How it works and why it fails
The legal framework, the NSW DoE policy, the consent form, and what each level of protection actually stops.
The legal framework
Four current laws and one incoming code govern how schools handle children's photos. None of them were designed for what is happening now.
Privacy Act 1988 (Federal)
Defines photographs of identifiable persons as personal information. Photos of children require "particular care" and "express consent after telling them what the picture will be used for and who will be able to see it." Current consent forms do not disclose AI training, facial recognition, or data scraping.
PPIP Act 1998 (NSW)
The state equivalent for NSW government schools. Covers collection, use, accuracy, security, and disclosure of personal information. Photos are personal information. Disclosure requires a lawful purpose and appropriate consent.
Online Safety Act 2021 (Federal)
Grants the eSafety Commissioner authority over online harms. Includes Basic Online Safety Expectations strengthened in 2024. Establishes that the "best interests of the child is the primary consideration." The under-16 social media ban took effect December 2025.
Children's Online Privacy Code (due December 2026)
Will establish specific protections for children's data online. The exposure draft was released March 2026 with consultation closing June 2026. Expected to include best interests considerations, consent requirements, and the right to deletion. The strength of the final Code depends on what happens during consultation.
None of these laws specifically address the use of children's photos from school social media in AI training datasets, facial recognition databases, or synthetic media generation. The system was designed for a world where "publishing" meant people could see the photo. In 2026, "publishing" means the photo enters permanent AI systems.
NSW Department of Education Policy PD-2011-0418
This is the policy that requires school Facebook accounts to be public. It is the single most impactful thing that can change.
Schools are required to be public
The policy states that school social media accounts "must not restrict access or be set as 'private' or 'closed'." The rationale: the "main purpose is to reach broader audience and build stronger community." This means every photo posted on a school Facebook Page is visible to every person and every automated system on the internet.
Administration and monitoring
Schools must submit an EDConnect Online Social Media Request. The principal is responsible. A minimum of two administrators is required, one of whom must be the principal or an executive. Accounts are moderated during school hours only: 9am to 3pm weekdays. Content posted or accessible outside those hours is unmoderated.
Student images
Student images require a signed "Permission to Publish" form. Tagging and naming are prohibited without specific consent. Even photos where students cannot be identified require consent. Staff cannot share student content on personal social media.
Victoria takes a different approach
Victoria's education department encourages restricted access for school social media accounts. NSW is an outlier in requiring public settings. The policy can be updated administratively. No legislation is required.
An audit of every NSW government school found that 82% operate public Facebook Pages. The result is uniform: 83% metro, 81% inner regional, 82% outer regional. 1,780 schools serving 637,818 students follow the same pattern. This is not individual decisions. It is what the system produces when the policy says "must not restrict access or be set as 'private' or 'closed'."
Only approximately 100 schools use private Groups. The alternative exists. The system does not produce it.
The consent form
Binary choice
The NSW "Permission to Publish" form offers one choice: consent to all public publishing (school website, newsletter, Facebook, newspapers, external media) or none of it. There is no option to say "yes to the newsletter, no to Facebook."
No AI disclosure
The form warns that online content "can be discoverable online" and may be "cached by search engines." It says nothing about AI training, facial recognition databases, training datasets, or deepfake generation. It was written before any of this existed.
No expiry
Consent remains in effect "until I advise the school otherwise." There is no annual renewal. A form signed in 2019 still governs what happens to a child's photo in 2026, in a threat landscape that did not exist when the form was signed.
Children have no voice
The children whose photos are published have no say in the decision. A 2024 peer-reviewed study found that school social media practices violate Article 12 of the UN Convention on the Rights of the Child, which guarantees children the right to express views on matters affecting them.
What each level of protection actually stops
There is no single action that eliminates all risk. Here is an honest breakdown.
The minimum first step
Stops: Third-party scrapers, search engine indexing, random public access.
Does not stop: Meta's own AI training (unclear under current terms), member screenshots, historical scraping of already-public content.
A private Group immediately eliminates the broadest attack surface: unrestricted public access. It prevents the mass-scale automated harvesting that facial recognition companies and dataset builders rely on.
The next step
Stops: Everything in Level 1, plus Meta's AI training.
Does not stop: Historical scraping. Other platforms' AI training (depends on alternatives).
Alternatives include dedicated school apps (Compass, Sentral, Skoolbag, ClassDojo, Seesaw), password-protected school website sections, email newsletters, and school-controlled parent portals. The question: does the school control the platform, or does a data-mining company?
Most protective
Stops: All scraping, all AI training, all facial recognition capture, all deepfake source material.
Does not stop: Historical scraping of already-public content.
This is the most protective option but not the recommended first step. Parents value seeing their children's school life. The goal is to protect children while preserving the community communication that schools and families rely on. A private Group achieves that balance.
Photos already scraped cannot be unscraped. AI models already trained on those photos cannot unlearn them. But deleting historical posts still matters: it prevents future scraping, removes photos from search results once caches expire, reduces the number of publicly available images of each child, and demonstrates institutional commitment to protection.
The system wasn't built for this. Now we know.
The policy, the consent form, the legal framework: none of them contemplated what happens to a child's photo on a public Facebook Page in 2026. Now we have the evidence. The question is what we do with it.
Follow the investigation
Get notified when new evidence emerges or policy changes.
Last reviewed: April 2026