The Online Safety Bill has passed its final UK parliamentary debate and is now ready to become law. Despite widespread criticism and scrutiny from security and privacy leaders, as well as significant amendments, this major milestone means the UK government is within touching distance of delivering its controversial new internet safety rules.
Online Safety Bill aims to protect users, tackle fraud
The Online Safety Bill takes a zero-tolerance approach to protecting children and makes sure social media platforms are held responsible for the content they host, along with ensuring adults are better empowered to take control of their online lives, the UK government said. Under the bill, the biggest social media platforms will have to stop users being exposed to dangerous fraudulent adverts by blocking and removing scams, or face Ofcom’s huge new fines. If social media platforms do not comply with these rules, Ofcom could fine them up to ?18 million or 10% of their global annual revenue, whichever is biggest – meaning fines handed down to the biggest platforms could reach billions of pounds.
The regulator will immediately begin work on tackling illegal content and protecting children’s safety, with its consultation process launching in the weeks after Royal Assent. It will then take a phased approach to bringing the Online Safety Bill’s into force.
“The Online Safety Bill is a game-changing piece of legislation. Today, this government is taking an enormous step forward in our mission to make the UK the safest place in the world to be online,” said Michelle Donelan, technology secretary.
Security, privacy experts slam UK Online Safety Bill
In July, almost 70 UK information security and cryptography researchers signed an open letter strongly opposing the UK Online Safety Bill, raising concerns over its interaction with security and privacy technologies. The letter criticized the bill’s proposal to technologically enable the routine monitoring of personal, business, and civil society online communications to prevent the dissemination of child sexual exploitation and abuse (CSEA) content.
The letter also noted that several international communication providers have indicated that they will refuse to comply with Online Safety Bill orders that compromise the security and privacy of their customers, threatening to leave the UK market. This puts those in the UK in a vulnerable situation, having to adopt compromised and weak solutions for online interactions, it added.
In December, 70 organizations, cybersecurity experts and elected officials signed a separate open letter highlighting their concerns that the legislation could attack end-to-end encryption, putting users at greater risk. In June, tech giant Apple echoed similar sentiments. Earlier this month, the UK government rolled back on its proposed controversial encryption rules, stating that the powers granted by the legislation will not be used to scan encrypted messaging apps for harmful content until it can be done in a targeted manner.