British Online Safety Act Is Now Law

The UK government's controversial Online Safety Bill, which aims to make the Internet safer for children, became law at the beginning of November. The new Law aims to force technology firms to take more responsibility for the content on their platforms.

It will be overseen by Ofcom and take a zero-tolerance approach to protecting children from online harm, while empowering adults with more choices over what they see online

The law imposes a statutory obligation on certain Online Service Providers (OSPs) to comply with protective measures and requirements in respect of users.

As such, OSPs will be expected to assess and mitigate the risks of harmful illegal content. This follows rigorous scrutiny discussion within the UK House of Commons and the House of Lords. “Today will go down as an historic moment that ensures the online safety of British society not only now, but for decades to come,” said Michelle Donelan, the technology secretary as it "ensures the online safety of British society not only now, but for decades to come."

While the principal aim of the legislation is to protect children, there have been widespread concerns about the implications for privacy.

What is the Online Safety Bill?

The Law unambiguously places the responsibility to protect children from some legal but harmful material on the firms operating online platforms, with the UK regulator, Ofcom, given enforcement powers including powers to levy significant penalties. It introduces new rules - including a requirement for porn websites sites to protect stop children from explicit content using age verification. Platforms will also need to show they are committed to removing illegal content including:

  • Child sexual abuse
  • Controlling or coercive behaviour
  • Extreme sexual violence
  • Illegal immigration and people smuggling
  • Promoting or facilitating suicide
  • Promoting self-harm
  • Animal cruelty
  • Selling illegal drugs or weapons
  • Terrorism

Various entirely new offences have been created, including cyber-flashing - sending unsolicited sexual imagery online, sharing deepfake pornography. and measures enabling bereaved parents to obtain information about their children from online platforms. Under the act Ofcom has powers to compel messaging services to examine the contents of encrypted messages for child abuse material have proved especially controversial.

Failing to comply with the act’s rules could land companies with fines of up to £18 million or around $22 million, or 10 percent of their global annual turnover, whichever is higher, and their bosses could even face prison.

“The Online Safety Act’s strongest protections are for children. Social media companies will be held to account for the appalling scale of child sexual abuse occurring on their platforms and our children will be safer,” said Home Secretary Suella Braverman. “We are determined to combat the evil of child sexual exploitation wherever it is found, and this Act is a big step forward.”

In response, social media platforms including WhatsApp, Signal and iMessage say they cannot access or view anybody's messages without destroying existing privacy protections for all users and have threatened to leave the UK rather than compromise message security. WhatsApp has threatened to withdraw it service from the UK market. 

Gov.UK:      PWC:      BBC:    Independent:    The Verge:     UKTech:       Image: finelightarts

You Might Also Read: 

Online Safety Bill UK: WhatsApp, Encryption & The Implications For Privacy:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Attack On Chinese Bank Disrupts Financial Trading
API Security Is A Critical Boardroom Issue »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

CyberScout

CyberScout

Cyberscout delivers the latest cybersecurity education, protection and resolutions services. We also provide swift incident response services around the world.

Cyber Future Foundation (CFF)

Cyber Future Foundation (CFF)

CFF was established to create a cyberspace where digital commerce and innovation can thrive based on trust and respect to individual privacy.

Cyber Security Operations Consulting (CyberSecOp)

Cyber Security Operations Consulting (CyberSecOp)

CyberSecOp is an ISO 27001 Certified Organization which provides cyber security operations services and risk management consulting.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

Creative ITC

Creative ITC

Creative ITC is a leading infrastructure and cloud enablement company. We design and deliver exceptional managed services and cloud solutions.

iSPIRAL IT Solutions

iSPIRAL IT Solutions

iSPIRAL is a leading regulatory technology software provider delivering state-of-art AML, KYC, Risk and Compliance solutions.

BAE Systems

BAE Systems

BAE Systems develop, engineer, manufacture, and support products and systems to deliver military capability, protect national security, and keep critical information and infrastructure secure.

AFRY

AFRY

AFRY is a world leading engineering company, trusted as a supplier of services and solutions within the industry, energy, and infrastructure sectors as well as for authorities.

Binarii Labs

Binarii Labs

Binarii are focused on helping enterprises to design and deploy SaaS solutions that utilise DLT (Digital Ledger Technology) effectively, efficiently and sensibly.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

Smarsh

Smarsh

Smarsh products are designed for user-friendly, efficient compliance. From archiving, supervision, and discovery to cybersecurity – Smarsh has you covered.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.

ThoughtSol

ThoughtSol

Thoughtsol help brands grow through Digital Transformation enabling them to leverage the power of IT for an all-embracing impact on their businesses.

ThreatMate

ThreatMate

ThreatMate empowers businesses with comprehensive tools to detect, protect, and remediate against cyber threats.

AVIANET

AVIANET

AVIANET's goal is to empower enterprises and corporations worldwide and manage their digital transformation journey with confidence.