On This Page
What Changed in KCSIE 2025
The 2025 version underwent mainly technical changes — updated links, references to new DfE guidance, and clarifications. It does not include wholesale rewrites. Part 1 (all-staff reading) is unchanged. The changes below are the additions that matter for DSLs and school leaders.
1. Online Safety — Four Cs Updated
The "Four Cs" (content, contact, conduct, commerce) now explicitly include misinformation, disinformation, and conspiracy theories under the content category. Schools must now equip pupils with critical thinking skills, not just filtering.
Full detail →2. Generative AI Guidance
Explicit reference to the DfE's Generative AI: product safety expectations — schools must assess AI tools against these expectations before use. The DPO must be involved in AI risk governance.
Full detail →3. Filtering & Monitoring Self-Assessment
The filtering and monitoring section now links to the DfE's Plan technology for your school self-assessment tool. Schools should use this to check their filtering meets the standards.
Full detail →4. Technical Updates Throughout
Updated hyperlinks to current government resources, removal of outdated references, and minor clarifications to definitions and agency names. No substantive policy changes.
Online Safety: The Four Cs Expanded
KCSIE 2025 (Para 135) updates the established "Four Cs" framework for online risk. Previously covering content, contact, conduct, and commerce, the content category now explicitly includes:
Misinformation
False information shared without intent to deceive, but which can cause harm — common in social media and peer-sharing contexts. Schools must include media literacy and fact-checking skills in their curriculum response.
Disinformation
Deliberately false information designed to deceive. Includes state-sponsored narratives, deep-fake news content, and coordinated manipulation campaigns. Young people are increasingly targeted.
Conspiracy Theories
KCSIE 2025 explicitly recognises conspiracy theories as a safeguarding harm — a gateway to extremist content, including both far-right radicalisation and anti-government movements. Schools should alert DSLs when pupils show intense engagement with conspiracy theory content.
What This Means for Schools — Practical Steps
- ✓ Add misinformation and critical thinking to your online safety curriculum — it is now an explicit KCSIE requirement, not just good practice
- ✓ Brief staff (in Part 1 annual training) that conspiracy theory engagement in pupils is now a safeguarding indicator
- ✓ Update your Online Safety Policy to reference the updated Four Cs definition
- ✓ Consider age-appropriate media literacy lessons (the PSHE Association has free resources)
Generative AI in Schools
KCSIE 2025 (Para 143) includes an explicit reference to the DfE's Generative AI: product safety expectations under the filtering and monitoring section. This is significant: schools are now expected to assess any AI tool used by pupils against the DfE's published safety expectations.
What Are the DfE AI Safety Expectations?
The DfE has published a set of capabilities and features that generative AI products should meet to be considered safe for use in schools. These cover:
- Age-appropriate content filtering
- Data protection and privacy standards
- Transparency about AI-generated content
- Safeguards against misuse to generate harmful content
DSL and DPO Responsibilities
KCSIE 2025 strengthens the requirement for the Data Protection Officer (DPO) to be embedded in:
- Filtering and monitoring decision-making
- AI tool risk assessments (DPIAs)
- Cyber security governance
- Annual technology review
Action required: If your school uses any generative AI tools with pupils (ChatGPT, Canva AI, Microsoft Copilot, Google Gemini, etc.), conduct a DPIA and check each tool against the DfE's Generative AI product safety expectations. Document this assessment and record it in your technology governance file.
For a full guide to AI safeguarding, including what AI-generated harm looks like and how to respond, see our AI Safeguarding: Complete School Guide.
Filtering & Monitoring
KCSIE 2025 (Para 142–143) adds a link to the DfE's Plan technology for your school tool, which allows schools to self-assess against the filtering and monitoring standards. This is now the reference benchmark for compliance.
The Filtering and Monitoring Standards (Unchanged, but reinforced)
Appropriate filtering is in place that limits harmful content across all school devices and networks, including pupil devices on school WiFi
Appropriate monitoring is in place so that unusual, potentially harmful online activity by pupils is flagged to the DSL
Staff are trained to understand the school's filtering and monitoring systems, and know how to report concerns
The DPO is involved in decisions about filtering levels, monitoring scope, and data governance relating to monitoring logs
KCSIE 2025 Structure — Quick Reference
Part 1: Safeguarding Information for All Staff
Must be read by every member of school staff annually — UNCHANGED in 2025
Part 2: Child Protection Policies, Procedures and Practices
Schools and colleges must have a child protection policy, DSL arrangements, staff code of conduct
Part 3: Safer Recruitment
Safe recruitment practices, DBS checks, prohibition orders, overseas checks, references
Part 4: Allegations of Abuse Made Against Teachers and Other Staff
LADO referrals, low-level concerns, whistleblowing, staff conduct
Part 5: Child on Child Sexual Violence and Sexual Harassment
Peer-on-peer abuse, reporting, support for victims and those who harm, online incidents
Annexes A–F
Annex A: What staff need to know about specific safeguarding issues · Annex B: Further information for DSLs · Annex C: Allegations management · Annex D: Checks for maintained schools · Annex E: Checks for independent schools · Annex F: Summary of changes 2025
DSL Responsibilities under KCSIE 2025
The DSL's core responsibilities are unchanged from KCSIE 2024. The 2025 updates add the following specific areas:
Online Safety Lead
- Ensure the curriculum covers misinformation and conspiracy theories
- Review online safety policy to reflect updated Four Cs
- Maintain awareness of AI tools used by pupils
Technology Governance
- Work with DPO to assess generative AI tools via DPIA
- Use DfE "Plan technology" tool to audit filtering standards
- Ensure filtering and monitoring covers pupil devices on school networks
Attendance Monitoring
- Treat persistent/patterned absence as a potential exploitation indicator
- Refer to MASH where unexplained absences follow county lines patterns
- Maintain CME compliance — notify LA of unknown whereabouts
Training & Development
- DSL refresher training: every two years minimum
- All staff Part 1 briefing: annually, at induction, and when KCSIE updates
- Safer Recruitment training: one governor or trustee, one staff member
KCSIE 2025 Compliance Checklist
Use this checklist to verify your school's compliance with the 2025 updates. Print and keep on file as evidence for Ofsted.