UK’s Online Safety Regulator Puts Out First Guidance
King Charles approved the Online Safety Act last month and its regulator, known as Ofcom, has already issued its first regulation in draft form.
Among other “features” of this law is a requirement to scan end to end encrypted messages for CSAM, even though that is impossible.
The act also requires platforms to execute a new duty of care to protect users from both illegal and legal but harmful content. Platforms can be fined up to 10 percent of their global revenue if they don’t.
Ofcom says its first objective is to protect the children.
This implementing regulation includes “suggestions” that larger and higher risk platforms should avoid presenting kids with lists of suggested friends; should not have child users appear in others’ connection lists; and should not make children’s connection lists visible to others.
It’s also proposing that accounts outside a child’s connection list should not be able to send them direct messages; and kids’ location information should not be visible to other users, among a number of recommended risk mitigations aimed at keeping kids safe online.
The list of priority offenses is long and includes intimate image abuse, stalking and harassment and cyberflashing, among many others.
Neither the law nor Ofcom is prescribing how to handle every type of illegal content. They are, however, developing detailed “codes of practice” to provide recommendations to help companies make decisions on how to avoid massive fines.
They also say that they reserve the right to change their mind and their regulations whenever they want. It appears that these initial proposals are not controversial, but they do say that larger services (like Twitter) need to have a functioning and well enough resourced content moderation team (UNlike Twitter).
They are working on a number of other regulations, so this is definitely a work in progress.
What will be interesting is whether these large platforms (a) leave the UK, (b) create rules that only operate in the UK or (c) operate globally.
Each platform has its own business requirements, so it will be interesting to see how they choose to comply with these rules. And whether they fine these platforms if they don’t comply.
Credit: Techcrunch