arturas kerdokas - Fotolia

Government expands tech firms’ obligations in Online Safety Bill

UK government announces changes to its forthcoming Online Safety Bill, including new criminal offences and expanded list of content internet companies will need to proactively address

The UK government has expanded the scope of its upcoming Online Safety Bill (OSB) by adding three new criminal offences and a number of new “priority offences” that tech companies will have to proactively prevent people from being exposed to.

As it currently stands, the draft OSB would impose a statutory “duty of care” on technology companies that host user-generated content or allow people to communicate, meaning they would be legally obliged to proactively identify, remove and limit the spread of both illegal and legal but harmful content, such as child sexual abuse, terrorism and suicide material.

Failure to do so could result in fines of up to 10% of their turnover by the online harms regulator, which was confirmed to Ofcom in December 2020.

There are two types of illegal content under the OSB – content that only requires mitigation when reported by a user, and content that service providers are required to proactively seek out and minimise the presence of on their platform, otherwise known as “priority illegal content”.

While terrorism and child sexual abuse were already included in the priority list, the government has now re-drafted it to include revenge porn, hate crime, fraud, the sale of illegal drugs or weapons, the promotion or facilitation of suicide, people smuggling, and sexual exploitation.

It will also place these priority offences “on the face of the Bill”, removing the need for them to be set by secondary legislation at a later date, which the government claims will enable Ofcom to take faster action against tech firms that fail to deal with the named content.

To proactively tackle the new priority offences, these firms must design features, functionalities and algorithms that prevent users from encountering them in the first place, and work to minimise the length of time the content is available on their services.

Read more about online safety

  • Firms working on the UK government’s Safety Tech Challenge have suggested that scanning content before encryption will help prevent the spread of child sexual abuse material – but privacy concerns remain.
  • A DCMS select committee has warned that the Online Safety Bill should be expanded to cover more types of harmful content, such as child abuse material designed to circumvent content removal.
  • House of Lords report criticises the government’s forthcoming Online Safety Bill for imposing duty of care on tech platforms to deal with ‘legal but harmful’ content, which it says threatens freedom of expression online.

The government has suggested this could be achieved by automated or human content moderation, banning illegal search terms, spotting suspicious users and having effective systems in place to prevent banned users opening new accounts.

“This government said it would legislate to make the UK the safest place in the world to be online while enshrining free speech, and that’s exactly what we are going to do. Our world-leading bill will protect children from online abuse and harms, protecting the most vulnerable from accessing harmful content, and ensuring there is no safe space for terrorists to hide online,” said digital secretary Nadine Dorries.

“We are listening to MPs, charities and campaigners who have wanted us to strengthen the legislation, and today’s changes mean we will be able to bring the full weight of the law against those who use the internet as a weapon to ruin people’s lives and do so quicker and more effectively.”

The new criminal offences being introduced include a “genuinely threatening” communications offence “designed to better capture online threats to rape, kill and inflict physical violence or cause people serious financial harm”, which would carry a sentence of up to five years; and an offence regarding communications sent with the intent of causing psychological harm or serious emotional distress, which will carry a sentence of up to two years.

The third and final new criminal offence is for deliberately sending a “knowingly false” message with the intention of causing harm, which will come with a 51-week sentence. This would therefore not apply to misinformation where people are unaware what they are sending is false or genuinely believe it to be true, meaning a court would have to prove the individual knew the content was not true before posting.

The government is also considering the Law Commission’s recommendations for specific offences to be created relating to cyber flashing, encouraging self-harm and epilepsy trolling.

“The criminal law should target those who specifically intend to cause harm, while allowing people to share contested and controversial ideas in good faith. Our recommendations create a more nuanced set of criminal offences, which better protect victims of genuinely harmful communications as well as better protecting freedom of expression,” said the commissioner for criminal law, Penney Lewis. “I am delighted that the government has accepted these recommended offences.”

Criminal sanctions

Addressing the joint Online Safety Bill committee in November 2021, Dorries previously called for criminal sanctions for tech company executives to be expedited, suggesting that the two-year grace period written into the draft OSB be shortened from two years to “three to six months”.

In December 2021, following a five-month inquiry, the same committee published a 193-page report on how the OSB can be improved to better deal with harmful content and abuse on the internet.

Major changes recommended in the report included placing criminal sanctions on senior managers for “repeated and systemic failings” to protect users from harm online and expanding the powers of Ofcom to investigate, audit and fine non-compliant tech companies.

While the draft OSB already includes a criminal sanction for tech company executives, it only applies for failure to supply information to Ofcom. The committee’s recommendation to extend criminal liability to systemic failings – which it qualified as being a “proportionate last resort for the regulator” – has not yet been included in the Bill.

Committee chair Damian Collins nevertheless welcomed the changes, saying they will make the OSB stronger and easier to implement.

“These changes will give social media businesses more clarity on what’s expected of them, and users more certainty that they will be protected, especially children,” he said. “The Prime Minister made clear that he wanted this Bill to be introduced in this session of Parliament, and I look forward to speaking in favour of it soon.”

Read more on Technology startups