WWW.COMPUTERWEEKLY.COM
Ofcom publishes Illegal Harms Codes of Practice
Sergey Nivens - FotoliaNewsOfcom publishes Illegal Harms Codes of PracticeThe codes of practice and guidance from Ofcom outline the steps online services providers can take to protect their users from illegal harmsBySebastian Klovig Skelton,Data & ethics editorPublished: 17 Dec 2024 13:06 Online harms regulator Ofcom has published its first code of practice for tackling illegal harms under the Online Safety Act (OSA), giving businesses three months to prepare before enforcement begins in March 2025.Published 16 December 2024, Ofcoms Illegal Harms Codes and guidance outlines the steps providers should take to address illegal harms on their services.This includes nominating a senior executive to be accountable for OSA compliance, properly funding and staffing content moderation teams, improved algorithmic testing to limit the spread of illegal content, and removing accounts that are either run by or are on behalf of terrorist organisations.Covering more than 100,000 online services, the OSA applies to search engines and firms that publish user-created content, and contains 130 priority offences covering a variety of content types including child sexual abuse, terrorism and fraud that firms will need to proactively tackle through their content moderation systems.With the publication of the codes, providers now have deadline of 16 March 2025 to fulfil their legal duty to assess the risk of illegal harms taking place on their services, after which they will be immediately expected to implement the safety measures set out in the codes,or use other effective measures to their protect users.Ofcom has said it is ready to take enforcement action if providers do not act promptly to address the risks on their services.Under the OSA, failure to comply with its measures including a failure to complete the risk assessment process within the three month timeframe could see firms fined up to 10% of their global revenue or 18m (whichever is greater).For too long, sites and apps have been unregulated, unaccountable and unwilling to prioritise peoples safety over profits. That changes from today, said Ofcom chief executive Melanie Dawes.The safety spotlight is now firmly on tech firms and its time for them to act. Well be watching the industry closely to ensure firms match up to the strict safety standards set for them under our first codes and guidance, with further requirements to follow swiftly in the first half of next year.Technology secretary Peter Kyle who set out his draftStatement of Strategic Priorities(SSP) to the regulator in November 2024 described the codes as a material step change in online safety that mean platforms will have to proactively taken down a host of illegal content.This government is determined to build a safer online world, where people can access its immense benefits and opportunities without being exposed to a lawless environment of harmful content, he said.If platforms fail to step up the regulator has my backing to use its full powers, including issuing fines and asking the courts to block access to sites. These laws mark a fundamental re-set in societys expectations of technology companies. I expect them to deliver and will be watching closely to make sure they do.While theSSP is set to be finalised in early 2025, the current version contains five focus areas, including safety by design, transparency and accountability, agile regulation, inclusivity and resilience, and innovation in online safety technologies.Under the OSA, Ofcomwill have to report back to the secretary of state on what actions it has taken against these priorities to ensure the laws are delivering safer spaces online, which will then be used to inform next steps.Ofcom said it will be holding a further consultation in spring 2025 to expand the codes, which will include looking at proposals on banning accounts that share child sexual abuse material, crisis response protocols for emergency events such as the August 2024 riots in England, and the use of hash matching to prevent the sharing of non-consensual intimate imagery and terrorist content.Under Clause 122 of the OSA, Ofcom has the power to require messaging service providers to develop and deploy software that scans phones for illegal material. Known as client-side scanning, this method compares hash values of encrypted messages against a database of hash values of illegal content stored on a users device.Encrypted communication providers havesaidOfcoms power to require blanket surveillance in private messaging apps in this fashion would catastrophically reduce safety and privacy for everyone.Responding to the publication of the codes, Mark Jones, partner at law firm Payne Hicks Beach, said the fact that there will have been 14 months between the OSA receiving Royal Assent in October 2023 and the codes coming into force in March 2025 shows there has been no urgency in tackling illegal harms.Lets be clear this is, to a degree, self-regulation. Providers decide for themselves how to meet the legal duties and what is proportionate for them, he said. Ofcom does, however, have enforcement powers such as fines of up to 18m or 10% of global turnover or even blocking sites in the most serious of cases. But will we see these powers being used swiftly, or at all? Critics say the Codes of Practice do not go far enough and that a gradualist approach is being taken to illegal harms.Xuyang Zhu, partner at global law firm Taylor Wessing, added that while there are further codes of practice set to be published, companies now have strict timelines to adhere to and can no longer delay taking action on implementing safety measures.Companies need to act now if they want to avoid failing compliance and facing potentially significant fines, she said. For many services, it will take substantial time and effort to do the risk assessment, going through the system and data to identify risks as well as putting in compliance measures to mitigate the identified harms. It wont be an easy task and, to ensure that companies can make it by the deadline, they need to start now.Ofcom previously published its draft online child safety codes for tech firms in April 2024. Under the codes, Ofcom expects any internet services that children can access (including social media networks and search engines) to carry out robust age checks, to configure their algorithms to filter out the most harmful content from these childrens feeds, and implement content moderation processes that ensure swift action is taken against this content.The draft codes also includemeasures to ensure tech firms compliance, including by having a named senior person accountable for compliance with the childrens safety duties, an annual senior-body review of all risk management activities relating to childrens safety, and an employee code of conduct that sets standards for employees around protecting children.Read more about online safetySchools go smartphone-free to address online harms: Schools are implementing smartphone-free policies in an attempt to curb students exposure to online harms, but teachers and parents are worried the Online Safety Act will only partially address concerns.Ofcoms online safety preparedness efforts hobbled by government: Despite Ofcoms progress so far, UK government changes to the scope and timetable of the Online Safety Bill are hobbling the ability of the regulator to successfully prepare for the new regime.Online Safety Bill screening measures amount to prior restraint: The Open Rights Group is calling on Parliament to reform the Online Safety Bill, on the basis that its content-screening measures would amount to prior restraint on freedom of expression.In The Current Issue:What do the home secretarys policing reforms mean for the future of the Police Digital Service?What are the security risks of bring your own AI?Download Current IssueMicrosoft Copilot: A Year of Learning Write side up - by Freeform DynamicsPrint Industry Trends, 2025 Quocirca InsightsView All Blogs
0 Comments
0 Shares
5 Views