Potential exposure to inappropriate or extremist content.

Evaluation prompts for learners: In a short paragraph, decide which advantage you think outweighs its paired disadvantage for a specific user group (e.g., a secondary‑school student, a small business, a senior citizen). Justify your answer with at least two reasons.

2.3 Key terminology and how the concepts differ

  • Internet: worldwide network of interconnected computers.

  • Intranet: private network restricted to an organisation (e.g., a school’s internal staff portal).

  • Extranet: part of an intranet that external partners can access securely (e.g., a university’s research‑collaboration site for partner institutions).

  • World Wide Web (WWW): collection of web pages accessed via browsers using HTTP/HTTPS.

  • HTTP vs. HTTPS:

    • HTTP – Hypertext Transfer Protocol; data sent in plain text.

    • HTTPS – HTTP Secure; uses SSL/TLS encryption to protect data in transit (required for online banking, login pages).

  • FTP (File Transfer Protocol): used to upload/download files to/from a server; often replaced by secure variants (SFTP, FTPS).

  • SSL/TLS: cryptographic protocols that provide encryption, authentication and data integrity for web traffic.

  • Browser: software (Chrome, Firefox, Edge, Safari) that retrieves and displays web pages.

  • Search engine: tool (Google, Bing, DuckDuckGo) that indexes web pages and returns results for user queries.

  • Blog: regularly updated website where entries appear in reverse‑chronological order; often personal or thematic.

  • Wiki: collaborative site that allows multiple users to edit content (e.g., Wikipedia, school project wikis).

  • Social‑networking site: platform for creating personal profiles and interacting with others (Facebook, Instagram, TikTok, LinkedIn).

  • Cloud service: remote storage or applications delivered over the Internet (Google Drive, Microsoft 365, Dropbox).

2.4 Comparison of common Internet protocols

ProtocolPrimary UseTypical PortSecurity
HTTPWeb page transfer (unencrypted)80None – data in plain text
HTTPSSecure web page transfer443SSL/TLS encryption
FTPFile upload/download21 (control), 20 (data)None – vulnerable to sniffing
SFTP/FTPSSecure file transfer22 (SFTP) / 990 (FTPS)SSH or SSL/TLS encryption
SMTPSending email25Often combined with STARTTLS for encryption
IMAP/POP3Retrieving email143/110 (plain) or 993/995 (SSL)SSL/TLS when using the secure ports

3. e‑Safety – Risks of Using the Internet

  • Inappropriate content: violent, sexual, extremist, hate‑speech or self‑harm material.

  • Criminal activity: phishing, identity theft, online fraud, hacking, ransomware.

  • Privacy breaches: unwanted data collection, tracking cookies, location sharing, facial‑recognition misuse.

  • Technical threats: viruses, worms, trojan horses, denial‑of‑service attacks, insecure Wi‑Fi.

  • Cyber‑bullying & online harassment: threatening messages, exclusion, reputation damage, non‑consensual sharing of images.

  • Health & well‑being impacts: eye strain, sleep disruption, addiction, anxiety.

3.1 Impact of Internet risks (case‑study style)

Case study – Ransomware attack on a hospital (2023):

  • Legal: breach of data‑protection regulations → fines of up to €20 million under GDPR.

  • Financial: ransom payment of £2 million + £5 million for system restoration and lost revenue.

  • Emotional: patients experienced anxiety and loss of trust in the health service.

  • Societal: delayed emergency care highlighted the wider public‑health risk of cyber‑crime.

Students should be able to relate such examples to the generic risk categories listed above.

4. Legal & Ethical Frameworks (Key Points)

  • United Kingdom: Digital Economy Act 2017 (age‑verification for adult material); Online Safety Bill (platform duty of care).

  • United States: Children’s Online Privacy Protection Act (COPPA) – parental consent required for data collection from under‑13s.

  • European Union: General Data Protection Regulation (GDPR) – key principles:

    1. Lawfulness, fairness and transparency.

    2. Purpose limitation.

    3. Data minimisation.

    4. Accuracy.

    5. Storage limitation.

    6. Integrity and confidentiality (security).

    7. Accountability.

    Rights for individuals include access, rectification, erasure (“right to be forgotten”), restriction of processing, data portability and objection.

  • International: UN Convention on the Rights of the Child – obliges states to protect children from all forms of online harm.

  • School policies normally embed these statutes into their own e‑safety, data‑protection and Acceptable Use Policies (AUPs).

5. Controlling Access to Internet Content

5.1 Parental Controls

  • Software filters installed on devices (e.g., Net Nanny, Qustodio, Microsoft Family Safety) – block categories such as adult, gambling, violence.

  • Router‑level DNS filtering (e.g., OpenDNS, CleanBrowsing) – applies to every device on the home network.

  • Time‑based restrictions – limit internet access after a set hour or during homework periods.

  • Activity logs and weekly usage reports for parents.

  • Device‑specific apps for smartphones and tablets (Screen Time on iOS, Digital Wellbeing on Android).

5.2 Educational Controls (Schools & Colleges)

  • Network firewalls with policy‑based content filtering (e.g., FortiGate, Sophos).

  • Whitelist of curriculum‑relevant URLs; blacklist of prohibited sites (social‑media, gaming, file‑sharing).

  • Enforced safe‑search settings on school browsers (Google SafeSearch, Bing SafeSearch).

  • Comprehensive Acceptable Use Policy (AUP) signed by pupils, parents and staff.

  • Regular e‑safety lessons, digital‑citizenship workshops and awareness campaigns.

  • Restricted administrative rights on school computers – prevents installation of unauthorised software.

  • Monitoring tools (e.g., GoGuardian, Lightspeed) that can alert staff to risky behaviour in real time.

5.3 ISP Controls

  • Default safe‑search and content‑blocking for accounts registered to users under 18 years.

  • Age‑verification gateways for adult‑content sites (mandated by the UK Digital Economy Act and similar legislation elsewhere).

  • National filtering schemes – e.g., UK “Family Filter”, Australia’s “Cleanfeed”.

  • Parental‑control dashboards provided as part of the broadband package (e.g., BT Parental Controls, Telstra Family Safe).

  • Network‑level monitoring for malware, bot‑net activity and DDoS attacks; alerts sent to customers.

6. Summary Table – Risks, Controls and Responsible Parties

Risk CategoryTypical ExampleControl Method(s)Responsible Party
Inappropriate contentAdult video sites, extremist propagandaContent‑filtering software, DNS/router blocking, age‑verification gatewaysParents, School IT staff, ISP
Online fraud & phishingFake bank email, counterfeit e‑shopEmail spam filters, anti‑phishing toolbars, user education, 2FAStudents, Teachers, ISP security services
Malware & ransomwareTrojan download from a compromised siteAntivirus/anti‑malware, regular OS updates, restricted admin rightsParents, School IT department, ISP (network monitoring)
Privacy breachesTracking cookies, location data sharingBrowser privacy settings, VPN use, cookie‑consent management, GDPR‑compliant data handlingUsers, Educational policy makers, ISP (transparent data policy)
Cyber‑bullyingHarassing messages on a social‑networking siteMonitoring tools, reporting mechanisms, digital‑citizenship lessons, platform‑specific block/report featuresParents, School staff, Platform providers

7. Practical Activities (AO‑2)

  1. Compose a correctly formatted email:

    • Include To, CC, BCC, Subject, greeting, body, closing, signature and an attachment (PDF).

    • Check the email against a netiquette checklist (tone, subject relevance, CC/BCC use, attachment safety).

    • Take a screenshot of the completed email and submit it as evidence.

  2. Configure safe‑search on a school computer:

    • Open the default browser, navigate to the search‑engine settings and enable “SafeSearch”.

    • Perform two searches – one with a neutral term, one with an adult‑related term – and record the results.

    • Capture screenshots before and after enabling SafeSearch and write a brief evaluation of the difference.

  3. Set up a parental‑control filter on a home router (or software alternative):

    • Log into the router’s admin panel, select a DNS‑filtering service, choose content categories to block, and set a daily time limit.

    • Document each step with screenshots and write a short guide for a sibling.

  4. Create a mock phishing email:

    • Design an email that pretends to be from a familiar service (e.g., “Your School Email Account”).

    • Highlight at least five red‑flag features (misspelt domain, urgent language, fake link, etc.).

    • Develop a checklist that classmates can use to identify phishing attempts.

  5. Draft an Acceptable Use Policy (AUP) for a school computer lab:

    • Cover email use, internet browsing, software installation, data protection and consequences of breach.

    • Include a short section on the responsibilities of pupils, teachers and parents.

    • Present the AUP to the class and discuss how it aligns with GDPR and the Online Safety Bill.

8. Suggested Diagram

Flowchart showing the interaction between parental controls, school/college controls and ISP controls in filtering Internet content and protecting personal data.