Building an online safety culture

• Who are our expert safety advisors – internal and external?
• Who are our key safety partners or suppliers?
• What key resources are we acquiring from our safety partners?
• Which key safety functions do our safety partners perform?
• How often do we liaise/consult with our userbase and experts to address safety issues on our products/services?
   

• What are we doing to prevent harm and minimise risks to individuals and society as identified in the Safety by Design principles?
• What ongoing processes are in place to ensure we are improving safety measures and approaches?
• What steps are we taking across all our channels to secure the safety and wellbeing of our users?
• What steps are we taking to address unforeseen consequences that our products/services might have?
   

What physical, financial, intellectual and human resources are in place to:

• secure the safety and wellbeing of our customers/users now and into the future?
• embed safety into all our product/service features and distribution channels?
• embed safety into the culture, roles and ethos of the company?
• ensure safety is assessed, audited, evaluated and monitored throughout the product/service lifecycle?
   

• What are we doing to uphold the rights, dignity and safety of our customers?
• How are we making a positive impact on the safety and wellbeing of individuals and society more broadly?
• What safety measures do we offer that are sector-leading?
• How are we addressing and solving the safety concerns of our customer segments, including those most at risk?
• What positive impact are we having on the safety and wellbeing of our customers, and how is this measured?
   

• What engagement, consultation, and co-development processes are in place for us to learn and collaborate on safety with our customers/users?
• What routes and processes are in place for users to report, appeal and manage their safety – and how effective and impactful are these for our users?
• How are we empowering our users to control and manage their own safety across our products/services?
   

• Are our safety measures integrated and consistent across all our features and channels?
• What safety measures work best across each of our channels, and for which of our customer/user segments?
• How are we meaningfully communicating our safety activities and measures to users?
• How are we allowing our users to assess and evaluate the safety of our products/services?
• How are we supporting our customers once they have a safety issue or concern?

• Who are our core customers/user base?
  • Are these mass market, niche market, segmented, diversified, multi-sided?
• What specific safety needs, issues and expectations do each of our customer/user segments have?
  • How do they intersect?
  • How are we addressing them?
• Whose safety and wellbeing are we currently addressing, and how are we monitoring and anticipating future needs and issues?
• For whom are we creating a safe and inclusive environment and how is this measured?
   

• What are the most important costs involved in making our products/services safer?
• What regulatory, reputational and revenue risks do our safety measures mitigate against?
• What role does our culture of safety have on employee motivation, retention and innovation?
• What cost impacts do safety features and protections have across our network?
   

• How effective are our safety measures in:
  • maintaining healthy, civil and empowering discourse
  • upholding the rights and dignity of our customers/users
  • engendering loyalty and trust in our users/customers
  • catering for diversity and securing inclusivity
  • securing the highest levels of protection for all users.
• What measurable impact have our core safety innovations had in terms of reducing risks and harms on our service/platform, both in the short and long term?
• What safety innovations and investments have set our product/service apart in the marketplace?
• What value-add has our work with safety partners had in terms of making meaningful and impactful change to our service/platform?
• What value have our developments in safety had on our revenue from key partners?
   

• Provide user safety training to all permanent and contractor staff.
• Training can include face-to-face sessions or e-learning modules.
• Consider whether successful completion of training is a condition of employment.

• Integrate user safety training into working practices.
• Provide annual training and refresher courses.
• Offer ad hoc training on key topics and emerging issues.

• Leadership team to discuss user safety training requirements periodically (good practice: at least quarterly and/or following a content incident).
• Measure training performance and objectives against key indicators and outcomes.
• Review user safety data and update training accordingly.

• Legal obligations to report unlawful content such as:
  • violent extremist or terrorist content or activity
  • child sexual abuse or exploitation
  • illegal goods or services
  • human trafficking.
• Basic understanding of online harms and techniques used to harm and abuse others.
• Standard operating procedures for content moderation.
• Standard operating procedures for escalation and triage.
• Crisis management protocols.
• Applicable laws and regulations – national and international.
• Acceptable use policy.
• Safety review processes.
• Human rights, dignity of the child and child rights impact assessments.
• Cultural, sociolinguistic and diversity awareness training.
• Individual/role responsibilities.
• Organisational responsibilities.

Find out how internal policies and training embed safety into operations.

The Technology Coalition, established in 2006, is a global alliance of technology companies dedicated to preventing and eradicating child sexual exploitation and abuse (CSEA) online. It leads a range of programs and activities for knowledge sharing and collaboration such as research programs, resource publications and events. In 2020, it launched Project Protect, a strategic ‘five pillar plan’ to reinforce the collaborative industry-wide approach to address CSEA. 

The coalition’s other projects include: 

• Lantern – a cross-platform signal sharing program to address online grooming and financial sextortion of young people.
• The Alpha project – a cross-platform video hash interoperability program for platforms to discover previously undetected Child Sexual Abuse Material (CSAM) videos regardless of the hash format.
• Harm assessment resource – An online child sexual exploitation and abuse (OCSEA) risk assessment framework for features, products and settings.
• Pathways – provides expert advice, the ability to licence child safety technology and a resource hub with expert guides on how to draft policy documents on OCSEA, report CSAM or OSCEA, and use detection technology.

Members include: Adobe, Amazon, Apple, Cloudflare, Dropbox, Meta, Flickr, GoDaddy, Google, Microsoft, PayPal, Roblox, Snap, X, Verizon Media, VSCO, Wattpad and Yubo.

The Global Internet Forum to Counter Terrorism (GIFCT) was founded in 2017 by four major technology platforms (YouTube, X, Microsoft and Facebook) and now brings together more than 30 platforms and members of government, civil society and academia to foster collaboration and information-sharing.  

The GIFCT’s mission is to prevent terrorists and violent extremists from exploiting digital platforms, and to protect and promote the human rights terrorists seek to undermine.  

GIFCT also partners with Tech Against Terrorism to support the industry’s fight against the terrorist exploitation of the internet. 

Members include: Amazon, Discord, Dropbox, Facebook, Instagram, LinkedIn, Mailchimp, Mega, Microsoft, Pinterest, WhatsApp and YouTube. 

The WeProtect Global Alliance, founded in 2012, combines the knowledge of industry, government, civil society and international organisations to strengthen the protection of children from threats of exploitation and abuse online. The diversity of this membership facilitates effective collaboration to address these complex and evolving threats.  

The Alliance offers a library of resources, including priority areas for international collaboration, guidance and support to countries and organisations on how to build their response to online CSEA and annual assessments on the scale and scope of CSEA.  

Given that the scale of online-facilitated child sexual exploitation and abuse is increasing at an alarming rate, it benefits technology companies to work with national and global alliances at the forefront of research, policy and best practice, so they can act effectively against these threats to online safety.

The Alliance includes: 102 governments, 95 civil society organisations, 10 international organisations and 40 companies.

• All Tech Is Human is a non-profit organisation that intentionally brings together a diverse range of individuals and organisations across civil society, government, and industry.
• Coalition for Content Provenance and Authenticity (C2PA) advances provenance standards to preserve trust on the internet.
• Christchurch Call brings together governments, tech companies, NGOs and other stakeholders to work towards preventing the dissemination of extremist content online.
• Content Authenticity Initiative focuses on fighting misinformation and tamper-evident provenance on photos, video, and documents.
• Digital Trust & Safety Partnership develops best practices and assessments on issues related to trust and safety.
• Thriving in Games Group focuses on creating new and better experiences for players.
• Global Coalition for Digital Safety, led by the World Economic Forum, aims to accelerate public-private cooperation to tackle harmful content online and will serve to exchange best practices for new online safety regulation, take coordinated action to reduce the risk of online harms, and drive forward collaboration on programs to enhance digital media literacy.
• Trust and Safety Professional Association (TSPA) advocates for the wellbeing of and the work of trust and safety professionals globally.