Websites To Be Fined Over 'online harms' Under New UK Law

Internet sites could be fined or blocked if they fail to tackle "online harms" such as terrorist propaganda and child abuse, under British government plans. The Department for Digital, Culture, Media and Sport (DCMS) has proposed an independent watchdog that will write a "code of practice" for tech companies.
 
Senior managers could be held liable for breaches, with a possible levy on the industry to fund the regulator. But critics say the plans threaten freedom of speech. 
 
The Online Harms White Paper is a joint proposal from the DCMS and the Home Office. A public consultation on the plans will run for 12 weeks.
 
The paper suggests:
  • establishing an independent regulator that can write a "code of practice" for social networks and internet companies
  •  giving the regulator enforcement powers including the ability to fine companies that break the rules
  • considering additional enforcement powers such as the ability to fine company executives and force internet service providers to block sites that break the rules
Outlining the proposals, Digital, Culture, Media and Sport Secretary Jeremy Wright said: "The era of self-regulation for online companies is over.
 
"Voluntary actions from industry to tackle online harms have not been applied consistently or gone far enough."
Discussing financial penalties on BBC Breakfast, he said: "If you look at the fines available to the Information Commissioner around the GDPR rules, that could be up to 4% of company's turnover... we think we should be looking at something comparable here."
 
What are 'online harms'?
The plans cover a range of issues that are clearly defined in law such as spreading terrorist content, child sex abuse, so-called revenge pornography, hate crimes, harassment and the sale of illegal goods. But it also covers harmful behaviour that has a less clear legal definition such as cyber-bullying, trolling and the spread of fake news and disinformation.
 
It says social networks must tackle material that advocates self-harm and suicide, which became a prominent issue after 14-year-old Molly Russell took her own life in 2017. After she died her family found distressing material about depression and suicide on her Instagram account. Molly's father holds the social media giant partly responsible for her death.
 
Home Secretary Sajid Javid said tech giants and social media companies had a moral duty "to protect the young people they profit from". 
"Despite our repeated calls to action, harmful and illegal content - including child abuse and terrorism - is still too readily available online.
 
What do the Proposals say?
The plans call for an independent regulator to hold internet companies to account. 
It would be funded by the tech industry. The government has not decided whether a new body will be established, or an existing one handed new powers.
 
The regulator will define a "code of best practice" that social networks and internet companies must adhere to.
 
As well as Facebook, Twitter and Google, the rules would apply to messaging services such as Snapchat and cloud storage services.
 
The regulator will have the power to fine companies and publish notices naming and shaming those that break the rules.
The government says it is also considering fines for individual company executives and making search engines remove links to offending websites. Ministers "envisage" that fines and warning notices to companies will be included in an eventual bill. 
They are also consulting over blocking harmful websites or stopping them from being listed by search engines.
On the face of it, this is a tough new regime - and ministers have acted upon the demands of charities like the NSPCC which want what they regard as the "Wild West Web" to be tamed. 
 
But a closer look reveals all sorts of issues yet to be settled. 
Will a whole new organisation be given the huge job of regulating the internet? Or will the job be handed to the media regulator Ofcom? What sort of sanctions will be available to the regulator? And will they apply equally to giant social networks and to small organisations such as parents' message boards?
 
Most tricky of all is how the regulator is going to rule on material that is not illegal but may still be considered harmful. Take this example - Misinformation is listed as a potential harm.
 
So will the regulator tell companies that their duty of care means they must remove such material? The government now plans to consult on its proposals. It may yet find that its twin aims of making the UK both the safest place in the world online and the best to start a digital business are mutually incompatible.The white paper offers some suggestions that could be included in the code of best practice. It suggests the spread of fake news could be tackled by forcing social networks to employ fact-checkers and promote legitimate news sources.
 
But the regulator will be allowed to define the code by itself. The white paper also says social media companies should produce annual reports revealing how much harmful content has been found on their platforms. The children's charity NSPCC has been urging new regulation since 2017 and has repeatedly called for a legal duty of care to be placed on social networks.
A spokeswoman said: "Time's up for the social networks. They've failed to police themselves and our children have paid the price."
 
How have the Social Networks reacted?
Rebecca Stimson, Facebook's head of UK policy, said in a statement: "New regulations are needed so that we have a standardised approach across platforms and private companies aren't making so many important decisions alone. 
"New rules for the internet should protect society from harm while also supporting innovation, the digital economy and freedom of speech."
 
Twitter's head of UK public policy Katy Minshall said in a statement: "We look forward to engaging in the next steps of the process, and working to strike an appropriate balance between keeping users safe and preserving the open, free nature of the Internet."
 
TechUK, an umbrella group representing the UK's technology industry, said the government must be "clear about how trade-offs are balanced between harm prevention and fundamental rights".
 
Matthew Lesh, head of research at free market think tank the Adam Smith Institute, went further. He said: "The government should be ashamed of themselves for leading the western world in internet censorship. 
 
"The proposals are a historic attack on freedom of speech and the free press. "At a time when Britain is criticising violations of freedom of expression in states like Iran, China and Russia, we should not be undermining our freedom at home."
 
Freedom of speech campaigners Article 19 warned that the government "must not create an environment that encourages the censorship of legitimate expression". 
 
A spokesman said it opposed any duty of care being imposed on internet platforms.
They said that would "inevitably require them to proactively monitor their networks and take a restrictive approach to content removal".  "Such actions could violate individuals' rights to freedom of expression and privacy," they added.
 
BBC
 
You Might Also Read:
 
Regulation Might Actually Protect Facebook:
 
British Government Is Planning Internet Regulation:
 
 
 
« Critical Infrastructure Is Under Worldwide Attack
The Maritime Shipping Industry Should Be On Red Alert »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

Open Web Application Security Project (OWASP)

Open Web Application Security Project (OWASP)

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Labaton Sucharow

Labaton Sucharow

Standing on the horizon of law and technology, our Cybersecurity and Data Privacy Practice helps to protect consumers who have been harmed by businesses’ failures to safeguard their customers' data.

A&O Shearman

A&O Shearman

A&O Shearman is a law firm at the forefront of the forces changing the current of global business: energy transition, life sciences, technology, private capital, finance and beyond.