Connect with us

Hi, what are you looking for?



UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies

British lawmakers approved an ambitious but controversial new internet safety law with wide-ranging powers to crack down on digital and social media companies.

UK Online Safety Bill

British lawmakers have approved an ambitious but controversial new internet safety law with wide-ranging powers to crack down on digital and social media companies like TikTok, Google, and Facebook and Instagram parent Meta.

The government says the online safety bill passed this week will make Britain the safest place in the world to be online. But digital rights groups say it threatens online privacy and freedom of speech.

The new law is the U.K.’s contribution to efforts in Europe and elsewhere to clamp down on the freewheeling tech industry dominated by U.S. companies. The European Union has its Digital Services Act, which took effect last month with similar provisions aimed at cleaning up social media for users in the 27-nation bloc.

Here’s a closer look at Britain’s law:

What is the Online Safety Law?

The sprawling piece of legislation has been in the works since 2021.

The new law requires social media platforms to take down illegal content, including child sexual abuse, hate speech and terrorism, revenge porn and posts promoting self-harm. They also will have to stop such content from appearing in the first place and give users more controls, including blocking anonymous trolls.

The government says the law takes a “zero tolerance” approach to protecting kids by making platforms legally responsible for their online safety. Platforms will be required to stop children from accessing content that, while not illegal, could be harmful or not age-appropriate, including porn, bullying or, for example, glorifying eating disorders or providing instructions for suicide.

Advertisement. Scroll to continue reading.

Social media platforms will be legally required to verify that users are old enough, typically 13, and porn websites will have to make sure users are 18.

The bill criminalizes some online activity, such as cyberflashing, which is sending someone unwanted explicit images.

What if Big Tech Doesn’t Comply?

The law applies to any internet company, no matter where it’s based as long as a U.K. user can access its services. Companies that don’t fall in line face fines of up to 18 million pounds ($22 million) or 10% of annual global sales, whichever is greater.

Senior managers at tech companies also face criminal prosecution and prison time if they fail to answer information requests from U.K. regulators. They’ll also be held criminally liable if their company fails to comply with regulators’ notices about child sex abuse and exploitation.

Ofcom, the U.K. communications regulator, will enforce the law. It will focus first on illegal content as the government takes a “phased approach” to bring it into force.

Beyond that, it’s unclear how the law will be enforced because details haven’t been provided.

What do Critics Say?

The U.K.-based Open Rights Group and the Electronic Frontier Foundation in the U.S. said that if tech companies have to ensure content is not harmful for children, they could end up being forced to choose between sanitizing their platforms or making users verify their ages by uploading official ID or using privacy-intrusive face scans to estimate how old they are.

The law also sets up a clash between the British government and tech companies over encryption technology. It gives regulators the power to require encrypted messaging services to install “accredited technology” to scan encrypted messages for terrorist or child sex abuse content.

Experts say that would provide a backdoor for private communications that ends up making everyone less safe.

Meta said last month that it plans to start adding end-to-end encryption to all Messenger chats by default by the end of year. But the U.K. government called on the company not to do so without measures to protect children from sex abuse and exploitation.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Private equity giant plans to buy Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit for $2.5 billion.


US National Cybersecurity Strategy pushes regulation, aggressive 'hack-back' operations.


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...