The Online safety bill – will it keep us safe?
The online safety bill will have its third reading in the House of Lords in the coming days. The bill is incredibly broad in its scope and the intention is that it will make a number of internet services safer for individuals, particularly young people.
The bill introduces a duty of care for online platforms that have a significant number of users in the UK; which target UK users; or where there are reasonable grounds to believe that due to the content of the service provider, there is a material risk of significant harm to individuals in the UK.
It imposes the duty to regulate illegal content. Importantly, the bill also requires online platforms to regulate content that is harmful to children, as well as content that is deemed illegal.
However, one of the most controversial target areas for the bill is the proposals regarding encryption. There has been considerable debate throughout the passage of the bill regarding this and tech companies have raised concerns about the measures and how they will impact on an individual’s right to privacy.
The bill allows for Ofcom to require a company to scan the content of encrypted messages for illegal content, including child sex abuse material or evidence of terrorism. It also requires Ofcom to commission a report by a “skilled person” before instructing these messaging companies to scan encrypted messages, a new addition to the bill following amendments. This will allow independent researchers to access data from social media platforms.
Encryption is used by several well known messaging services, including WhatsApp, to ensure that messages sent between individuals are private. The CEOs of a number of these services sent an open letter to the UK government in April 2023 highlighting their concerns about the end of end-to-end encryption.
The letter raises significant privacy concerns about the bill, as well as the possibility that other governments may seek to rely on the UK as a precedent for drafting their own laws cracking down on citizen privacy. It states: “The Bill poses an unprecedented threat to the privacy, safety and security of every UK citizen and the people with whom they communicate around the world, while emboldening hostile governments who may seek to draft copy-cat laws.”
Indeed, the UN High Commissioner for Human Rights has shared their concerns about eroding encryption and their opinion that the online safety bill may inadvertently lead to this:
“Imposing general client-side scanning would constitute a paradigm shift that raises a host of serious problems with potentially dire consequences for the enjoyment of the right to privacy and other rights. Unlike other interventions, mandating general client-side scanning would inevitably affect everyone using modern means of communication, not only people involved in crime and serious security threats. Given the possibility of such impacts, indiscriminate surveillance is likely to have a significant chilling effect on free expression and association, with people limiting the ways they communicate and interact with others and engaging in self-censorship.”
The government suggests that these concerns are unfounded as the provisions within the bill are not intended to be used in this way, but it wouldn’t be the first-time unintended consequences have resulted from ambiguously worded legislation.
There is no doubt that the bill would compel companies operating in the UK to implement a different regulatory framework to other states, including EU states. A number of companies have threatened to pull out of the UK market as a result. These changes could have a material effect on the way in which communication is managed in the UK. Privacy campaigners have highlighted the risk of handing over sensitive data to researchers without safeguards in place.
The original draft of the bill had required online platforms to regulate illegal and harmful content. However, this has been amended so that harmful content need only be regulated when it is viewed by children, following claims that the wider version of the provision infringed free speech laws. Instead, online platforms will have to develop a mechanism whereby adults have more control to filter out harmful content themselves.
The NSPCC however has been supportive of stricter controls on harmful content. In August this year, the NSPCC released figures that show that 34,000 online grooming crimes had been recorded over the past 6 years. The charity cited date from 42 UK police forces which shows that 6,350 offences related to sexual communication with a child were recorded last year, an increase of 82% since the offence was introduced in 2017.
The bill will require online platforms to assess and publish the risk of potential harm to children on their sites. They will also need to explain how they will enforce age limits; the importance of this has obviously increased now the rules on harmful vs illegal content are different for those under and over the age of 18.
The bill also introduces stricter rules on the viewing of pornography, the distribution of intimate images without consent (revenge porn) and encouraging self-harm.
So, will the bill make us safer?
It is clear that regulation of the internet is currently woefully insufficient, and that something must be done to address this i. While changes within the bill are welcomed, there is a general feeling that the bill has been drafted haphazardly and without the necessary engagement from those with genuine expertise, including those in the tech field. As such, the concerns raised with regard to individual privacy should not be dismissed unthinkingly. We risk creating more harm in a misjudged attempt to prevent it.
If you would like advice on privacy, please call the team on 0207 388 1658 or email at email@example.com.
Katherine Hughes, Trainee Solicitor
Please note that the information contained in this article was correct at the time of writing. There may have been updates to the law since the article was written which may affect the information and advice given therein.