My understanding is that the OSB creates a responsibility for Ofcom to create a regulatory system for discouraging online harms.
Has Ofcom actually said what these regulations will be?
Is there any reason to expect them to be as dystopian as you predict? The interim codes of practice that the government published don't even apply at all to individuals. They also acknowledge that smaller companies should not be expected to be subject to the same level of regulation as large companies.
My experience with online activists' predictions of imminent dystopia is that they generally turn out to be extremely overblown. Hopefully that's true this time as well.
Is there any reason to expect them to be as dystopian as you predict?
Previous laws relating to policing and investigatory powers have been widely criticised by civil rights groups for their overreach and lack of effective oversight and safeguards. We now know that some of those laws have in fact been abused in ways the critics predicted.
Secondary legislation has been widely criticised when used as a vehicle for government ministers to make rules with statutory authority while bypassing the usual requirements for Parliamentary scrutiny and approval of new laws. Our Home Secretary is currently attempting to use secondary legislation to implement controversial immigration policies after essentially the same measures were already explicitly blocked by Parliament when they were put forward via primary legislation.
So yes - there are unfortunately plenty of precedents both for broad legal powers being abused and for secondary legislation being used to circumvent our normal democratic processes for scrutinising and approving controversial measures.
There also seems to be no good reason to assume that the regulator that would be given these new powers and responsibilities actually has the necessary resources or expertise to understand the issues and perform their new role properly.
None of this looks encouraging and for rules that could have a profound effect on (among other things) our personal safety and the democratic integrity of our country it seems fair to question whether passing a very broad law that delegates the implementation details to a regulator that may or may not be competent to regulate these areas is really a good idea.
> "Previous laws relating to policing and investigatory powers have been widely criticised by civil rights groups for their overreach and lack of effective oversight and safeguards. We now know that some of those laws have in fact been abused in ways the critics predicted."
Take RIPA for example. Local authorities have literally deployed drones for covert surveillance. They have invoked powers under the Act in trivial cases such as fly tipping, dog fouling and deciding which school catchment area a child fell within. In some cases they were subsequently criticised for it or even found to have acted unlawfully but that obviously doesn't mean that the intrusion didn't happen or that the victims of that intrusion weren't distressed and possibly harassed as a result prior to some formal legal action going their way often at a much later date.
There is absolutely no legitimate justification for local authorities dealing with those kinds of issues to have access to the kinds of lawful surveillance and intrusion powers that RIPA is primarily concerned with. Even if you accept that those powers are justified and necessary in cases such as imminent national security threats or investigating organised crime that still doesn't explain why so many organisations that are not the police, security services or perhaps HMRC need them.
The bill itself doesn't appear to exempt anyone. From Taylor Wessing:
"[following amendments] The OSB continues to apply to any service that enables content generated, uploaded or shared by one user to be encountered by another user (user-to-user services) or that allows users to search more than one website or database (search services)."
It actual exempts several categories (email servers etc).
My point is that there is no reason to think the regulations that eventually come into force for services which aren't exempted will be as ridiculous as you suggest.
I agree that the OSB gives Ofcom the power to regulate Minecraft servers, but those regulations must be reasonable and proportionate so I don't believe that it will affect a private individual running a private server, as you appeared to suggest.
By way of analogy, the government might make a law that allows, in secondary legislation, the setting of a driving speed limit.
These activists are claiming that the government is secretly intending the speed limit to be 1mph. The government are trying to ban driving!! The activists are demanding the enabling legislation be amended so that the speed limit, when set, must be no lower than Xmph.
But all this does is force all regulation to be done in primary legislation.
The debate about what the regulations should be is separate to there being a regulatory system at all.
It is right that the primary legislation just lays out in broad terms that the regulations must be "reasonable" and "proportionate" etc because it's only real purpose is to allow those regulations to be challenged in court in future.
Encryption in communication is, to me, akin to the locks on the doors of your residence, on safes or other secure containers. It protects your privacy from prying eyes who want to snoop on what others are doing.
The activists are claiming that the government wishes to require that all locks be unlockable by one of a range of secret "master" keys, so that they can ensure you're not privately doing anything illegal. Not only that, but the government also wishes to institute a compliance regimen to ensure that all locks are indeed actually openable by these master keys.
Given the historic behavior of all governments, I don't trust them not to claim the most powerful interpretation of the laws and regulations that are instituted. Maybe not at first, but it will happen, because it has always happened this way.
What the government actually wants is for service providers (as in, social media companies, not ISPs) to monitor everything happening on their service to make sure that no one is coming to any serious harm. How providers do that is up to them.
The government doesn't care about the technology; it's all about corporate processes, and they're going to regulate it one corporation at a time. If you're not important to be asked to appear before a House of Commons Committee, you're not going to come to Ofcom's attention.
Sure. You are either demanding the impossible - or effectively banning encryption use because there is no other way how to comply with what the law demands, despite it ostensibly not banning anything.
So that's rather disingenuous argument, IMO. The problem is that the governments not only don't care about technology, they don't understand it either. And tend to imagine and demand things that are about as realistic as a square circle - but it is a law, we don't care how you do it, it is your problem!
There's a subtle but crucial difference. Service providers are free to offer end-to-end encrypted chat, but have to take responsibility for anything that's transmitted through that service. This means that services like Signal and WhatsApp will have to leave the UK, but I'm free to run my own service for just myself, my friends and my family.
I would prefer the bill not to be enacted, but I can live with it.
Like unreasonably low speed limits, the purpose of legislation like this isn't to be enforceable against everyone. It's to be enforceable against anyone.
That's not my understanding of the legislation. I see no exemptions from the child access provisions. The criterion is "any site with a significant number of child users" or where additionally OFCOM decides to intervene, and where significant is not defined.
And of course you seem to have to perform an audit to determine how many child users you have in order to be exempted.
Again, this is my reading of the very complex bill. The article from Taylor Wessing seems to concur though.
If you operate an online service, you don't have any actual obligations under the Online Safety Bill until Ofcom taps you on the shoulder. Considering that Ofcom is also responsible for regulating ISPs, all broadcast media, the EM spectrum, the telephone network and the Royal Mail, I don't think they'll have the resources to go after anyone but the social media giants.
Unless there's a political advantage in enforcing the rules against opposing party news sources, online forums, critics, etc. Tell me with a straight face that Boris Johnson's government wouldn't have done this given the opportunity.
> to preserve and enhance freedom of speech online.
> to improve law enforcement’s ability to tackle illegal content online.
> to improve users’ ability to keep themselves safe online.
> to improve society’s understanding of the harm landscape.
I guess UK government has solved all the issues include salaries inflation and ever rising price of living so they can finally go "preserve and enhance" freedom of speech.
Has Ofcom actually said what these regulations will be?
Is there any reason to expect them to be as dystopian as you predict? The interim codes of practice that the government published don't even apply at all to individuals. They also acknowledge that smaller companies should not be expected to be subject to the same level of regulation as large companies.
My experience with online activists' predictions of imminent dystopia is that they generally turn out to be extremely overblown. Hopefully that's true this time as well.