The UK government is now under increasing pressure to prioritise the Online Safety Bill so that it can receive Royal Assent. It is currently in the committee stage of the House of Lords which will be followed by a third and final reading. It has had a very tortuous journey to date and is still the subject of much comment and criticism. This week a number of encrypted messaging services including WhatsApp have recently signed an open letter criticising the Bill and suggesting that it will have the effect of undermining end-to-end encryption.

What will the Bill do?

The Bill proposes better regulation for search engines and firms that host user-generated content and aims to reduce the amount of online content deemed inappropriate for young people which could cause serious harm to their safety. This includes content promoting self-harm, eating disorders, content that depicts sexual violence as well as child sexual abuse material, revenge pornography, selling illegal drugs or weapons and terrorism.

Recent developments

Tech firms are required to introduce and enforce strict age limits and publish risk assessments detailing threats their services may encounter regarding inappropriate content and keeping children safe. Ofcom will have the power to issue enforcement notices to senior managers of tech platforms who are found to have breached their child safety duties by allowing exposure to age-restricted or illegal content.

At the end of January 2023, nearly fifty Conservative MPs supported back-bench proposals which led to further amendments to the Online Safety Bill. The rebellion wanted to see higher enforcement action for those who fail to protect children from damaging content online. The new amendment introduces criminal liability sanctions of up to two years’ imprisonment for senior managers who fail to protect online users. In the Online Safety Bill’s previous draft, senior managers were criminally liable only if they failed to respond to information requests from Ofcom. 

The current draft sets a high bar for personal criminal liability as it focuses on deliberate rather than negligent conduct of senior managers. An offence is committed where senior managers “have consented or connived in ignoring enforceable requirements, risking serious harm to children”. The idea of “serious harm” is new; the backbenchers' amendment did not specify the level of harm required to trigger criminal liability and no further detail has been set out in this regard. In addition, senior managers’ failure to comply with their duties may result in fines of up to 10% of the company’s global turnover.

Why is this important?

The latest amendments place the burden on tech companies to proactively assess risks of harm to their users and establish systems and processes to keep them safer online, rather than on Ofcom moderating individual pieces of content. If the amendments are incorporated into the final version of the Bill these offences will have far more serious consequences for senior managers of non-compliant businesses.