The Online Safety Bill is a hot topic in the UK business world today. It is a new piece of legislation and is currently in the process of being passed. It is intended to protect the privacy of online users and protect businesses from cyber-attacks and other malicious activities.
While the Bill has been met with a variety of opinions, it is important for businesses to understand the impact it will have on their operations and the implications for their customers. This article will provide an overview of the Online Safety Bill and discuss the various areas of impact it will have on businesses.
Overview of the Online Safety Bill
The Online Safety Bill is a proposed piece of legislation that is intended to protect internet users from deceptive and potentially dangerous material and to in particular stop minors from encountering damaging content. This is done by implementing standards for online platforms such as social media to evaluate and remove unlawful material and content that is regarded as harmful. The government regards the Bill as a way to make the UK the safest place to be on the internet.
At the moment, when a person posts illegal or damaging material to the internet, the third-party platform that allows access to the material generally has protection from liability, meaning that the publisher is not responsible until they are made aware of the content, and they then have to take steps to get rid of it. This Bill requires organisations to search for illegal content and take it down right away, instead of expecting someone to bring it to their attention and then act on it.
The Bill will be one of the first laws to govern tech companies and the way they function, encompassing 25,000 corporations under its complex framework, and represents a major transformation in the way business is conducted on the internet.
Which businesses does the Bill apply to?
The Online Safety Bill creates rules to manage the material that is provided on any type of “user-to-user service” on the internet.
Companies that offer services including displaying user-generated content like photos, videos, and comments, or that give UK users the capability to communicate with others on the web through messaging, commenting, and discussion boards, will have to adhere to the Bill when it goes into effect. This covers messaging apps, certain online video games, cloud storage sites, and pornographic websites.
The Online Safety Bill would affect web search engines; websites that contain user-generated content, like social media platforms; discussion boards; certain video games; and websites that present or show sexually explicit material.
The proposed law is seeking to move away from the current self-regulation system that appears to have been unsuccessful, to one that requires accountability and puts safety first. Under this framework, tech companies will have to be able to show they have looked at crucial risks associated with their platforms, such as misinformation, predatory behaviour, and cyberbullying. They will have to provide proof that they have suitable safeguards in place, and those that fail to meet these standards may be subjected to huge penalties.
What are the concerns about the Bill?
The proposed Online Safety Bill could necessitate tech firms to construct backdoors in end-to-end encrypted messaging services to identify and alert authorities to offensive content. Experts have cautioned that these alterations might compromise data security and create a new opportunity for hackers to exploit, and threaten free speech.
Tech firms assert that it is not practicable to inspect encrypted messaging services for content such as child pornography without jeopardising the security of the complete system, which stops anyone, including platform managers, from accessing users’ messages. Companies need to use “client-side scanning” to guarantee that the information in a message is appropriate before it is encrypted. This method is the only practical way of achieving the desired level of access which has sparked a huge debate over data privacy concerns.
What happens if a business does not comply?
The proposed law provides communications regulator Ofcom with multiple enforcement options, such as the levying of fines, requiring firms to correct their non-conforming platforms, and even jail time for senior executives who don’t respond to Ofcom’s information requests or who willfully damage or hide information.
If a platform fails to obey the rules set out by the Bill, it can be subjected to a complete ban, which could have serious business consequences. It is noteworthy that the fines introduced under this Bill are comparable to those imposed under the European Union’s General Data Protection Regulation (GDPR).
Consequences of failing to comply with the Bill could cause businesses to be subjected to a penalty equivalent to 10% of their total global profits for the most recent monetary year, or a maximum fine of £18 million, whichever is higher.
To make penalties for companies who don’t fulfil their responsibilities more stringent, the proposed Bill goes beyond just issuing fines and could lead to criminal charges for those implicated in certain offences. The scope of the proposed legislation would extend to workers of all levels of the organisation, with added emphasis on the “senior manager” role. Should a senior manager fail to do all that is reasonably expected of them to prevent a violation of the Bill, they could be held accountable. If an individual working in a company or a high-ranking executive is found guilty of any illegal activity, the Bill states that they could face up to two years in jail, which is a heavy punishment for an experienced senior manager.
What should businesses do next?
Rather than waiting until the Bill is officially passed, it is important to take steps now to prepare for compliance. This could be to determine whether a business is subject to the requirements of the Bill before performing an in-depth analysis to identify which components of the legislation will apply to their activities, the parts of their websites that this affects, and the associated legal liability. The IT consultants at INTELLIWORX are experts at guiding businesses through governance, risk and compliance and can help your business understand the impact of the Online Safety Bill and how to prepare for the future.