Online grooming and the rise of online tuition

Due to COVID-19, there has been an explosion of online tuition but there is a crucial need for more stringent regulatory practices in order to safeguard students and parents. David McCarthy, Director of Education at Sophia Technologies, discusses here

Are parents making sure that their children are safe when they are online with a tutor? Are parents making sure that the platforms the tutors are using for their online lessons are secure? What checks should there be on tutors? These are some of the sensible questions that parents have been asking since schools shut down over the coronavirus.

Now that all schools have been closed indefinitely, and now that parents are starting to see the challenges of educating their children at home; more and more parents are now turning to online tutoring to help them out, and also to make sure that their children are not too far behind when they return to their schools. However, with certain countries not opening their schools until September, it appears that parents in the UK may also have a long wait, and frustrations are beginning to build up.

DBS checks

Due to the COVID-19 epidemic that has swept the world, teachers/tutors can no longer visit their clients’ houses due to the restriction of movement that the government has imposed upon the public. This means that all tuition for the foreseeable future will be online. However, it is important that parents do not drop their guard. They must make sure that any tutor they hire has been properly vetted and has a current enhanced DBS check. Safeguarding children when an adult visits the house seems to be obvious, but many parents do not think that the same procedures need to take place online. In many ways, parents need to be warier.

NSPCC research

In September of last year, the NSPCC reported that one in five victims of online grooming are aged 11 and under. A series of Freedom of Information requests by the children’s charity revealed the number of grooming offences recorded by police surged by more than a third last year to more than 4,000. Perhaps, what was not so surprising was the fact that more than 70% of reported grooming took place on the main social media networks Facebook, Instagram, WhatsApp and Snapchat.

The NSPCC also found 20% of the victims were under 12 – despite the minimum age of the social media platforms being 13, and 16 for WhatsApp. However, the main problem is that the social media giants are not verifying identities or checking the age of any of its users effectively. The NSPCC also reported that there were:

• A total of 5,161 crimes of sexual communication with a child recorded in 18 months.
• Almost a 50% increase in offences recorded in the last six months compared to same period in the previous year.
• A 200% rise in recorded instances in the use of Instagram to target and abuse children over the same time period.

The current government is committed to tackling Child Sexual Exploitation and Abuse (CSEA) in all its forms and to protect children from this terrible crime:

• Law enforcement agencies in the UK are currently arresting around 450 individuals and safeguarding over 600 children each month, through their efforts to combat online CSE.
• In the UK alone, it is estimated that there are 80,000 people who present a sexual threat to children online.
• Statistics from the National Crime Agency (NCA) show that last year 2.88 million accounts were registered globally across the most harmful child sexual abuse dark web sites, with at least 5% believed to be registered in the UK.

The one problem that the government is up against, is that tutoring is an unregulated industry. Any person can set themselves up as a tutor and advertise their services in local newspapers. There are no checks on them. Most reputable tutoring companies do have varying level of checks – they will check their identities and ask for an enhanced DBS check. However, there are many tutoring companies out there who will try and bend the rules. On one tutoring website, they stated: “that every one of their tutors has been screened and handpicked for your safety. That they have checked their identities and ensured they hold a valid DBS certificate (remember if any tutor is working with children you need an enhanced DBS check, a basic or standard DBS does not cover working with children, as they do not give the employer access to the DBS Children’s Barred List). It is also best practice that current teachers should have their enhanced DBS checks updated once every three years; whilst tutors should really have theirs updated once every year. Although, interestingly enough, when you go into their frequently answered questions you receive this message:

How long does it take for me to get verified?

“Depends on how quickly you can fill out your profile! If you have everything to hand (DBS certificate, ID and address documents), then it should take you around 15 minutes to get set up”. Of course, it should not be the case of simply sending your passport details or a copy of your passport, it is best practice that all tutors are interviewed face-to-face and that they should be there in person when they hand you over their passport. We should also be aware that using someone else’s id to get a job has become has become increasingly prevalent, as Uber learnt to their cost. There is also no mention of how old the proof of address documents should be; again, it is best practice, for obvious reasons, that any proof of address should be no more than three months old. In conclusion, all tutors should be fully vetted and, in my opinion, had a face-to-face interview.

Another problem that some tutoring companies have is the fact they are using Zoom as a means of delivering their online lessons. On April 2^nd 2020 The Guardian’s headlines stated:

‘Zoom is malware’: Why experts worry about the video conferencing platform

It continued to state that the company has seen a 535% rise in daily traffic in the past month (for obvious reasons), but security researchers have said that the app is a ‘privacy disaster’.

A few weeks ago, New York’s Attorney General, Letitia James, sent a letter to the company asking it to outline the measures it had taken to address security concerns. In the letter she stated that Zoom had been slow to address security vulnerabilities “that could enable malicious third parties to, among other things, gain surreptitious access to consumer webcams”. This letter was brought about because of a whole catalogue of errors:

• On 30 March, the FBI announced it was investigating increased cases of video hijacking, also known as “Zoom-bombing”, in which hackers infiltrate video meetings, often shouting racial slurs or threats.
• Zoom meetings can be accessed by a short number-based URL, which can easily be generated and guessed by hackers, a January report from the security firm Checkpoint found. Zoom has released guidelines in recent days about how to prevent unwanted guests from crashing video meetings and a spokesman told the Guardian it had also been working to educate its users on protections through blogposts and webinars.
• Zoom has falsely advertised itself as using end-to-end encryption, a system that secures communication so that it can only be read by the users involved, a report from the Intercept found. Zoom confirmed in a blogpost on Wednesday that end-to-end encryption was not currently possible on the platform and apologized for the “confusion” it caused by “incorrectly” suggesting the opposite.
• In 2019, it was revealed Zoom had quietly installed a hidden web server on user devices that could allow the user to be added to a call without their permission. And a bug discovered this week would enable hackers to take over a Zoom user’s Mac, including tapping into the webcam and hacking the microphone.
• The company responded by saying it had issued a release to fix the Mac issue, but the number of security issues with Zoom in the past make it as bad as malicious software, said Arvind Narayanan, an associate computer science professor at Princeton University. “Let’s make this simple,” he said. “Zoom is malware.”
• A report from Motherboard found Zoom sends data from users of its iOS app to Facebook for advertising purposes, even if the user does not have a Facebook account. Zoom changed some of its policies in response and has stated that the company “has never sold user data in the past and has no intention of selling users’ data going forward”. But the Motherboard story was cited in a lawsuit filed in a federal court in California this week, accusing Zoom of failing to “properly safeguard the personal information of the increasing millions of users” on its platform.

With lack of regulation in the tutoring industry parents should also be aware of and watching out for:

Grooming, child abuse and child sexual exploitation

The potential for grooming, child sexual abuse and child sexual exploitation is ever rising. The NSPCC would define abuse that is something facilitated using internet-connected technology…including, but not limited to: harassment; stalking; threatening behaviour; abuse material; inciting a child to sexual activity; sexual exploitation; grooming; sexual communication with a child; and, causing a child to view images or watch videos of a sexual act. Children and young people who have experienced this type of abuse online have reported a range of negative effects.

Sexting

A 2016 study of eleven to sixteen-year-olds, jointly conducted by the NSPCC and the Children’s Commissioner for England and Middlesex University, found that 13% of boys and girls had taken a topless picture of themselves and 3% had taken pictures of themselves fully naked. Of those who had taken sexual images, 55% had shared them with others, while 31% had also shared the image with someone that they did not know. It is worth stating that under the Protection of Children Act 1978 (England and Wales) as amended by the Sexual Offences Act 2003 (England and Wales) it is an offence to possess, distribute, show and make indecent images of children, with the Sexual Offences Act 2003 defining a child, for the purposes of indecent images, as anyone under the age of eighteen.

So, remember, anybody can claim to be a tutor, without any checks at all. Unless clients are using reputable agencies, who have clear policies and procedures around safer recruitment, to find their tutors, clients themselves should undertake professional background checks before they open their doors to tutors working online with their children; shockingly statistics show that the majority of clients fail to do so. One cannot put a price on safeguarding and having rigorous checks on tutors. There is usually a reason why a tutor is working so cheaply online!

This can no longer be allowed to continue. Sophia supports the Tutors’ Association in lobbying the government to make sure that all self-employed tutors in this country have a police check (known as a DBS) before they can offer private lessons to children in the UK. It is also something that children’s charity, the NSPCC, has been campaigning for, as they call for a tightening of the law to ensure that every individual giving private tuition undergoes a check, saying the same rules should apply for self-employed tutors as for classroom teachers.