The internet is largely unregulated and can pose risks for kids. Find out how you can help children have fun on the web and stay safe.

Worldwide, children have to be at least 15 years of age before they can drive and at least 16 before they can legally drink alcohol (where it's not banned). But when it comes to the internet– a place of friendship and learning and fun but one trawled by bullies, fraudsters and perverts – the only prerequisite for many children is the ability to use a mouse or swipe a touchpad.

This is not to suggest the internet should be a no-go zone for children – only to point out that, because the web has no borders, it’s largely unregulated and potentially risky.

Risk and young people is a volatile mix. Their brains are still developing and they’re prone to making rash decisions and behaving impulsively without considering the consequences of their actions.

Keeping children safe online

Their immaturity is compounded by the anonymity and distance offered by the web, which can make users more inclined to say and do things online they wouldn’t dream of doing in the physical world.

A child’s online activities can expose them to bullies and trolls, inappropriate content, hackers and other cybercriminals, taking an emotional and, in extreme cases, physical toll on them.

With virtually no one policing the web, parents have an important role to play in ensuring their children are responsible digital citizens and engage in online activities safely at home, school and their friends’ places.

As the Australian Institute of Family Studies puts it: Online safety is a child protection issue.

We’ve reviewed some of the literature and identified the main risks and some simple but effective steps you can take to help children enjoy the benefits of the internet while avoiding the risks:


Children cyberbullying

Cyberbullying is the use of technology to bully a person or group with the aim of hurting them socially, psychologically or even physically.

It typically takes the form of abusive, hurtful and humiliating texts, emails, messages, images/insights/life or videos. It can also be as subtle as excluding others online.

Based on research commissioned by the Australian Government Department of Communications, an estimated 20 per cent of young Australians aged 8-17 are cyberbullied over a 12-month period, typically once or twice.

The research found that cyberbullying follows ‘an inverse U pattern’, with few incidents involving children under 10, the prevalence increasing dramatically after this age, and then decreasing slowly for young people over 15 – as they become more aware of their online behaviour and ways of avoiding or managing cyberbullies.

Indeed, of the estimated 463,000 victims, about 365,000 – or nearly 80 per cent – are in the peak age group of 10-15 years old.

Though it’s less common than traditional bullying, cyberbullying can have more serious psychological effects due to the:

Signs of cyberbullying include emotional distress and changes in mood and behaviour.

What can I do?

In Australia, there’s no law against bullying per se, let alone cyberbullying (though cyberbullies can fall foul of existing laws, e.g. by making threats or defaming someone).

Assuming it doesn’t involve any criminality, the experts recommend you take the following approach to cyberbullying:

1. Report it to the social media service

By law, social media services are required to take down material of a bullying nature.

If the service fails to act on your report, you can make a complaint to the Office of the Children’s e-Safety Commissioner. They will ask you for evidence of the cyberbullying, so take photos or screenshots of the material in question.

2. Block the bully

Most social media services give users the option of blocking a person, preventing them from continuing to post or upload offensive content.

If it’s a text message or call, the child’s service provider can be asked to monitor the calls or texts.

Blocking the bully

The service provider may contact the sender, to advise them that using a phone to bully is a breach of their contract.

If necessary, the child’s phone number can be changed.

3. Talk to the child

Offer consoling words to the child and, if necessary, encourage them to speak to a teacher or counsellor they like and trust. Most schools have policies or codes of practice in place to address cyberbullying – regardless of whether the bully is at the child’s school.

4. Seek professional help

If the child remains anxious or depressed, they can contact Kids Helpline, which offers young people (aged 5 to 25) email, webchat and phone counselling conducted by trained and qualified counsellors 24/7.


Trolling is different to cyberbullying in that the troll – hiding behind their anonymity – gets lulz (laughs) out of seeing people’s reactions to their inflammatory remarks.

It’s not personal – they simply enjoy getting a rise out of people, whoever they happen to be.

The best thing to do is deny them the satisfaction they are seeking by ignoring them and blocking them.

Social networking

Social networking apps

Sites such as Facebook, Twitter and YouTube specify users must be at least 13 years old – but kids routinely lie about their age in order to set up an account; and the services don’t do anything to verify users’ ages.

A child’s digital reputation is defined by their behaviour online, and the content they post about themselves and others.

It can shape how they are perceived not only online, but offline too – now and into the future.

A poor reputation can affect not only their relationships but also their job prospects.

Not only is their reputation at stake, but also their privacy: Social media is great for sharing and connecting but less so for private communication.

What can I do?

Be careful what you reveal

A child should carefully consider what personal information to put in their profile. They’re not obliged to fill in every field. For example, they may not want everyone to know which school they go to or how old they are.

Adjust privacy settings

By setting their accounts to private, children can ensure only people they know and trust can see and share their information.

(By keeping an eye out for changes in the services’ privacy policies, they’ll also know when to adjust their settings accordingly.)

The experts also advise against ‘friending’ random people – to go for quality over quantity.

Think before you post

Once information is published, it can be quickly and easily shared and is difficult, if not impossible, to remove.

Arguably the single most important tip, then, is for a child to stop and think before they post or send.

A good rule of thumb is for them to assume that everything they post is public and accessible to anyone, forever.

While a child may have the good sense not to post an incriminating photo, their friends may be less circumspect.

With the help of their parents, children can set up alerts to let them know when they’ve been tagged in photos posted by others.

If a child doesn’t want to be associated with a photo, they can untag themselves. If they want to take it further, they can ask the person who posted the photo to remove it.

Turn off location

Children can be shown how to manage their location services so they don’t inadvertently advertise their whereabouts.

Beware of predators

It’s every parent’s worst nightmare. An adult predator grooming their child with the intention of facilitating a sexual relationship.

The chances of this happening to a child are remote, but if it does the experts recommend they:

  1. Never respond to anyone who asks them personal or inappropriate questions, sends them obscene content, or asks them to send intimate photos of themselves.
  2. Leave the site or chat session immediately, before reporting the unwanted contact to a trusted adult or – if they fear for their safety – the police.
  3. Block the contact and remove them from their friends list.

Promote good digital citizenship

Parents can promote good digital citizenship by modelling good online behaviour to their children and teaching them how to be respectful of others online.

Inappropriate content

Pornography, graphic violence and religious extremism – these are some of the categories of inappropriate content a child can accidentally or deliberately access on the internet.

By virtue of its sheer volume, pornography is the content kids are most likely to stumble across. According to research by neuroscientists Ogi Ogas and Sai Gaddam, of the one million most-visited websites in the world, nearly 43,000, or roughly four per cent, are sex-related sites.

It’s literally child’s play to see pornography on the internet. Not only is it available free in huge quantities, the internet makes it faster, easier and more anonymous to access.

The concern is that, in the absence of relationally-based sex education from parents or schools, pornography could have an outsize role in shaping a child’s sexual knowledge, attitudes and behaviour.

That’s a worry, given that sex depicted in porn is divorced from intimacy, loving affection and human connection. Worse, it shows women in sexist and stereotyped ways and in some material depicts and eroticises violence.

There are virtually no age-related barriers to access, with three-quarters of commercial pornography websites displaying sexually explicit content on the first page.

Even if you’re not looking for it, it comes to you, for example through unsolicited emails or pop-up windows promoting pornographic websites.

What can I do?

With the pornography genie well and truly out of the bottle, you won’t be able to completely stop its onslaught.

The best course of action is to minimise a child’s exposure to it, both accidental and deliberate. Here are some ways to do this:

Install a filter

The most popular means of protecting children from exposure to pornography and other inappropriate material on the internet are web content filters, also known as parent control software.

These filters are computer programs that filter out content that the computer owner may consider objectionable.

In Australia, Family Friendly Internet Service Providers – those who comply with the Internet Industry Association’s (IIA) codes of practice – must , if requested, provide their users with approved filters they can install on their own computers (a ‘client side’ filter).

Internet Service Providers (ISPs) may send you a link to download the software; or refer you to Family Friendly Filter software offered by the Communication Alliance (which has taken over the activities of the IIA).

Though it’s not mandatory, some ISPs may also offer a ‘server based’ filter, which filters content before it is sent to the user’s computer (precluding the need for a ‘client side’ filter).

Separately, many search engines, such as Google and Bing, allow users to turn on a safety filter that excludes links to inappropriate content from the results page.

This option may be suitable if a child is too young to know how to bypass the safety filter (e.g. by typing in the URL of a porn site).

Monitor internet use

As useful as they are, filters are not foolproof. For example, they can be bypassed by peer-to-peer file sharing – typically, friends passing around files containing inappropriate content.

As an added safeguard, parents can check the websites their children visit are appropriate and keep an eye on the screen (having agreed on physical locations that give the parents ‘line of sight’).

Because you can’t watch children every minute (especially if they use portable devices like smartphones and tablets to browse), you may want to consider putting in place an agreement about:

For older kids, this agreement could include appropriate responses to cyberbullies or adult content.

Modelling healthy relationships

Model healthy relationships

According to forensic psychologist Dr Russ Pratt, parents can help their kids ‘decode pornography’ by modelling respectful, loving relationships – with partners, friends and the children themselves.

“Nothing will assist young people more than a healthy familial relationship that allows them to measure what they see in ‘porn world’ up against what they see in the real world they are immersed in,” wrote Dr Pratt in the Australian Psychological Society’s journal, InPsych, in 2015.

Improve digital literacy

Children can be taught how to critically analyse online content and distinguish between what’s real and what’s fantasy. That way, even if they are exposed to pornography, they will know it’s a very narrow and distorted view of sex.

Computer safety

According to research by the Australian Communications and Media Authority, teens’ main form of online communication in the four weeks to June 2015 was email, used by 78 per cent of survey respondents.

This was far more than the proportion using social networking to communicate (54 per cent).

This is significant in that email is one of the main ways that malware – short for ‘malicious software’ and which includes keyloggers, spyware, Trojan horses, viruses and worms – is delivered to victims’ devices.

Malware is used to monitor and collect personal information or disrupt or damage computers and other devices.

Phishing is a form of email fraud, whereby emails purporting to be from reputable companies are used to trick people into revealing personal information, such as passwords and credit card numbers, online.

A homophone of fishing (think lures), phishing is popular among cybercriminals as it is usually much easier to trick someone into clicking a malicious link than it is to break through their computer’s defences.

Other ways of delivering malware include online ads, social media and apps.

Signs of malware on your computer include:

What can I do?

Arguably the biggest risk to a child’s computer and other devices is the child, specifically what they do or don’t do when emailing, downloading and connecting.

Malware is ultimately about human faults, not software faults.

By following these basic guidelines, children can reduce their odds of falling victim to cybercriminals:

Be careful with personal information

If a child gives out personal information like their name, email address and phone number too freely, it can end up in the hands of criminal and unscrupulous marketers.

Next thing they know, they’re inundated with junk emails, or spam, and calls from scammers. The takeaway: When in doubt, don’t.

Don’t reply to spam

Delete spam without opening it. Under no circumstances should children reply to spam or click on any links provided – including any ‘unsubscribe’ links. An email is likely to be spam if the child’s email address is missing from the To: or Cc: fields.

Email spam

Install anti-malware software

After installing the software, show the child how to run a full scan of their device (which they should do at least once a week) and follow the instructions to remove any viruses or other malware found. Experts recommend scanning USB sticks before accessing any of the content.

The software can only track down malicious data it knows about, so encourage the child to keep it updated. The same applies to their device’s web browsers and operating systems, the latest versions of which are the most secure.

Download from trusted sites

Files, software and apps should be downloaded only from reputable websites.

Before downloading an app, children should understand and be comfortable with the personal information the app would access and share.

In particular, they should beware of malicious apps masquerading as anti-virus or security products.

Connect with care

When connecting to public (open) Wi-Fi networks, children need to be mindful that they’re vulnerable to hackers monitoring and collecting their data (e.g. browsing history and passwords).

As a precaution, when using a public network they should restrict their internet use to non-sensitive activities, like streaming.

And they should disconnect Wi-Fi, Bluetooth, near-field communication (NFC) and other remote connectivity services when they’re not using them.

Connect with care

Beware of pop-ups

Never click on an ‘Agree’ or ‘OK’ or ‘No thanks’ button to close a window on a suspicious website or pop-up. This can launch spyware.

To safely close a pop-up, press Ctrl+Alt+Del, start your computer’s Task Manager, click on the Applications tab, select the pop-up window from the list, and click ‘End Task’ (for Windows).

Or avoid the hassle by activating the computer’s pop-up blocker.

Treat mobiles the same

Mobile devices like smartphones and tablets are basically small, portable computers – with many of the same vulnerabilities as desktop computers.

Encourage children to lock their portable devices, using a strong passcode or passphrase (or facial recognition or fingerprint authentication, if available).

It’s also advisable for them to back up their mobile data to a PC, external hard drive, flash drive, network or the cloud.


Phone password

While passwords are just one way of securing your personal information online, we think they’re worthy of special mention.

That’s because passwords are sometimes the only defence against authorised access to your personal information.

And yet a study by Trust Wave found that most of us rely on passwords that are weak.

The study found that in a database of 3.1 million compromised passwords, only 33 per cent were unique. In other words, two out of three passwords had been used by two or more people.

This makes them vulnerable to hackers, who use databases of commonly used passwords to generate tens of thousands of guesses per minute in an attempt to gain access to victims’ accounts – ‘dictionary attacks’, as they’re called.

Passwords can also be stolen or captured using keylogger software, for example.

If a child’s password (or PIN) is captured, guessed or stolen, an attacker can potentially:

Here are three tips that will help make a child’s passwords difficult for cybercriminals to crack or pilfer:

Use complex passwords

Everyone, parents included, should use passwords that are difficult to guess or generate.

These passwords are generally at least eight characters long (10 or more is recommended) and contain at least one uppercase character, one numeric character and one non-alphanumeric character (e.g. !@#^&*).

Never use the same password twice

Once a child’s one-password-for-everything is compromised, hackers will have access to all their other accounts.

If the child is a forgetful type who struggles to remember more than one password, their passwords can be stored in a password management tool (e.g. LastPass, 1Password or KeePass).

The only password they’ll have to remember then is the one that opens their encrypted vault.

Keep passwords in a safe place

Passwords should be treated like a house or locker key: Don’t store them in a word document or email note on the computer.


Helping a child keep safe online

The more tech-savvy you are, the easier you’ll obviously find it to help a child stay safe online.

If you’re not that savvy or rely wholly on offline strategies for ensuring a child’s online safety – such as home surveillance and formal guidelines – don’t fret.

Children can often be the “expert” and show you how they secure their devices and safeguard their personal information – putting you in a better position to offer advice.

Moreover, there are interactive learning materials available (e.g. Budd:e and Tagged), which are generally more effective than websites and printed material.

Remember, too, that the internet is integral to children’s lives; one of their biggest fears is not having access to the internet.

Children connecting online

Threatening to deny a child access to the internet as a form of punishment or even to protect them from unsavoury characters could backfire.

It could cause them to withhold vital information from their parents for fear of losing access, leaving the parents in the dark and potentially exposing the child to greater harm.

Lastly, you’ll be pleased to learn that – according to research by the Young and Well CRC and University of Western Sydney – unlike many adults, young people don’t distinguish between “the online” and “the offline” as distinct realms.

Rather than sliding into a moral vacuum online, they generally apply the same moral framework to their online and offline interactions.

So if a child is a good'un offline, the odds are they’ll be a good'un online too.

Happy surfing!

Sources Tips for Mobile Devices_2015 Update.pdf