Staff Personal Phones and Child Images in 2025/26
- Kirra Pendergast
- Jul 4, 2024
- 4 min read
Updated: 2 days ago
If any of our personal phones were ever checked because something unexpected happened at school or childcare, many of us would probably discover a handful of student photos sitting quietly alongside our own family pictures, cloud backups, messages and apps.
Not because anyone set out to do the wrong thing, but because for years this has simply been the familiar way of capturing learning, connection and those small, beautiful moments in a child’s day.
But the world has shifted around us. Technology is different, expectations are different, and the risks, especially for children, are far more complex than they once were especially in a world of AI and Deepfakes. What felt harmless even a few years ago now sits in a grey zone where privacy law, child-safety responsibilities and everyday digital habits collide. This isn’t about blame or finger-pointing. It’s about understanding how the world has changed, and why something as simple as a quick photo on a personal device now needs a second look. Because when we know better, we can do better, and we can protect the children in our care with the same gentleness and wisdom we bring to every other part of their wellbeing.
Most permission to publish forms give consent for a school or service to use a child’s image not to scatter raw photos across the personal tech of every staff member. They don’t magically make personal devices secure, compliant, or safe and with new regulations in early childhood banning personal phones outright, and school systems tightening expectations everywhere else, the gap between “what we’ve always done” and “what is legally required” has become a canyon.
I wrote the blog below in July 2024. In the past few weeks I have been rewriting policy for schools to address evolving privacy legislation. I wrote the blog not to shame or judge but to highlight to Australian schools, with absolute clarity, the risks we can no longer ignore. ______________________
Across Australia, many educators and carers are still using their personal phones to take photos of children for learning documentation, quick parent updates, or spontaneous moments worth sharing. Often, the intention is kind and the moment is genuine.
But with deep respect for the work you do, it’s time we acknowledge something important:
This practice, however well-meant, puts children, staff, and services at risk.
Personal mobile phones are not designed for secure, professional use in educational settings. When photos of children are taken on a personal device even just once the data may:
Automatically upload to cloud platforms like iCloud or Google Photos
Sync across other personal devices smartwatches, tablets, laptops
Be accessed by third-party apps, often without the user’s knowledge
Remain in backups or deleted folders for weeks, months, or longer
Create a digital trail that can’t be tracked, audited, or recalled
This isn’t about blame, it’s simply how the technology works. Even with the best of intentions, once an image of a child is captured on a personal phone, the organisation loses control over where that image might go, or how long it might be stored.
Under the Australian Privacy Act 1988, any image that identifies a child is considered personal information. That means there are legal responsibilities under the Australian Privacy Principles (APPs) about how that information is collected, stored, and shared.
APP 3 – Collection: Must be lawful, fair, and necessary
APP 6 – Use and Disclosure: Limited to the original purpose, in authorised systems
APP 11 – Security: Organisations must take reasonable steps to protect personal data
Personal phones, no matter how careful we think we’re being, simply can’t meet that legal benchmark.
“An organisation must take reasonable steps to protect the personal information it holds from misuse, interference and loss.”— Office of the Australian Information Commissioner
What About Department Guidelines?
Most state and territory education departments now explicitly state that personal devices are not to be used for taking or storing photos of children.
For example, the Victorian Department of Education says:
“Schools must ensure that photographs, video or recordings of students are not taken or stored on personal devices.”— DET: Photographing Students Policy
This reflects a growing understanding of the need for consistent, secure, and professional systems when it comes to documenting children’s lives.
This Is About Child Safety, Not Just Digital Systems
The National Principles for Child Safe Organisations call on all of us schools, centres, staff, and leadership to do everything possible to protect children’s privacy, including how their images are captured and stored.
Using personal devices, no matter how informally, can:
Undermine institutional safeguards
Bypass accountability processes
Increase the risk of accidental breach or misuse
In child safety, it’s often not what goes wrong that matters most, it’s whether we had systems in place to prevent it.
“Child safe organisations need to have systems in place to protect children’s personal information, including images and recordings.”— Australian Human Rights Commission
Moving Gently Toward Best Practice
If your school or service is still using personal phones for images, know that you are not alone. This has been standard practice in many places for years. Change is not about shame, it’s about moving forward with more awareness, better systems, and stronger safeguards. You didn't know what you didn't know.
Here’s what many centres and schools are now doing:
Providing organisation-owned devices for documentation
Updating internal policies to align with legal and departmental expectations
Training staff on privacy obligations and child safety implications
Ensuring any old or non-compliant images are reviewed, deleted securely, and reported where needed
Seeking support from digital safety professionals to strengthen systems
It’s Okay Not to Have It All Perfect......Yet
The important thing is to act now, with care and commitment. Our shared goal is to keep children safe not just physically, but digitally and emotionally as well.
If you’re unsure whether your current practices are in line with:
The Privacy Act
The Australian Privacy Principles
Your state or territory’s education department guidelines
The National Child Safety Framework
Then now is a good time to pause, reassess, and reach out for support, I am here to help.
No blame. No judgement. Just a shared responsibility to do better, together.
Helpful References:
Privacy Act 1988: https://www.legislation.gov.au/Series/C2004A03712
Australian Privacy Principles: https://www.oaic.gov.au/privacy/australian-privacy-principles Phoitos and Videos: https://www.oaic.gov.au/privacy/your-privacy-rights/social-media-and-online-privacy/photos-and-videos
APP 11 – Securing Personal Information: https://www.oaic.gov.au/privacy/guidance-and-advice/securing-personal-information
ACECQA Guidelines: https://www.acecqa.gov.au/sites/default/files/2024-07/Guidelines
Google Photos Deletion Policy: https://support.google.com/photos/answer/6128858
OAIC Children and Young People: https://www.oaic.gov.au/privacy/your-privacy-rights/more-privacy-rights/children-and-young-people
Child Safe Principles: https://humanrights.gov.au/our-work/childrens-rights/projects/child-safe-organisations
DET Student Photography Policy (VIC): https://www2.education.vic.gov.au/pal/photographing-students/policy
Comments