As the Bill nears its third reading in the House of Lords, we have seen a number of significant shifts, with more Government amendments still to come. We focus here on four key changes and battlegrounds:
- Age assurance and age verification
The Government has proposed a significant package of amendments to strengthen the protections for children from online pornography by requiring providers who publish or allow this content to use age verification or estimation. The Bill will now set a clear objective and "high bar" for effectiveness: systems will need to be highly effective in correctly determining whether or not a user is a child. The Government is also setting a clear timetable for the implementation of the child safety duties, illegal content duties and Part 5 (pornographic content) duties by obliging Ofcom to produce draft codes of practice and relevant guidance within 18 months of Royal Assent.
- The definition of "harm"
In a defeat for the Government, Peers have backed amendments that will widen the scope of online harm to include the effects of algorithms and other aspects of platform design, beyond mere content. Leading the charge, Baroness Kidron gave the example of influencer Andrew Tate, whose content has been pushed to hundreds of thousands of children by way of a content-neutral "network effect": boys are simply recommended the same (objectionable) content being viewed by their peers. She insisted it was "a category error not to see harm in the round. Views on content can always differ but the outcome on a child is definitive. It is harm, not harmful content, that the Bill should measure." The Government had already said it would amend the Bill to account for cumulative harmful content but – while welcoming those amendments - Baroness Kidron pushed for the Bill to address, also, cumulative harms that stem from features and functionalities. Ofcom however, sounded a note of caution on the practicalities of enforcement; Chief Executive Dame Melanie Dawes said the regulator was concerned the amendments added a "layer of legal complexity".
- User empowerment
We have previously reported concerns that removing the "harms to adults" duty, including risk assessments for content that is "awful but lawful", would leave a huge gap in the Bill, particularly for vulnerable adults, including young adults suddenly exposed to a less protected environment as they turn 18. The Government has now tabled an amendment requiring Category 1 providers proactively to ask registered adult users whether they would like the content tools to be applied: a "forced choice". At the same time, an amendment proposed by Lord Clement Jones seeks to make the tools customisable in relation to each harm identified by Parliament, rather than having just an on/off choice for all harms (although an "all off" option would still be available). Importantly, another of his amendments looks to ensure that users are not charged extra to access the new features.
- End-to-end encryption
The Bill requires providers to instal "accredited technology" capable of piercing encrypted communications, in order to tackle illegal content. Messaging apps including WhatsApp and Signal insist this will effectively kill end-to-end encryption, leaving UK users open to mass surveillance and abuse by hackers and hostile states. With no sign of any concessions, they have renewed their lobbying efforts and reiterated their threats to quit the UK market. They have been joined in an open letter by 70 specialist researchers and scientists who argue that the proposed monitoring is "categorically incompatible with maintaining today’s (and internationally adopted) online communication protocols that offer privacy guarantees similar to face-to-face conversations," and "attempts to sidestep this contradiction are doomed to fail on the technological and likely societal level". In short, "technology is not a magic wand" and we must retain full end-to-end encryption, without back doors and third-party access, if it is to have any meaningful value.
Next steps
Finally, a note on timing. In June, Ofcom published an update to its roadmap to regulation, confirming the phased approach to its production of codes and guidance, but with a new assumed date for Royal Assent of autumn 2023. This means that the regulatory regime is unlikely to be fully operational until 2025, and the National Audit Office noted in its report on 12 July that the deadline could slip again, if further significant changes are made to the Bill.
For more information, including our previous instalments, visit our Online Safety Bill Hub. If you have any feedback or questions, do let us know.
To receive further updates as the Bill progresses, please sign-up to our Online Safety Bill mailing list.