The Online Safeguarding & Cyber Agency was created to support responsible digital safeguarding, online harm awareness, and evidence preservation. OSCA focuses on concerns where online behaviour may create risk, distress, exploitation, reputational harm, or safeguarding vulnerability.

Although OSCA uses the word “Agency” in its name, OSCA is not a government agency, police force, regulator, or statutory authority. OSCA is a civilian-led organisation that operates within strict boundaries and does not claim legal powers beyond those available to ordinary members of the public.

OSCA’s work is based on lawful observation, structured reporting, internal review, and appropriate referral. We aim to ensure that concerns are not ignored, exaggerated, mishandled, or escalated without proper assessment.

OSCA does not confront suspects, conduct arrests, issue legal orders, access private systems, or interfere with official investigations. Where a matter appears to require statutory intervention, OSCA will encourage or direct reporting to the appropriate authority.

Our approach is built around professionalism, confidentiality, safeguarding awareness, data minimisation, and respect for lawful process.

If you believe you have witnessed online harm, inappropriate behaviour, cyber-enabled abuse, exploitation, harassment, impersonation, doxxing, threats, or activity that places an individual at risk, you may submit a report to OSCA.

OSCA reviews submitted information to assess whether there may be a safeguarding concern, legal risk, or ongoing threat. Where appropriate, OSCA may preserve relevant details, provide signposting, or refer the matter to a recognised external agency, safeguarding body, platform safety team, or law enforcement route.

When submitting a report, you should provide clear, factual, and relevant information. This may include usernames, profile links, public posts, screenshots, dates, times, platform names, and a short explanation of the concern. Digital evidence should remain unaltered wherever possible to preserve accuracy and context.

OSCA uses lawful open-source intelligence methods to verify publicly available information connected to reports. We do not access private accounts, bypass security controls, use compromised credentials, obtain leaked private data, or perform intrusive monitoring.

Reports submitted maliciously, fraudulently, or with knowingly false information may be rejected. Where a false report appears to place another person at risk, OSCA may take further action, including restricting access to OSCA services or referring the matter where appropriate.

Emergency situations, immediate threats to life, active violence, or urgent welfare concerns should be reported directly to emergency services.

OSCA treats safeguarding concerns involving children, young people, and vulnerable individuals with elevated priority. Any report suggesting grooming, exploitation, coercion, blackmail, sexual abuse, or serious risk may be escalated more urgently than a general online harm report.

If a report indicates the possible existence of Child Sexual Abuse Material, OSCA will not request, obtain, store, download, analyse, redistribute, or review that material. Members of the public must not send illegal material to OSCA.

OSCA’s involvement in such matters is limited to recording non-illegal contextual information, such as usernames, public profile links, platform names, timestamps, report references, and other lawful details that may assist appropriate reporting routes.

Where appropriate, OSCA may direct the reporter to recognised child protection, platform, law enforcement, or online safety reporting channels. OSCA does not independently investigate illegal content and does not replace the responsibility of law enforcement or authorised bodies.

Any concern involving immediate danger to a child or young person should be reported directly to emergency services or the relevant statutory safeguarding authority.

Operation Wolverine is OSCA’s structured online safeguarding and digital risk review framework. It is designed to support the assessment of serious online concerns where there may be repeated harmful behaviour, coordinated harassment, exploitation, impersonation, or risk to vulnerable individuals.

Operation Wolverine does not grant OSCA investigators any special legal powers. All work under this framework must remain lawful, proportionate, non-intrusive, and limited to information that can be accessed legally.

Cases reviewed under Operation Wolverine may involve evidence preservation, open-source verification, risk classification, internal safeguarding review, and referral recommendations. OSCA does not confront individuals, conduct sting operations, impersonate officials, or interfere with live police matters.

The purpose of Operation Wolverine is to ensure that serious concerns are handled consistently, responsibly, and with appropriate oversight.

OSCA may use legal references, offence categories, penal codes, Acts, sections, or legislation notes to help classify reports and understand the possible nature of an alleged offence.

These references are used for internal assessment, case organisation, and referral context only. OSCA does not provide legal advice, determine guilt, issue charges, decide sentencing, or make findings of criminal liability.

Where UK matters are assessed, OSCA may refer to UK legislation, including Acts and sections, to describe the possible legal context of a concern. Where non-UK matters are assessed, references may depend on the relevant country, state, or jurisdiction.

Any legal reference used by OSCA should be treated as a preliminary classification, not a legal conclusion.

The OSCA Crisis Aversion Programme exists to provide support, listening, and signposting for individuals who may be experiencing distress, online pressure, harassment, crisis, or emotional vulnerability.

The programme is not an emergency service, medical service, therapy provider, or replacement for professional mental health care. Its purpose is to help individuals identify safer next steps and connect with appropriate support organisations.

Personnel working within this programme must receive appropriate training and must act within their role boundaries. They must not present themselves as clinicians, therapists, emergency responders, or statutory safeguarding professionals unless they hold that role separately outside OSCA.

If you or someone you know needs to talk to someone, you can call Samaritans free on 116 123. In the UK, you can also text SHOUT to 85258 for free, confidential crisis text support.

If there is an immediate risk to life, serious injury, or urgent danger, contact emergency services immediately.

By using OSCA services, you acknowledge that OSCA is a civilian-led safeguarding and online harm prevention organisation. OSCA is not a police force, government body, regulator, emergency service, or statutory safeguarding authority.

OSCA may allow reports to be submitted anonymously. However, there may be circumstances where further information is required to clarify a concern, support safeguarding action, or comply with legal obligations.

OSCA does not guarantee that any report will result in action, investigation, referral, platform removal, police involvement, or any specific outcome. Each report is assessed based on the information provided, apparent risk, credibility, relevance, and OSCA’s internal safeguarding criteria.

OSCA reserves the right to close, reject, or discontinue a case where the information provided does not indicate a credible safeguarding concern, legal risk, or ongoing threat.

OSCA may review publicly accessible online information where there is a credible safeguarding concern, even if a formal report has not been submitted. Any such review must remain lawful, proportionate, non-intrusive, and limited to information available through legitimate public access.

OSCA will not assist, facilitate, encourage, or endorse harassment, retaliation, doxxing, extortion, hacking, malware deployment, unauthorised access, RAT usage, account compromise, impersonation, threats, intimidation, or any conduct intended to cause unlawful harm.

Users must not submit illegal material to OSCA. This includes, but is not limited to, Child Sexual Abuse Material, stolen private data, malware, unlawfully obtained credentials, or content that would be illegal to possess, distribute, or access.

OSCA may restrict or remove access to its services where a user abuses reporting tools, submits false information, attempts to misuse OSCA systems, threatens staff, or acts in a way that creates risk to others.

Investigator Terms

Individuals seeking OSCA investigator status may be required to verify their identity before being granted access to OSCA systems.

Investigators must conduct themselves professionally, lawfully, and respectfully when representing OSCA online or offline.

Investigators must not impersonate police officers, government officials, emergency personnel, social workers, platform employees, or any other official role.

Investigators must not disclose case information to any external party except where disclosure is authorised, legally justified, and directed toward appropriate law enforcement, safeguarding, platform safety, or statutory bodies.

Investigators must comply with applicable data protection law, confidentiality requirements, OSCA policies, and any safeguarding procedures relevant to their role.

Investigators must not use OSCA systems for personal disputes, retaliation, curiosity searches, unauthorised background checks, harassment, intimidation, or private investigations outside OSCA’s approved case process.

Criminal history checks, DBS checks, or equivalent screening may be requested where lawful, proportionate, and relevant to the role being applied for.

Identity records, application details, and investigator access records must be stored securely and only accessed by authorised personnel.

OSCA reserves the right to suspend or remove investigator access where conduct falls below organisational standards, creates risk, breaches confidentiality, or violates OSCA policy.

OSCA collects and processes information for the purpose of receiving reports, assessing safeguarding concerns, preserving relevant case details, managing internal access, and referring matters where appropriate.

Information submitted to OSCA may include names, usernames, contact details, platform links, screenshots, report descriptions, timestamps, public profile information, and other details relevant to the concern being raised.

OSCA aims to collect only the information necessary to assess and manage a report. Information that is excessive, irrelevant, unlawfully obtained, or unsafe to store may be rejected or removed.

Personal information is handled with confidentiality and access is limited to authorised personnel who require it for safeguarding, case review, technical administration, or compliance purposes.

OSCA may share relevant information with external agencies where there is a credible safeguarding concern, legal risk, immediate threat, or other lawful basis for disclosure. This may include law enforcement, safeguarding bodies, platform safety teams, or other appropriate organisations.

OSCA does not sell personal information. OSCA does not use submitted reports for public entertainment, harassment, retaliation, or unauthorised disclosure.

Users may contact OSCA to request information about how their data is handled, subject to legal, safeguarding, and operational limitations.

OSCA recognises that online harm can create real-world risk, particularly for children, young people, vulnerable adults, victims of harassment, and individuals experiencing crisis or coercion.

Safeguarding concerns are assessed based on risk, credibility, urgency, available evidence, and the potential for ongoing harm. Reports involving minors, exploitation, grooming, threats, blackmail, stalking, or immediate welfare concerns may be treated as higher priority.

OSCA personnel must act within their role boundaries and must not attempt to replace statutory safeguarding professionals, police, emergency services, or qualified clinicians.

Where a concern appears to require statutory intervention, OSCA may recommend or support referral to the appropriate external body. Where immediate risk exists, emergency services should be contacted directly.

OSCA aims to handle safeguarding information sensitively, securely, and proportionately. Confidentiality is important, but it may be overridden where disclosure is necessary to protect a person from serious harm or to comply with legal obligations.

OSCA may accept applications from individuals interested in supporting online safeguarding, report review, open-source research, crisis signposting, administration, or technical operations.

Applicants should understand that OSCA work requires professionalism, confidentiality, patience, safeguarding awareness, and strict respect for legal boundaries.

Applying to OSCA does not guarantee acceptance, system access, case access, investigator status, or any particular role. OSCA may refuse, pause, or withdraw applications at its discretion.

Applicants may be asked to provide identity information, relevant experience, availability, training history, and other details necessary to assess suitability.

Successful applicants may be required to complete internal training, safeguarding guidance, confidentiality agreements, and role-specific checks before being granted access to OSCA systems.

OSCA investigators must not act independently outside authorised case processes and must not represent themselves as law enforcement, emergency personnel, government staff, or statutory officials.

You can contact OSCA to submit a concern, request information, ask about safeguarding processes, or make a general enquiry.

For online harm reports, please provide clear and factual information, including usernames, platform names, links, dates, screenshots where lawful, and a brief explanation of the concern.

Do not send illegal material, hacked data, stolen credentials, malware, or private content obtained without consent.

If your concern involves immediate danger, risk to life, active violence, or urgent welfare needs, contact emergency services directly.

For emotional distress or crisis support in the UK, you can call Samaritans on 116 123 or text SHOUT to 85258.

OSCA will review messages as soon as reasonably possible, but OSCA does not operate as an emergency response service and cannot guarantee immediate action.