UK opens new chapter in digital regulation as parliament passes Online Safety Bill

Controversial UK legislation that brings in a new regime of content moderation rules for online platforms and services — establishing the comms watchdog Ofcom as the main Internet regulator — has been passed by parliament today, paving the way for Royal Assent and the Online Safety Bill becoming law in the coming days.

Speaking during the bill’s final stages in the House of Lords, Lord Parkinson of Whitley Bay reiterated that the government’s intention for the legislation is “to make the UK the safest place in the world to be online, particularly for children”. Following affirmative votes as peers considered some last stage amendments he added that attention now moves “very swiftly to Ofcom… who stand ready to implement this — and do so swiftly”.

The legislation empowers Ofcom to levy fines of up to 10% (or up to £18M whichever is higher) of annual turnover for violations of the regime.

The Online Safety (neé Harms) Bill has been years in the making as UK policymakers have grappled with how to response to a range of online safety concerns. In 2019 these efforts manifested as a white paper with a focus on rules for tackling illegal content (such as terrorism and CSAM) but also an ambition to address a broad sweep of online activity that might be considered harmful, such as violent content and the incitement of violence; encouraging suicide; disinformation; cyber bullying; and adult material being accessed by children. The effort then morphed into a bill that was finally published in May 2021.

The proposed legislation continued swelling in scope as a grab-bag of additional duties and requirements got bolted on in response to a smorgasbord of safety concerns reaching policymakers’ ears, whether related to trolling, scam ads, deepfake porn or (most recently) animal cruelty. Changes within the governing Conservative party since 2019 have also seen a succession of different senior ministers steering the legislation, including the likes of Oliver Dowden and Nadine Dorries — who, in Dorries’ case, enthusiastically pushed to speed up the application of criminal liability powers for tech CEOs.

Latterly the secretary of state driving the bill has been Michelle Donelan. She presided over some trimming back of its scope at the back end of last year — excising provisions that had been focused on legal but harmful content following concerns about the impact on free speech. Although speech and civil rights groups remain concerned.

Another major strand of controversy is focused on the potential impact on web security and privacy as the bill hands sweeping powers to Ofcom to require platforms to scan message content for illegal material. A parade of end-to-end encrypted platforms and services have warned over the risks such powers pose — with several well known services threatening to exit the UK unless the bill was amended to safeguard strong encryption.

In the event, the government appears to have steered out of a direct clash with mainstream messaging services like WhatsApp by fudging the encryption issue with a carefully worded ministerial statement earlier this month. But, again, privacy and security experts remain watchful.

Additionally, there is concern the bill will lead to a mass age-gating of the UK internet as web services seek to shrink their liability by forcing users to confirm they are old enough to view content that might be deemed inappropriate for minors.

Wikipedia’s founder, Jimmy Wales, is among those raising concerns about the bill as an instrument of state censorship. He’s attacked the government’s approach as triply bad: “Bad for human rights”, “bad for Internet safety and “bad law” — and pledged the online encyclopedia “will not age-gate nor selectively censor articles under any circumstances”.

Balancing the demands of child safety campaigners for a totally safe Internet and the concerns of digital, civil liberties and human rights groups that the legislation does not trample on hard won democratic freedoms will now be Ofcom’s problem.

In a brief statement the UK’s new web content sheriff gave no hint of the complex challenges that lie ahead — merely welcoming the bill’s passage through parliament and stating that it stands ready to implement the new rulebook.

“Today is a major milestone in the mission to create a safer life online for children and adults in the UK. Everyone at Ofcom feels privileged to be entrusted with this important role, and we’re ready to start implementing these new laws,” said Dame Melanie Dawes, Ofcom’s CEO. “Very soon after the Bill receives Royal Assent, we’ll consult on the first set of standards that we’ll expect tech firms to meet in tackling illegal online harms, including child sexual exploitation, fraud and terrorism.”

Beyond specific issues of concern, there is over-arching general worry over the scale of the regulatory burden the legislation will apply to the UK’s digital economy — since the rules apply not only to major social media platforms; scores of far smaller and less well resourced online services must also comply or risk big penalties.

Time to start using Whonix…

This whole thing reads like a joke, like satire.

If I were you, I would begin the necessary arrangements for immigration outside of the UK, since much of foreign big tech isn’t going to want to use this as a testing ground for suppressive shit, and will likely just pull out, or leave it to their local branches to sort out.

No way of getting out the country, sadly.

No money, unemployed with no work history (don’t ask), no University degree.

The UK is literally my prison.

That’s unfortunate, but I’m sure you’ll be able to find a way. Mainland Europe is very accommodating to those from the isles, I’ve heard, with many mainland countries having lower costs of living.

Hopefully you can find work remotely, assuming Brexit hadn’t screwed up those opportunities.

I’ve been teaching myself programming since the start of the year. I’ve played around with Python a bit, but I decided to get a little better at my rudimentary C knowledge.

Going to have to re-cover my rudimentary Go knowledge again at some point.

Have you ever thought about teaching english? You can easily get a job as a native speaker in Thailand without a degree.

Teaching is one of those jobs I have zero interest in, oddly enough.

Sadly, it’s no joke. There was a poster in the Usenet newsgroup alt.sex.stories.discussion (ASSD) who was raided just a few days before last Christmas (2023). This user, who went by the name Jaxah, ran a site called xefig This site was a front-end to a 2017-vintage copy of the Alt Sex Stories Text Repository (ASSTR), allowing people to browse the archive and download stories. He also ran hosted a .torrent of that archive for anyone who wished to copy it. Jaxah posted to another site: 'Police raid, server seized and charged with having cp. Not coming back."

My understanding is that the stories in that archive were NOT illustrated, so it is unclear whether Jaxah was arrested for the archive content, or for something else. There has been some speculation that statements he made in ASSD may have led to the raid, in particular:

• He stated that the machine with these files was at his home; and

• He talked about moving the hosting to a non-law-enforcement friendly jurisdiction like Russia;

Jaxah used a Gmail account to post to Google Groups, and apparently used that same email for other social media accounts as well. I find it interesting that this raid took place only a month or two after the Online Safety Bill was given Royal Assent, and came into force. Also, Jaxah might not have been aware of the fact that the United States and the United Kingdom signed a treaty under the Cloud Act, which came into effect in March of 2020. This treaty allows the UK authorities to demand information from American service providers based on a domestic UK warrant. (Prior to March 2020, the only way for UK authorities to demand informtion was via the Mutual Legal Assistance process.)

The Cloud Act’s provisions are such that the American company has NO recourse to the US courts to fight any such demand. Rather, they must contest these demands in a UK court, if they are to be contested at all. (The American company has no recourse but to comply with the order, unless a UK court overturns it.)

I suspect that the UK authorities got Jaxah’s information from Google and the US hosting company he used in a matter of days, as opposed to the 10-12 months that would have been taken by the Mutual Legal Assistance process.

I believe this is a good bill. I would like to see it here in Australia. Yes that means I will have to give up my privacy when I use social media, but social media is a public arena, not a private one like your off-line computer use.

The reality is that sentences have been getting harsher and harsher, yet to no avail, it has not worked.

We need to try something new. If not this, than what would work?

Or maybe try not being a moral busybody?

It’s good to “feel as if” you’re doing something to protect children. Because that’s ALL your doing, feeling good and upright and righteous. Not actually DOING anything to actually protect children or help solve the already growing trafficking and sex slave industry that is booming right under everyone’s nose around the world!

Its better to try something that MIGHT work than to do nothing. Internet watch foundation supports this so I will support it.

I didn’t really read much into this but I support it because it might work.

IWF is a lobbying group with a vested interest in undermining privacy (it literally gets them more funding), not a research group. I’d trust a child protection research organization over them to inform policy

IWF does fine work when their activities are limited to depictions or activities that involve real children. Being a de facto arm of the British government’s censorship policies is another matter entirely.

I don’t think you really understand what the authorities are proposing. What they are proposing is automated scanning of all communications, including instant messaging and email. Since you don’t seem to believe in online privacy, let me throw out a challenge, originally proposed by journalist and attorney Glenn Greenwald:

… I say, “Here’s my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you’re doing online, read what I want to read and publish whatever I find interesting.
After all, if you’re not a bad person, if you’re doing nothing wrong, you should have nothing to hide.”

You up for it?

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.

Seems like they are doing something to help. I don’t really know what they stand for overall or how far they’re willing to go to destroy privacy. Being arm in arm with law enforcement authorities tells me they’re willing to do “whatever it takes” to go after anyone they deem a lawbreaker. And we’ve seen these authorities don’t care whether that person is guilty or not. They turn that person’s life upside down, many times destroying them personally and financially in the process when found innocent.

Those of us doing nothing wrong don’t deserve the watchful eyes of any organization or gov. looking at everything we do, then juding everyone for it. Simply because history repeats itself, as it is currently, with people in power overreaching their authority and victimizing innocent people as well. There’s a saying people in law enforcement use frequently, “show me the person and I’ll find the crime”. That is a very dangerous, pervasive attitude they have, that they are above reproach.

As a full grown adult imbued with freewill, I don’t see it appropriate to be lorded over by an authoritarian system who gets to decide whether or not my activities meet their standards or not. Many of us belong to harmless subcultures that society would deem “absurd, childish, or obscene”. We’re adults and should have the freedom to speak our minds and indulge in any recreational activity we desire, so long as it’s not malicious or causing harm to others. Getting your feelings hurt is a part of life. People are allowed not to like one another. So long as it never escalates to physical harm.

And we should have a right to do it privately. We pay for Internet access, therefore it’s not a free public utility that is deserving of monitoring an individual’s activities.

We’ve seen what the UK gov. does to innocent people minding their own business. Being arrested in front of a church for praying, or saying something derogatory about someone or some group online, shouldn’t be the kind of thing that goes on!

Australians are in the process of learning this lesson the hard way. It is noteworthy that, Australia alone among the Five Eyes nations, has no Constitutional analog to the American Bill of Rights, or the Canadian Charter of Rights and Freedoms.

Yeah, I view their actual prevention work as independent from their questionable lobbying goals