In a significant development following the lengthy legislative journey of the Online Safety Act in the UK, the regulatory body Ofcom has unveiled its initial guidelines for tech companies to align with the comprehensive legislation. Addressing concerns related to illegal content such as child sexual abuse material (CSAM), terrorism content, and fraud, the proposals outline the responsibilities of social media platforms, search engines, online and mobile games, as well as pornography sites.
To ensure a thorough and inclusive approach, these guidelines are presented as proposals, allowing for feedback collection before potential approval by the UK Parliament in the coming year. While adherence to the specifics remains voluntary, tech firms are urged to adopt a proactive stance, taking responsibility for user safety when dealing with illegal content on their platforms. Ofcom’s online safety lead, Gill Whitehead, emphasizes the novel duty of care imposed on tech firms, requiring swift action upon the discovery of illegal content and the implementation of risk assessments to address potential hazards.
Approximately 100,000 services may be impacted by these regulations, with the most stringent requirements reserved for the largest and highest-risk platforms. Ofcom recommends the adoption of policies such as preventing strangers from sending direct messages to children, utilizing hash matching to identify and remove CSAM, maintaining content and search moderation teams, and providing users with avenues to report harmful content.
While many major tech platforms already incorporate similar practices, Ofcom aims for a more consistent and widespread application across the industry. Notably, challenges may arise with certain platforms, such as X (formerly Twitter), as their approaches may conflict with specified guidelines. Ofcom, however, expresses general encouragement regarding the cooperation of tech firms during the consultation process.
Beyond addressing illegal content, Ofcom’s regulations encompass various other harmful activities, including content promoting suicide or serious self-harm, harassment, revenge porn, and the facilitation of drug and firearm supply. Fines of up to £18 million (approximately $22 million) or 10 percent of worldwide turnover can be imposed for breaches, and offending sites may face blocking in the UK.
As the Online Safety Act unfolds, future updates will delve into more controversial aspects, including legal but harmful content for children, underage access to pornography, and the impact on end-to-end encryption in messaging apps. Ofcom plans to consult on the use of “accredited technology” to detect CSAM, a move that has raised concerns about potential privacy infringements.
Despite the absence of specific emphasis on artificial intelligence in the current guidelines, Ofcom asserts a technology-neutral approach, encompassing AI-generated content within the regulatory scope. Acknowledging potential challenges for non-tech giant sites, Ofcom’s rules, spanning over 1,500 pages in initial guidance, may pose complexities for compliance, particularly for organizations with limited resources.
Rebecca MacKinnon, VP for global advocacy at the Wikimedia Foundation, highlights the struggle for compliance with various global regulatory regimes, expressing concerns about the capacity of nonprofit organizations to meet these demands. Despite the challenges, Ofcom aims for a collaborative and proportionate approach, acknowledging the unique difficulties faced by different platforms.
While the Online Safety Act and the Digital Services Act are considered “regulatory cousins” rather than identical, Ofcom strives to streamline operations across different countries through the establishment of a global online safety regulator network. As the intricate details of the Online Safety Act unfold, it becomes evident that the real challenges may just be surfacing in an era of evolving British politics.