Schools have spent years strengthening online safety through filtering, monitoring and safeguarding policies. But the rise of generative AI is rapidly changing the nature of digital risk, particularly when it comes to pupil images and online content.
While protecting students from harmful websites and interactions remains essential, a new challenge is emerging: what happens to pupil images once they are shared online. Increasingly powerful AI and image manipulation tools mean that photos can be altered, reused or taken out of context in ways that were previously difficult or unlikely.
This is not an entirely new concern as schools have always needed to consider how pupil photographs are captured and shared. What has changed is the speed, scale and accessibility of the technology. Tools that once required specialist skills are now widely available, often free, and capable of producing highly convincing results in seconds.
As a result, safeguarding responsibilities are expanding. Protecting pupil images now sits at the intersection of online safety, data protection, cyber security and digital leadership, requiring schools to think more strategically about how their digital content is managed and controlled.
Across the education sector, there is growing awareness of new and evolving risks. AI-generated deepfakes, realistic image manipulation, misuse of publicly available photographs and the potential for online blackmail or exploitation are all becoming part of the safeguarding landscape.
For schools, this creates an uncomfortable reality. Even content that has been shared appropriately, with consent and for positive reasons, can be reused in ways never originally intended.
An image posted to celebrate achievement today could, in a different context, become part of manipulated content tomorrow. This is particularly sensitive for vulnerable pupils, where visibility itself may present additional risk.
This does not mean schools should stop celebrating success or remove imagery altogether. Images remain an important way to communicate school culture and engage families. It does, however, mean schools need a more strategic approach to how digital content is governed and protected over time.
It is easy to assume these risks sit within existing online safety systems. In reality, they extend beyond them.
Monitoring and filtering remain essential. They help protect pupils from harmful content and identify concerning behaviour... however, they are not designed to address what happens to content once it becomes publicly accessible.
A filtering system cannot prevent a photograph from being downloaded and reused elsewhere. Monitoring tools cannot control how content might be altered or redistributed. These risks sit closer to how information is managed, secured and governed across the organisation.
In practice, this means safeguarding leads, senior leaders, communications staff and IT teams need to work more collaboratively. Safeguarding responsibility may sit with the Designated Safeguarding Lead, but many digital risk controls are implemented through technical systems, publishing processes, access management and cyber security measures.
Safeguarding is no longer just about behaviour and policy: it is also about systems, infrastructure and operational decision-making. Importantly, it also depends on culture... Effective safeguarding cannot become a tick-box exercise; it requires ongoing awareness, professional curiosity and a shared understanding across staff that digital decisions carry safeguarding implications.
As part of a wider safeguarding and digital strategy, schools should now be thinking more carefully about how pupil-related content is created, stored, shared and reviewed.
Questions schools may wish to consider include:
Are consent processes specific enough for today’s digital landscape, including clarity on platforms, duration of use and potential reuse risks?
Are parents and pupils clear about where images may appear, how long they may remain accessible, and how consent can be withdrawn at any time?
Do schools have clear oversight of who can upload, publish or approve content?
Are technical controls applied consistently across websites, social media, newsletters, shared platforms and third-party systems?
Do staff understand how easily digital content can now be manipulated or repurposed using AI tools?
Are safeguarding, IT and leadership teams aligned on digital risk ownership and accountability?
There are also important technical considerations which schools may not always be aware of. For example, image files can contain embedded metadata such as device information, timestamps or location data. Publishing processes may unintentionally expose more information than intended if appropriate controls are not in place.
Similarly, schools should consider whether original high-resolution images are genuinely necessary for public-facing use, or whether smaller, web-optimised versions would better support a proportionate risk approach.
These are not simply technical questions. They are safeguarding and governance decisions.
One of the biggest shifts schools now face is the need to move beyond isolated safeguarding responses and towards a more joined-up model of digital governance.
Historically, responsibility for online safety, cyber security, website management and communications has often sat in separate areas of the organisation. Increasingly, those boundaries are becoming harder to maintain.
A decision about publishing an image may involve safeguarding considerations, data protection implications, technical controls, reputational risk and operational oversight simultaneously.
This is why collaboration matters. Effective schools are increasingly those where safeguarding expertise, technical knowledge and leadership oversight work together rather than operating independently.
The challenge is not simply about preventing harm. It is about building systems, processes and accountability structures that reduce unnecessary exposure and support safer long-term decision-making.
Schools do not need to remove all imagery or dramatically reduce their digital presence. Communication with families and celebrating pupil success remain important parts of school life.
The focus instead should be on proportionate and sustainable practice.
That may include:
Reviewing how public-facing content is approved and monitored
Considering whether promotional content can remain effective without relying heavily on clearly identifiable pupil imagery
Applying stronger governance around image storage, retention and publishing workflows
Ensuring publishing processes remove unnecessary metadata and hidden location information before content becomes public
Regularly reviewing and removing legacy or outdated content as part of a scheduled audit cycle, rather than leaving material accessible indefinitely
Limiting unnecessary access to image libraries and publishing systems
Embedding digital risk considerations into wider safeguarding and leadership discussions
These measures are not about creating fear or eliminating all risk entirely. They are about demonstrating awareness, oversight and reasonable, proportionate action.
Schools should also have a clear response process if digital content is misused, manipulated or used in a threatening context.
Where concerns arise, the priority should be to preserve evidence, involve the Designated Safeguarding Lead or senior leadership team, follow safeguarding and incident management procedures, and seek police advice where criminal activity, threats or blackmail may be involved.
Staff should avoid engaging directly with perpetrators or responding to demands. Clear escalation routes and strong internal communication are essential.
The Department for Education’s increasing focus on digital and technology standards reflects a broader shift in expectations. Safeguarding can no longer be separated from cyber security, governance and leadership oversight.
Schools are increasingly expected to take a strategic approach that brings together safeguarding, data protection, access management, website governance, staff training and technical controls within a coherent framework.
For many leaders and Designated Safeguarding Leads, this presents a challenge: they are not cyber security specialists, nor should they be expected to become so.
The solution lies in collaboration, clarity of responsibility and access to the right expertise.
This reflects a wider shift in how safeguarding itself is understood. It is no longer confined to people and policies. It now extends into systems, platforms, infrastructure and everyday digital decisions.
At Juniper, we recognise that safeguarding is no longer a standalone function. It is increasingly connected to wider operational, technical and governance responsibilities.
Schools are navigating rapid technological change, evolving expectations and more complex safeguarding challenges, all alongside growing scrutiny around compliance, cyber security and digital standards.
In this environment, isolated approaches are becoming less effective. Schools need safeguarding, leadership and technical teams working with a shared understanding of risk, responsibility and operational oversight.
That is why joined-up thinking matters. Safeguarding processes, cyber security measures, digital governance, staff awareness and technical systems all play a role in reducing exposure and supporting safer outcomes for pupils.
As the landscape continues to evolve, thoughtful leadership, proportionate governance and strong cross-functional collaboration will become increasingly important.
In an AI-driven world, safeguarding is no longer limited to what pupils see and experience online. It also includes how their digital identity is shaped, shared and maintained over time. This means schools need to think more broadly about online safety, recognising its connection to digital governance, day-to-day operational decisions and the ongoing oversight of their online presence.
One practical step is to ensure consent processes are kept up to date, incorporating pupil assent and clear, accessible options for withdrawing permission. Alongside this, introducing regular image audits (whether termly or biannually) can help ensure that published content continues to be appropriate and relevant.
At the same time, schools should feel confident in maintaining a vibrant and engaging online presence. Photographs and content play an important role in reflecting school life, and families value seeing this.
The aim is not to remove that visibility, but to manage it thoughtfully, balancing openness with awareness of today’s digital risks.