Dr. Brian Bandey is one of the UK’s leading experts on IT Law, Internet Law, Computer Law and the international application of the Law of Copyright to Computer Programming Technologies. A frequently published author, Dr Bandey continues his monthly e-safety series for bee-it below...
This month and for the next two months, I will be examining the fundamental aspects of current Health and Safety Legislation and apply them to the Management of Risk by Schools in relation to e-Safety.
Schools and Local Authorities need to understand that Health and Safety Legislation requires the assessment of risk in pupil use of ICT and the management of that risk. Cyberbullying, exposure to pornography (extreme and otherwise) and exposure to other inappropriate content on the Internet can all cause long-term harm to the pupil. In this ‘mini-series’ I will discuss the legal obligations to safeguard the classroom which can neither be avoided nor delegated.
As always, I’ll just use the term ‘School’ here to denote that party but, in the context of Health & Safety Law and student misuse of the school’s ICT, it could be the LA, Board of Governors, IT Security Manager, Headteacher or Teacher.
Please be aware that in the third section of this ‘Health & Safety ICT Law Series’ I will be addressing the Criminal Liability of the School for e-Health & e-Safety Law failures.
Now, one of the most important legal duties that is placed on Schools is with respect to the Health and Safety of pupils whilst in the care of the School. The United Kingdom Health and Safety Legislation places statutory obligations on ‘Employers’ (a matter I will expand upon later) which cannot be delegated, nor ignored, nor avoided. The only option for the Employer is to satisfy the requirements of Health and Safety Legislation. For the purposes of that legislation, pupils are protected by the duties imposed because they are affected by an Employer’s undertaking or are using school premises.
Now it is a known fact that pupils will bully, threaten and intimidate each other using the School’s IT infrastructure. It is a known fact that pupils will threaten each other with violence by passing e-messages in the classroom. Similar attempts at extortion have also been discovered which take place, in the classroom and with the teacher present, through the vector of e-messaging using the School’s ICT. The psychological, emotional and developmental damage that can be done to a child in such circumstances is similarly well known.
It is further a known fact that use of the Internet can expose pupils to inappropriate material, including images of extreme pornography, images of violence and material encouraging self-harming and eating-disorders (to name but a few). It is in the context of these e-Hazards and the risks they represent that I will outline the operation of Health and Safety Law and its effect on the Local Authority, the Governing Body and the School.
So who is responsible for pupil health and safety?
Responsibility for the health and safety of pupils lies with the Governing Body of the School, either as the Employer of school staff or because it controls school premises (or both). Where the Governing Body does not employ school staff, the Local Authority (to which I’ll refer to as the ‘LA’) has responsibilities as the Employer.
Who the Employer is varies with the type of school. The Employer is:
(i) the LA in community schools, special schools, voluntary controlled schools, maintained nursery schools and pupil referral units?
(ii) the Governing Body in foundation schools, foundation special schools and voluntary aided schools.
The Employer must ensure, as far as is reasonably practicable (I’ll deal with ‘SFAIRP’ in the context of risk assessments next month) that pupils are not exposed to e-risks to their health and safety in school and during offsite visits. The Employer must have a health and safety policy and arrangements to implement it. Key elements of a policy are listed in Health and Safety: Responsibilities and Powers (DfES 2001). The Employer must assess the risks of all activities, introduce measures to manage those risks and tell their employees about the measures.
The Employer, whether the LA or Governing Body, has the power to ensure that its Health and Safety Policy is carried out. It must provide health and safety guidance to the School and ensure that staff members who are delegated tasks such as risk assessment and risk management are competent to carry them out. If risk assessment shows training is needed the Employer must make sure this takes place. The Employer cannot fulfil its Statutory Duty unless it monitors how well its Schools are complying with its policy.
In all Schools, the Governing Body controls the school premises (subject, in some cases, to the direction of the LA). Even if they do not employ school staff, Governing Bodies, to the extent that they control School Premises, must take all reasonable measures to ensure that the premises and equipment on the premises are safe and do not put the health of pupils at risk while they are on the premises. The Governing Body (and Headteacher) of a community, voluntary controlled, community special and maintained nursery school must comply with any directions given by the LA concerning the health and safety of persons in school, or on school activities elsewhere.
·physical and mental health and emotional well-being;
·protection from harm and neglect;
·education, training and recreation;
·the contribution children make to society;
·social and economic well-being.
And these are the five Every Child Matters outcomes:
·enjoying and achieving;
·making a positive contribution;
·achieving economic well-being.
It is expected that Governing Bodies will keep under review the contribution their School is making to each of the five outcomes, and satisfy themselves that this contribution is appropriate to the needs of their pupils.
One can also readily see that e-Safety drives directly to the School’s obligations under the Children Act 2004, for a child cannot enjoy (for example) mental health and emotional well-being whilst being cyberbullied through the School’s ICT. Similarly, a child is not being protected from ‘harm and neglect’ if the School itself has not put into place appropriate technologies to manage the risk in exposure to illegal and inappropriate material on the Internet.
Next month I will be considering the legal requirements in the construction of e-Health & e-Safety Policies and the topic of e-Risk Assessment. All of which are obligatory activities under Health & Safety Legislation.
For more information about Dr Brian Bandey, click here.
To read the last instalment of Dr Bandey’s E-Safety Clinic: Law of Negligence as modified by the Doctrine of Allurements, click here.
Add your comments and questions about this article below. Dr Bandey will respond to questions wherever possible, however for comments requiring a more in-depth response, bee-it will work alongside Dr Bandey to address these more thoroughly in future E-Safety Clinic articles instead.