TL;DR  The Online Safety Act officially becomes law today. It’s an Act to address some very serious public policy issues that have arisen as the Internet reached maturity, but the divisive politicking employed to get it over the line means that implementation will be a challenge, to say the least. This is not because people don’t want to protect children or tackle abuse – we all do – but because the methods proposed in the Online Safety Act for implementing that protection do not work with the existing global infrastructure.

While there is general agreement on key aims like protecting children online,  tackling abuse of women on social media platforms, and online fraud, no consensus was achieved around how to do it. Instead, there was a toxic policy discourse that failed to engage with the technical communities who make the system works.

This has only served to store up problems for the future. Like any non-consensual act, the consequences cannot be escaped forever.

 It is a law that is trying to put barriers around the UK Internet on the one hand, and trying to make UK law regulate the whole Internet on the other. This creates a set of legal and technical conflicts that will forever plague the implementation and the policy aims will end up becoming the victims. Its proponents may think they’ve won, but fissures will crack open as soon as government authorities begin to implement it.

The Online Safety Act is a result of a prolonged lobbying campaign by what has become  - over the past 10-15 years - a highly resourced and well funded international network. It crept up slowly from behind the curtains, and silenced critics with emotive positioning.  Even a moderate counter-argument on end-to-end encryption has got proponents howling like a wild animal caught with its paw in a trap.

Some critics simply did not believe that the government would ever do this, and stayed quiet until it was too late. But the divisions that were held down during the legislative phase will now come to the fore. Views that were silenced,  will now have to be dealt with.

None of this is conducive to good regulatory practice and Ofcom’s position is unenviable. End-to-end encryption is only one of the suppressed technical issues. Another one is age verification which opens up a technological Pandora’s box. It is not only about data privacy. There are  broader questions  around the way that this new British law tries to up-end the entire legal and technological framework of the Internet. It’s about the way that this law seeks to alter the free flow of information on which the Internet is built – and on which we rely for many aspects of a our lives today.  

The incumbent legal framework is based on protection from liability. It seeks to address in a fair way, the need to remove content or deal with bad actors. If platforms and service providers  follow the rules, they will not be held liable for the content they host or carry.  The rules on intermediary liability protect the technical infrastructure, which is based on a layered system and a free flow of data. It means that innovation can flourish, because any point on the network can be reached from any other,  there is no permission needed to set up a new service and the protocols are openly available. It creates  positive externalities for public communication.  That’s how we got all of the services that we rely on today, not just social media, but banking, commerce and government services. Anyone under the age of 30 probably has no notion of what it what like before.

The Online Safety Act changes all that. It creates a shift to a regime of strict liability where restriction will become the norm. Online platforms will have to determine illegality and deal with it or risk criminal prosecution. It puts in place barriers and gateways. This legal shift will not only break with the structural principles on which the Internet is built. It will also diverge from European law, potentially creating further problems for EU-UK online business.

Sadly, there was no attempt by the UK government to address these technical and legal issues. It allowed itself to be held in thrall by a narrow cluster of stakeholders, and  failed to seek out views from wider communities of interest or get its head around the tech.

So now the public purse must fund the regulation of the law, costing  100 million pounds to get started, and more in the years to come. The Online Safety Act is a massive failure of law-making, and due to that divisive approach, unlikely to achieve its very laudable aims. 

---

I provide independent advice on policy issues related to online content. I specialise in interpreting amendments to laws. It was a core element of my PhD methodology and I've been doing it ever since. If you need help with the Online Safety Act please get in touch.

You are free to cite from this article. Kindly acknowledge Dr Monica Horten as the author and provide a link back.

• < Prev