A social networking tool made available to every schoolchild in Scotland has been infiltrated by graphic content, drug pushers and individuals identifying themselves as paedophiles.
An investigation by The Courier has revealed shocking oversights in the rollout of Yammer — a Microsoft application available as part of Glow, Education Scotland’s national “digital learning platform”.
The tool allows every school pupil and teacher in Scotland — and by extension anyone with access to their home computer and password — to connect with one another.
It means sixth year pupils in Shetland can exchange private messages with primary children in Dumfries and access their full name, school, entry year, groups they follow and email account.
Within minutes of accessing the application, The Courier was able to uncover conversation threads where drugs and alcohol were being offered to young children, along with addresses for where these could be purchased.
In one instance, an individual with a misspelling of the word paedophile in his username was seen asking young girls for the location of a sleepover and offering to bring a variety of illegal substances.
He later wrote to another profile: “Come to mine. Drugs, alcohol and ice cream supplied.”
The user has now been suspended. However, the conversation threads and a Google map, presumably to the individual’s home address, remain openly accessible.
Other profiles were seen to be sharing bloody and violent horror images, including one with a mock severed hand.
A spokesman for NSPCC Scotland said steps must be taken to ensure children “are not putting themselves at risk and that they are not able to share or be exposed to inappropriate content”.
He added: “It’s vital that the Scottish Government and Education Scotland look at how this content is being moderated to ensure the safety of younger users.”
Education Scotland acknowledged in their own privacy impact assessment that there “may be a greater likelihood of inappropriate content and behavior “following the introduction of Yammer to the Glow platform”.
However, the system’s “keyword monitoring facility” — designed to flag up concerning terms in private or public conversations — appears to be unable to recognise even slightly modified spellings of concerning phrases.
In another section dealing with worries that “learners could be identified and located by someone who would wish to do them harm”, it is written that stakeholders had decided “the educational benefit of this functionality outweighs the risk”.
Large numbers of parents were reportedly not made aware that their children had been signed up for the social networking tool or asked permission for their information to be shared.
Every schoolchild in Scotland has been enrolled in the service but it is understood a number of institutions have already prohibited any further rollout to their pupils.
Access to the platform was temporarily suspended over the weekend after Education Scotland were approached for comment.
A spokesman said: “Yammer is part of Office 365 and the decision to use Yammer, and the moderation of the content subsequently produced, is for the local authority using Glow.
“The decision to give pupils access to the system rests with the relevant education establishment and local authority, and it would be for them to decide on seeking parental consent.
“Education Scotland provides reactive moderation of the Yammer site via the ‘report a concern’ button.
“In addition to lists of inappropriate words and imagery, which are constantly being updated, we are also exploring further options and tools which will enhance the moderation facilities for Yammer.”
Cyber security expert calls for more proactive monitoring and information for parents
A leading cyber security and privacy expert has hit out at the lack of proactive monitoring and dearth of information given to parents about the social networking tool.
Dr Xavier Bellekens, a lecturer at Abertay University, insisted security and privacy must become the “centerpiece of the design” of any system being used by children.
He said: “I was surprised by Education Scotland, to have this monitoring process be based largely on keywords.
“I would have thought there would be much tighter monitoring and that the children would be segregated into their own specific session.
“People need to be aware that it is very difficult to filter content. When you design a system for children, the users and the content need to be very well separated.
“Of course, many companies are struggling to filter out inappropriate content but filtering by keywords is not the way to go.
“The moment you provide a system to children, their security and privacy must become the centerpiece of the design because they cannot be expected to control that for themselves.
“I would like to see, in a system like this, more privacy options to make sure information is more restricted to specific groups and conversation metadata is more available to teachers or parents.
“You must have this kind of pro-active approach any time a child is involved. There is a duty of service for any provider to its users.
“There should clearly be more information made available to parents on how their children are being protected and to outline the rights they have.”
Parents ‘staggered’ by what pupils can access
One parent of children in the Dundee area said they were “staggered” by the content available to primary school-aged children.
“I wonder how many parents are actually aware of just what can be accessed by their children through Glow,”he said.
“My child pointed out a post that he thought was inappropriate so I began to take a look myself and within just a few minutes could see posts referencing everything from discussion of drugs to paedophiles.
“You can also see the details of school children all over the country — it is frightening.
“I really don’t think parents are being made adequately aware of the amount of information available.
“Schools and the education authorities have an absolute responsibility to treat the safety of our children with paramount importance and I think the use of this kind of software for young children is questionable at best.
“If you asked a hundred parents of primary school children I wouldn’t be at all surprised if the vast majority were unaware of some of the content their children are able to access through this school-sanctioned utility.”