British Online Safety Act Is Now Law

The UK government's controversial Online Safety Bill, which aims to make the Internet safer for children, became law at the beginning of November. The new Law aims to force technology firms to take more responsibility for the content on their platforms.

It will be overseen by Ofcom and take a zero-tolerance approach to protecting children from online harm, while empowering adults with more choices over what they see online

The law imposes a statutory obligation on certain Online Service Providers (OSPs) to comply with protective measures and requirements in respect of users.

As such, OSPs will be expected to assess and mitigate the risks of harmful illegal content. This follows rigorous scrutiny discussion within the UK House of Commons and the House of Lords. “Today will go down as an historic moment that ensures the online safety of British society not only now, but for decades to come,” said Michelle Donelan, the technology secretary as it "ensures the online safety of British society not only now, but for decades to come."

While the principal aim of the legislation is to protect children, there have been widespread concerns about the implications for privacy.

What is the Online Safety Bill?

The Law unambiguously places the responsibility to protect children from some legal but harmful material on the firms operating online platforms, with the UK regulator, Ofcom, given enforcement powers including powers to levy significant penalties. It introduces new rules - including a requirement for porn websites sites to protect stop children from explicit content using age verification. Platforms will also need to show they are committed to removing illegal content including:

  • Child sexual abuse
  • Controlling or coercive behaviour
  • Extreme sexual violence
  • Illegal immigration and people smuggling
  • Promoting or facilitating suicide
  • Promoting self-harm
  • Animal cruelty
  • Selling illegal drugs or weapons
  • Terrorism

Various entirely new offences have been created, including cyber-flashing - sending unsolicited sexual imagery online, sharing deepfake pornography. and measures enabling bereaved parents to obtain information about their children from online platforms. Under the act Ofcom has powers to compel messaging services to examine the contents of encrypted messages for child abuse material have proved especially controversial.

Failing to comply with the act’s rules could land companies with fines of up to £18 million or around $22 million, or 10 percent of their global annual turnover, whichever is higher, and their bosses could even face prison.

“The Online Safety Act’s strongest protections are for children. Social media companies will be held to account for the appalling scale of child sexual abuse occurring on their platforms and our children will be safer,” said Home Secretary Suella Braverman. “We are determined to combat the evil of child sexual exploitation wherever it is found, and this Act is a big step forward.”

In response, social media platforms including WhatsApp, Signal and iMessage say they cannot access or view anybody's messages without destroying existing privacy protections for all users and have threatened to leave the UK rather than compromise message security. WhatsApp has threatened to withdraw it service from the UK market. 

Gov.UK:      PWC:      BBC:    Independent:    The Verge:     UKTech:       Image: finelightarts

You Might Also Read: 

Online Safety Bill UK: WhatsApp, Encryption & The Implications For Privacy:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Attack On Chinese Bank Disrupts Financial Trading
API Security Is A Critical Boardroom Issue »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

DMH Stallard

DMH Stallard

DMH Stallard is a mid-market law firm. Areas of expertise include cyber security and cyber crime.

Cybereason

Cybereason

Cybereason provides attack protection with cutting edge EDR and XDR, and industry recognized consulting services to support organizations throughout any stage of the incident lifecycle.

ISC2

ISC2

ISC2 is an international, non-profit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

Quaynote Communications

Quaynote Communications

Quaynote Communications is a specialist conference and communications company focused primarily on the maritime, yachting, aviation and security industries.

Excelsecu Data Technology

Excelsecu Data Technology

Excelsecu is a global solution provider of online identity authentication, widely applied in banks, government bodies and enterprises.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

US Army Cyber Command (ARCYBER)

US Army Cyber Command (ARCYBER)

US Army’s Cyber Command (ARCYBER) is engaged in the real-world cyberspace fight today, against near-peer adversaries, ISIS, and other global cyber threats.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

Nomios

Nomios

Nomios develops innovative solutions for your security and network challenges. We design, secure and manage your digital infrastructure.

Information Technology Solutions (ITS)

Information Technology Solutions (ITS)

Information Technology Solutions is a single source provider for managing and securing mission-critical IT services.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

Skyhawk Security

Skyhawk Security

Skyhawk Security is the originator of Cloud threat Detection and Response (CDR), helping hundreds of users map and remediate sophisticated threats to cloud infrastructure in minutes.

VP Techno Labs

VP Techno Labs

VP Techno Labs is an award-winning cybersecurity firm focusing only cybersecurity to develop cutting edge solutions for emerging business.

Fairly AI

Fairly AI

Fairly AI is on a mission to democratize safe, secure, and compliant AI across the enterprise.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.