[bifrost]

Teach them how to use PGP/GPG, S/MIME, VPNs, never to use "free" email services, never post anything identifying on any social networking site, don't use cloud file services without encrypting files first/etc.

Thats a good start anyways.

[yareally]

To amend that, I would also elaborate on why they should use such things as no one wants to be told without given reasons. In giving reasons, I would explain how you can be tracked as well (what things like an IP address are in relatable terms and how it is logged in services they use [including email]), so they understand why and how the tools should be used.

Also, I would teach them not to post or share anything on the Internet that they do not wish to come back to haunt them at a later date. Give examples of users that have had such things happen and the consequences as well (since many people do not believe it can happen to them). If they use services like Facebook, limit how much info you share (and also private info you give Facebook) and use a private browser windows while browsing such sites. Obviously this does not prevent everything, but there's no reason to make those that would watch them's jobs that much easier.

[Hyrum_Graff]

I like the idea of teaching GPG as I can fit that into a general scheme on cryptography.

There are problems with one of your suggestions however. If I teach students how to use a VPN, I'm potentially giving them the skills to access pirated material anonymously and/or attempt to circumvent the school's safety filters. Their parents might have issue with this.

[bifrost]

Using a VPN for piracy is no different than using open wifi for piracy. Most children over the age of 10 can circumvent a "safety filter" on a computer. IMHO these are non-issues.