Kerala has come out with a ‘Cyber Safety Protocol 2026’ for its school system to address niggling challenges such as cyber safety, screen time management, and student privacy.
The framework, published by the General Education department’s technology wing Kerala Infrastructure and Technology for Education (KITE) against the backdrop of a surge in artificial intelligence (AI), is designed to ensure a secure digital learning environment and robust cyber defence for students in public schools. The protocol also provides targeted directives for institutional heads, teachers, parents, and students.
Its 13 core objectives include fostering awareness of the risks of sharing confidential data with Generative AI, cultivating critical thinking toward digital content, identifying misinformation, and nurturing responsible digital citizenship. It also defines nine key operational areas such as academic AI integration, administrative data management, and maintenance of secure online learning spaces. The protocol tasks heads of schools with 17 mandates such as ensuring uninterrupted, teacher-supervised internet access during school hours and establishing dedicated school cybersecurity committees led by a coordinator.
Student privacy
To protect student privacy, the protocol mandates ‘Privacy by Design’ principles, specifically advising against real-time CCTV monitoring via private servers in classrooms. To bridge the digital divide, teachers are instructed to avoid home assignments that mandate internet access. The protocol also prohibits use of unverified online data during instruction and collection of sensitive student information via social media platforms.
For students, the protocol outlines 25 essential safety guidelines such as identifying suspicious links, protecting live locations and private data on social media, and managing camera or chat permissions in online gaming.
It emphasises the importance of recognising algorithmic bias in AI-generated content and strictly prohibits the use of AI for academic manipulation. Students are encouraged to prioritise independent problem-solving over a total reliance on automated tools.
Guidelines for parents
Parents are provided with 16 guidelines focussing on screen time management, understanding the long-term impact of digital footprints, and utilising monitoring tools such as Family Link.
To support this, KITE offers specialised cybersecurity and AI literacy programmes for families. The protocol integrates protections from the IT Act 2000, Digital Personal Data Protection (DPDP) Act 2023, and Protection of Children from Sexual Offences (POCSO) Act, while incorporating the 2026 IT rule amendments specifically addressing synthetically generated information (SGI).
The document details 11 general safety measures such as two-factor authentication and secure downloading practices, alongside a clear roadmap for reporting grievances.
Cyber threats
It also defines 20 major cyber threats, including deepfakes, AI grooming, and digital arrest, providing both legal contexts and precautionary measures.
The protocol serves as a strategic extension of the ‘Sarvam AI Mayam’ training provided to six lakh parents this year. It will be supported by ongoing training sessions and cyber safety clinics, KITE chief executive officer K. Anvar Sadath said. The full text of the Cyber Safety Protocol is available in both Malayalam and English on the official KITE portal www.kite.kerala.gov.in
Published – March 09, 2026 07:21 pm IST
