UK Govt. will announce controversial new "Online Harms" bill tomorrow

[Master Disaster]

First announced back in 2019, the Online Harms bill is a sweeping list of rules that all online entities must adhere to for its UK based customers. The new rules go as far as giving Ofcom (the UKs communication regulator) the power to block access to sites in the UK if companies fail to follow the new, pretty extensive list of rules.

 

Quote

The bill seeks to tackle access to harmful material online, has been introduced to parliament.

 

It would give regulator Ofcom the power to fine firms or block access to sites that fail to comply with the new rules.

 

The bill - originally announced in 2019 - covers a wide array of topics relating to harmful material online.

Big companies will have to provide strategies which identify risks to their customers and how they intend to deal with these risks. These strategies must then be followed by the companies, failure to do so can result in fines, complete cut off from the UK and even jail time for employees of said companies.

Quote

Big social media companies will be required to assess risks of the types of legal harms against adults which could arise on their services, and will have to set out how they will deal with them - and enforce these terms consistently.

 

Definitions of these legal harms will be set out in additional legislation, but potential examples could include material promoting self-harm, eating disorders or harassment.

 

Some of the additional aspects of the bill announced as it was introduced to Parliament include:

• Criminalising the sending of unsolicited sexual images to people using social media, known as cyber-flashing
• Giving people the right to appeal if they feel their social media posts were removed unfairly
• Preventing online scams, such as paid-for fraudulent adverts, investment fraud and romance scammers
• Requiring pornography websites to verify their users' ages
•  

Culture Secretary Nadine Dorries said the bill meant technology companies would not be left to "check their own homework".

 

"Tech firms haven't been held to account when harm, abuse and criminal behaviour have run riot on their platform," she said.

Quote

The bill will give new powers to Ofcom, which will be able to request information from companies, and executives who do not comply could face up to two years in prison within two months of the bill becoming law.

 

Senior managers would also be criminally liable if they destroyed evidence, did not attend an Ofcom interview, provided false information, or otherwise obstructed the regulator from entering offices.

 

Any firm breaching the rules would face a fine of up to 10% of its turnover, while non-compliant websites could be blocked entirely.

For those not following along (or that live outside of the UK), this bill is the third (or maybe fourth) iteration of the porn pass bill.

 

As is always the way, the government are using the ongoing conflict to push the bill through by saying the lack of this bill is the reason that Russian disinformation exists in the UK (which is just nonsense).

Quote

But shadow culture secretary Lucy Powell likened said the bill's delays had "allowed the Russian regime's disinformation to spread like wildfire online".

She added: "Other groups have watched and learned their tactics, with Covid conspiracy theories undermining public health and climate deniers putting our future at risk."

Source - https://www.bbc.co.uk/news/technology-60750463

 

Imma not gonna go deep on the politics here, I will just say one thing. Using the ongoing conflict as collateral to push this thing through is disgusting.

 

Anywho, on principle this bill actually has some well needed rules, kiddie porn = bad, revenge porn = bad, soliciting sex from people online = bad, the right to appeal = good, trying to stop scams = good (but will never actually do anything).

 

If this things passes tomorrow then the internet in the UK is in for a big shake up, lets just hope they haven't stealthed more stuff in that we don't know about.

 

More sources

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/985033/Draft_Online_Safety_Bill_Bookmarked.pdf

Source

https://commonslibrary.parliament.uk/research-briefings/cbp-8743/

[IkeaGnome]

3 minutes ago, Master Disaster said:

The bill will give new powers to Ofcom, which will be able to request information from companies, and executives who do not comply could face up to two years in prison within two months of the bill becoming law.

 

Senior managers would also be criminally liable if they destroyed evidence, did not attend an Ofcom interview, provided false information, or otherwise obstructed the regulator from entering offices.

 

Any firm breaching the rules would face a fine of up to 10% of its turnover, while non-compliant websites could be blocked entirely.

Good! And that's a surprise there. Fines that aren't just set at a ridiculously low number but are something actually meaningful. 

4 minutes ago, Master Disaster said:

lets just hope they haven't stealthed more stuff in that we don't know about.

Depending on what's hidden in the fine print, I'm really happy for you guys' getting this. When can we get our own. 

As far as the stuff banned. I've always thought it was a bit bullshit that if someone flashed someone on the street or in public, they can go to jail, but not online? People forget that there's other people on the other side of that monitor/picture/keyboard/game/video etc and hopefully this will help remind people and start teaching people of that. 

[Master Disaster]

Wait, I just had a thought...

 

Does this mean LMG have to provide the UK Govt. with a risk assessment for this forum and then stick to it? Like if @WkdPauldeletes one of my posts do I get an automatic right to appeal? (assuming it passes)

 

This is technically a social media platform, right?

 

Actual legit question @colonel_mortis@Spotty@TVwazhere@LinusTech

[LinusTech]

We literally don't even have any actual paid staff who work on the forum other than basic software maintenance at this point.

 

If LTT forum gets cut off in the UK, it gets cut off, I guess. We'd have to figure out compliance at some point in the future and appeal it then.

[da na]

8 minutes ago, Master Disaster said:

Wait, I just had a thought...

 

Does this mean LMG have to provide the UK Govt. with a risk assessment for this forum and then stick to it? Like if @WkdPauldeletes one of my posts do I get an automatic right to appeal? (assuming it passes)

 

This is technically a social media platform, right?

 

Actual legit question @colonel_mortis@Spotty@TVwazhere@LinusTech

they could just ban you before it's passed and no one would know

[Kazooduck]

7 minutes ago, Master Disaster said:

Wait, I just had a thought...

 

Does this mean LMG have to provide the UK Govt. with a risk assessment for this forum and then stick to it? Like if @WkdPauldeletes one of my posts do I get an automatic right to appeal? (assuming it passes)

 

This is technically a social media platform, right?

 

Actual legit question @colonel_mortis@Spotty@TVwazhere@LinusTech

That’s quite acres pings haha, I would imagine invision would enable it if it’s not their site?

[WkdPaul]

20 minutes ago, Master Disaster said:

Like if @WkdPauldeletes one of my posts do I get an automatic right to appeal? (assuming it passes)

FYI, while it's not automatic (as in, you don't get a PM and a link to fill an appeal), you can already appeal any moderation decision.

 

But I agree that having an automated message with appeal instructions would benefit everyone.

[Master Disaster]

4 minutes ago, WkdPaul said:

FYI, while it's not automatic (as in, you don't get a PM and a link to fill an appeal), you can already appeal any moderation decision.

 

But I agree that having an automated message with appeal instructions would benefit everyone.

It would lighten you guys workload since any decision would fire a PM without you needing to do it manually. Might make it hard to shadow ban stuff while its discussed though.

 

21 minutes ago, LinusTech said:

We literally don't even have any actual paid staff who work on the forum other than basic software maintenance at this point.

 

If LTT forum gets cut off in the UK, it gets cut off, I guess. We'd have to figure out compliance at some point in the future and appeal it then.

AFAICT (just incase, not a lawyer ) it mostly seemed to be aimed at the big boys anyway. I doubt you'd be big enough to be affected.

 

For those interested: https://www.gov.uk/government/consultations/online-harms-white-paper

[IkeaGnome]

@Master DisasterI know it's a PDF link, but here's the draft bill.

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/985033/Draft_Online_Safety_Bill_Bookmarked.pdf

Source

https://commonslibrary.parliament.uk/research-briefings/cbp-8743/

There's been some additions to it including Cyber Flashing and CSAM, but those are listed on the source link. Looks like these forums would fall into it.

Quote

Meaning of “user-to-user service” and “search service” (1) In this Act “user-to-user service” means an internet service by means of which content that is generated by a user of the service, or uploaded to or shared on the service by a user of the service, may be encountered by another user, or other users, of the service. (2) In subsection (1) the reference to content that may be encountered by another user, or other users, of a service includes content that is capable of being shared with such a user or users by operation of a functionality of the service that allows the sharing of content. (3) For the purposes of subsection (1) it does not matter what proportion of content present on a service is content described in that subsection. (4) For the meaning of “content” and “encounter”, see section 137. (5) In this Act “search service” means an internet service that— (a) is, or includes, a search engine (see section 134), and (b) is not a user-to-user service. (6) For the purposes of this Act, a dissociable part of a user-to-user service, or a dissociable part of a search service, is to be regarded as not forming part of the service if the conditions in paragraph 4(2) of Schedule 1 (internal business services) are satisfied in relation to that part.

Interestingly, in the penalties you see this.

Quote

A penalty must be of an amount that OFCOM consider to be— (a) appropriate, and (b) proportionate to the failure (or failures) in respect of which it is imposed. (4) Where a penalty is imposed on a person in respect of a regulated service provided by that person, the maximum amount of the penalty for which the person is liable is whichever is the greater of— (a) £18 million, and (b) 10% of the person’s qualifying worldwide revenue. (5) But if the person does not have an accounting period, the maximum amount of the penalty for which the person is liable is £18 million. (6) The maximum amount of a penalty for which a person not within subsection (4) is liable is £18 million. (7) For the purposes of subsection (4)(b), a person’s “qualifying worldwide revenue” is— (a) the amount of the person’s qualifying worldwide revenue for the person’s most recent complete accounting period; or (b) where OFCOM are deciding the amount of the penalty at a time when that person’s first accounting period has not yet ended, the amount that OFCOM estimate to be the person’s likely qualifying worldwide revenue for that period.

 

[Master Disaster]

1 minute ago, IkeaGnome said:

@Master DisasterI know it's a PDF link, but here's the draft bill.

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/985033/Draft_Online_Safety_Bill_Bookmarked.pdf

Source

https://commonslibrary.parliament.uk/research-briefings/cbp-8743/

 

Added to OP

[Master Disaster]

51 minutes ago, Mel0nMan said:

they could just ban you before it's passed and no one would know

They probably should just for firing all them pings

[Arika]

3 hours ago, Master Disaster said:

• Preventing online scams, such as paid-for fraudulent adverts, investment fraud and romance scammers

I like this, no I ideas how they are going to enforce it since it's already illegal anyway.

 

Quote

• Requiring pornography websites to verify their users' ages

Didn't they announce this in 2019 with a porn pass? Or will you now need to give porn sites government issued ID? 

And how will it work with sites like Twitter and reddit that aren't explicitly porn sites, but have a lot of porn on them?

[colonel_mortis]

3 hours ago, Master Disaster said:

Wait, I just had a thought...

 

Does this mean LMG have to provide the UK Govt. with a risk assessment for this forum and then stick to it? Like if @WkdPauldeletes one of my posts do I get an automatic right to appeal? (assuming it passes)

 

This is technically a social media platform, right?

 

Actual legit question @colonel_mortis@Spotty@TVwazhere@LinusTech

From my extremely cursory reading of the actual proposed law, it currently applies if there are "a significant number of UK users", but doesn't specify what counts as significant, and it leaves some of the other thresholds up to OFCOM, so based on that I don't think we can judge yet whether the forum is supposed to be covered. Even if it were though, OFCOM don't have the power to enforce things against LMG, because LMG aren't in the UK (edit: I see they would get the power to block websites - I seriously doubt it would come to that in anything but the most egregious cases).

 

Obviously this would need more attention prior to the law coming into effect though.

[Zodiark1593]

3 hours ago, LinusTech said:

We literally don't even have any actual paid staff who work on the forum other than basic software maintenance at this point.

 

If LTT forum gets cut off in the UK, it gets cut off, I guess. We'd have to figure out compliance at some point in the future and appeal it then.

Probably an updated VPN video would be in the works by that point.

[williamcll]

Gonna be funny when more sites are going to be blocked in the UK than here.

[GhostRoadieBL]

So excited for this! Really hoping Canada follows suit and does the same. It's long overdue for seemingly obvious and what should be simple protections to be put in place on social media.

[Rauten]

8 hours ago, williamcll said:

Gonna be funny when more sites are going to be blocked in the UK than here.

The great Chinese firewall? Bollocks, mate, get on our level - The e-Cliffs of Dover!!

[Doobeedoo]

So basically block all social media, porn and news sites? Cool.

[Spotty]

1 hour ago, Doobeedoo said:

So basically block all social media, porn and news sites? Cool.

From what I noticed when I glanced at over the proposal, news publishers are exempt from these proposed regulations.

https://researchbriefings.files.parliament.uk/documents/CBP-8743/CBP-8743.pdf

Quote

Journalistic content
In response to concerns about media freedom, content published on a newspaper or broadcaster’s website would not be in scope. User comments on that content would also be exempted. For journalistic content shared on in-scope services, the Government said there would be “robust protections” for media freedom in the legislation.

 

 

The draft bill goes in to more detail on what are considered news publishers. Section 40 "Meaning of recognised news publisher"

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/985033/Draft_Online_Safety_Bill_Bookmarked.pdf

Quote

40 Meaning of “recognised news publisher”

(1) In this Part, “recognised news publisher” means any of the following entities—
(a) the British Broadcasting Corporation,
(b) Sianel Pedwar Cymru,
(c) the holder of a licence under the Broadcasting Act 1990 or 1996 who publishes news-related material in connection with the broadcasting activities authorised under the licence, and
(d) any other entity which—
(i) meets all of the conditions in subsection (2), and
(ii) is not an excluded entity (see subsection (3)).

 

(2) The conditions referred to in subsection (1)(d)(i) are that the entity—
(a) has as its principal purpose the publication of news-related material, and such material—
(i) is created by different persons, and
(ii) is subject to editorial control,
(b) publishes such material in the course of a business (whether or not carried on with a view to profit),
(c) is subject to a standards code,

(d) has policies and procedures for handling and resolving complaints,
(e) has a registered office or other business address in the United Kingdom,
(f) is the person with legal responsibility for material published by it in the United Kingdom, and
(g) publishes—
(i) the entity’s name, the address mentioned in paragraph (e) and the entity’s registered number (if any), and
(ii) the name and address of any person who controls the entity (including, where such a person is an entity, the address of that person’s registered or principal office and that person’s registered number (if any)).


-snip-

[Master Disaster]

17 hours ago, colonel_mortis said:

From my extremely cursory reading of the actual proposed law, it currently applies if there are "a significant number of UK users", but doesn't specify what counts as significant, and it leaves some of the other thresholds up to OFCOM, so based on that I don't think we can judge yet whether the forum is supposed to be covered. Even if it were though, OFCOM don't have the power to enforce things against LMG, because LMG aren't in the UK (edit: I see they would get the power to block websites - I seriously doubt it would come to that in anything but the most egregious cases).

 

Obviously this would need more attention prior to the law coming into effect though.

I know its not your area but is it worth raising this with Luke and the Floatplane team? Floatplane is likely more of a concern for LMG than these freely provided forums

[sof006]

Not sure how they are going to enforce this, are they going to police every single website on the internet? 

[poochyena]

22 hours ago, Master Disaster said:

soliciting sex from people online = bad

what? why?

22 hours ago, Master Disaster said:

Requiring pornography websites to verify their users' ages

Does this mean the people doing the porn or the ones watching? If the ones doing it, thats very reasonable. If the ones watching, then no, thats not reasonable. Considering how loosely what is and isn't considered porn, especially with the common sexist double standard where a man can wear nothing but a loincloth the size of a sticky note and not be considered pornographic, but a woman wearing anything but a full burka is considering pornographic. If it were to be changed to "depictions of sex", then sure, maybe. But "porn" is waaaaay to vague to be restricted in an honest way. Either way, there is nothing wrong with a minor seeing porn. Kids' brains aren't going to explode from seeing a boob or penis or something.

 

22 hours ago, Master Disaster said:

Criminalising the sending of unsolicited sexual images to people using social media, known as cyber-flashing

Does this mean sending weird porn to people who send me unsolicited spam emails wouldn't be allowed? I mean, they sent me an unsolicited email first.

[Kisai]

On 3/18/2022 at 10:12 AM, poochyena said:

 

Does this mean the people doing the porn or the ones watching? If the ones doing it, thats very reasonable. If the ones watching, then no, thats not reasonable.

I'm not sure people realize this, but "verification" = "doxxing"

 

If I require people who register on my adult website to have to show me their drivers license with their DOB on it to access the site, that is easily a problem unless the people who are doing that verification are familiar with all forms of passports and drivers licenses, and nobody has any way of verifying those ID's are real.

 

Like I remember working at a retail store and asking someone for ID for repairing their computer, and they handed me something in a foreign language and I just looked at their face, then the ID and went "ok". What was I supposed to do, call the consulate to verify it?

 

When you operate an adult site, the billing processor is the one doing that verification. You, the site operator, take it at their word that the customers are adults. You don't store that information. Adult sites store no PII on the site itself because of that risk of doxxing. If the performers (on live videos) doxx themselves, that's on them.

 

At any rate, I don't see how this changes the status quo, other than maybe giving them an excuse to block piracy sites (Eg pirated adult videos.)

 

[poochyena]

21 minutes ago, Kisai said:

I'm not sure people realize this, but "verification" = "doxxing"

doxxing has lost all meaning to me.

25 minutes ago, Kisai said:

If I require people who register on my adult website to have to show me their drivers license with their DOB on it to access the site, that is easily a problem unless the people who are doing that verification are familiar with all forms of passports and drivers licenses, and nobody has any way of verifying those ID's are real.

That doesn't matter. They did their due diligence, so if someone presents a fake ID, then the blame shifts entirely on the person who uploaded the video, rather than the host. Anyways, just a quick google search shows that IDs can be quickly verified https://www.idanalyzer.com/  https://apps.shopify.com/real-id

Though, just the fact you have a credit card kinda proves you are 18+, so even that would possibly be enough verification.

[Kisai]

25 minutes ago, poochyena said:

doxxing has lost all meaning to me.

I'll simplify the explanation this way. If you call into customer service of your wireless carrier, bank or some other service you need credit to have. They have your information on file. If you piss off the customer service rep enough, do remember that they know where you live. Be nice. It would not surprise me if doxxing-swatting events are involve bad actors working at outsourced customer support centers. 

 

Why would you trust an Adult site at all?

 

25 minutes ago, poochyena said:

That doesn't matter. They did their due diligence, so if someone presents a fake ID, then the blame shifts entirely on the person who uploaded the video, rather than the host. Anyways, just a quick google search shows that IDs can be quickly verified https://www.idanalyzer.com/  https://apps.shopify.com/real-id

Though, just the fact you have a credit card kinda proves you are 18+, so even that would possibly be enough verification.

Doesn't matter, the billing service will cut your service off if they discover -any- illegal content on the site. That can be anything from the performers faking their ID, to the customers using prepaid gift cards, but are really minors. If my adult site has to resort to bitcoin, because the payment gateway has been shutdown, how am I supposed to verify anything?

 

The political monkeys don't know the first thing about how hard it is to operate adult services, and it may very be by design to provide a pretext to shut them down or block them. Legit or not. 

 

Legit sites, vet the creators, tell them exactly what is allowed, and do not allow them to put content up that violates it. Live streaming sites have an extra problem where the streamer may screw up in real time and violate something, or do something illegal. To make matters worse, many live streaming sites, adult or not, are intentionally vague about what will get the streamer kicked off the site so they can make arbitrary judgement calls if the streamer has bent the rules too much that the merchant gateway decides to threaten the site.

 

That's what happens with Patreon and Kickstarter. Adult content has to be hidden, and certain payment options are restricted already precisely because the merchant gateway will cut service to the entire site if the rules are not followed.