KCSIE 2026 and online checks: why “we Googled them” is no longer enough

KCSIE 2026 may look, at first glance, like another annual safeguarding update. For schools, trusts and colleges, that can make it tempting to treat it as a policy refresh: update the wording, brief staff, record the change, move on. I think that would miss the point. The more important shift is operational. KCSIE 2026 is another sign that safer recruitment is moving away from simple process compliance and towards evidence-led judgement. This matters as the hardest question is no longer just whether a school has “done the checks”. It is whether the school can explain what it checked, what it found, what it ignored, what it escalated, and why that decision was reasonable at the time.

Online checks are becoming harder to treat as informal due diligence

KCSIE 2022 through to 2025 already made clear that schools should consider online searches as part of safer recruitment due diligence.

In practice, I would say this landed unevenly.

Some schools have built online checks into a defined process. Others have treated them as a quick search by HR, the DSL, or a hiring manager. Some search only the offered candidate. Some search inconsistently. Most are unsure what they are looking for, what they are allowed to consider, or what they should record.

The uncertainty is understandable.

The phrase “check online” sounds simple, but it creates a surprisingly difficult task.

Where do you search? What counts as relevant? How do you avoid bias? What happens if you find protected characteristic information? What do you do with something concerning but unclear? How do you know you have the right person? How do you document the judgement without collecting unnecessary information?

These are not minor admin questions. They go to the heart of whether an online check is a safeguarding control or just an informal act of curiosity.

KCSIE 2026 makes that distinction harder to ignore, and we are asking non-intelligence analysts to conduct them.

“Google and scroll” is not a defensible process

The old approach to online checks is usually some version of “Google and scroll”.

Someone searches a name. They look at the first few results. They may check social media. They make a judgement, often under time pressure, and then the recruitment process moves on.

This may feel practical, but it is a weak control.

It varies depending on who carries it out, how much time they have, what search terms they use, what platforms they know, what they personally consider concerning, and how confident they feel recording what they have seen.

It also creates legal and ethical risk.

An informal search can expose irrelevant personal information. It can introduce bias. It can confuse identity. It can over-weight out-of-context material. It can miss material a more structured process would have found.

And perhaps most importantly, it can be difficult to defend later.

If a hiring decision is challenged after an incident, “we Googled them” is unlikely to be enough.

The question will be more specific:

What was checked?

What was found?

Who reviewed it?

How was safeguarding relevance assessed?

What was recorded?

Why was the decision reasonable?

If the answer is unclear, the check has not really protected the school. It has created the appearance of a control without the strength of one.

AI has changed the risk surface

KCSIE 2026 also reflects a wider reality: online safeguarding risk is becoming harder to interpret.

AI-generated content, manipulated media, synthetic identities and deepfake abuse are now part of the safeguarding landscape. This changes the nature of the task.

The issue is not simply that organisations need to search more. In many cases, “more searching” will create more noise, not better decisions.

The real need is better interpretation.

Is the material genuine? Is it attached to the right person? Is it satirical, malicious, fabricated or safeguarding-relevant? Does it indicate a real risk to children, colleagues, reputation or trust? Or is it something the school should not be considering at all?

This requires judgement, context and proportionate review.

It also requires humility. Online material can be misleading. False positives matter. So does overreach. A safer recruitment process that becomes unfair, intrusive or poorly governed is not a good process.

The goal should not be to turn schools into Open Source Intelligence organisations.

The goal should be to give them a fair, consistent and defensible way to understand relevant digital risk before placing someone into a position of trust.

The real issue is defensibility

In safeguarding, defensibility is not about covering backs.

It is about being able to show decisions were made carefully, consistently and in line with the risk that was known at the time.

This is where many online check processes are currently exposed.

A defensible process should be able to answer seven questions:

  1. What is the purpose of the online check?
  2. Who is being checked, and at what stage of recruitment?
  3. What sources or signals are in scope?
  4. What is deliberately out of scope?
  5. How is safeguarding relevance assessed?
  6. Who reviews concerns and makes the final decision?
  7. What is recorded, retained or discarded?

Without those answers, schools are left relying on individual judgement in a high-pressure environment.

Good people will do their best. But good people working without a clear process can still produce inconsistent outcomes.

This is the problem KCSIE 2026 brings into sharper focus.

What good looks like

The answer is not panic. It is not surveillance. It is not searching every corner of the internet and hoping volume creates safety.

Good online checks should be:

  • Clear in scope. Everyone should know what is being checked and why.
  • Transparent to candidates. Online checks should be explained in the recruitment process.
  • Consistent. The method should not depend entirely on who happens to carry it out.
  • Proportionate. The process should focus on safeguarding relevance, not personal curiosity.
  • Human-reviewed. Context matters. Automation can support the process, but it should not replace judgement.
  • Documented. Organisations should be able to evidence what was checked, what was found and why a decision was made.
  • Aligned with data protection. Irrelevant or excessive information should not be collected just because it is visible.

This is the direction of travel.

Online checks need to move from informal search behaviour into a governed safeguarding process.

This is a leadership issue, not just an HR task

It is easy to treat this as something for HR, the DSL, or the recruitment administrator.

However, this would be too narrow.

Governors, trustees and senior leaders should be asking whether their safer recruitment process is actually capable of doing what the guidance now expects.

Not just whether the policy mentions online checks.

Whether the school can carry them out consistently, fairly and defensibly.

A useful board-level question would be:

If a serious concern emerged six months after appointment, could we explain the online check we carried out, the judgement we made, and why that judgement was reasonable?

If the answer is no, the process probably needs strengthening.

From process compliance to evidence-led judgement

KCSIE 2026 is not only about new wording.

It is part of a wider shift in safeguarding. Schools are being asked to recognise risk earlier, document decisions more clearly, and show that their systems work under pressure.

Online checks sit right in the middle of that shift.

They are no longer something schools can afford to treat as vague due diligence, carried out differently each time and recorded lightly.

The organisations that handle this well will not be the ones doing the most searching.

They will be the ones making the clearest, fairest and most defensible decisions.

This is where safer recruitment is heading.

And it is where the conversation needs to move next.

Continue reading