UK Government Drafts New Legislation to Force Tech Firms to Tackle Online Abuse

The UK government has published draft legislation designed to tackle a number of online harms, ranging from child sexual abuse to fraud.

The Online Safety Bill, which formed part of yesterday’s Queen’s Speech during the state opening of Parliament, will place new obligations on social media sites and other services hosting user-generated content or allowing people to talk to others online to remove and limit the spread of illegal and harmful content. This includes child sexual abuse, terrorist material, and suicide content.

The announcement has come amid a substantial rise in online abuse and fraud during the COVID-19 crisis, in which there has been huge shift to digital.

Under the legislation, all these companies will have a duty of care to take “robust” action against illegal abuse on their platforms, which includes hate crimes, harassment, and threats directed at individuals. They will also be required to report child sexual exploitation and abuse (CSEA) content identified on their services to law enforcement.

Additionally, major social media companies, labeled Category 1 services, will have to set out in their terms and conditions how they will address content that falls below the threshold of a criminal offense but is still harmful, such as mis/disinformation.

The UK communications regulator, Ofcom, will be responsible for holding these firms to account, and will have the power to fine those failing to meet their duty of care up to £18m or 10% of annual global turnover, whichever is higher. There will also be a new criminal offense for senior managers, which will initially be deferred.

The new law also looks to tackle fraud by forcing online businesses to take responsibility for fraudulent user-generated content on their platforms, such as social media posts. This includes romance scams, which have surged since the start of the COVID-19 crisis.

Other provisions in the bill are designed to protect free speech online. These include obligations on all in-scope companies to consider and put in safeguards for freedom of expression and the protection of content defined as "democratically important."

The draft bill will now be scrutinized by a joint committee of MPs before a final version is presented to Parliament.

Home Secretary Priti Patel commented: “This new legislation will force tech companies to report online child abuse on their platforms, giving our law enforcement agencies the evidence they need to bring these offenders to justice.

“Ruthless criminals who defraud millions of people and sick individuals who exploit the most vulnerable in our society cannot be allowed to operate unimpeded, and we are unapologetic in going after them.

“It’s time for tech companies to be held to account and to protect the British people from harm. If they fail to do so, they will face penalties.”

Yesterday, during her address at the CYBERUK 2021 online event, Patel announced there will be a formal review of the Computer Misuse Act this year to ensure law enforcement agencies are properly equipped to tackle online abuse and cybercrime.

What’s Hot on Infosecurity Magazine?