Balancing Act: Navigating Privacy Challenges Under UK’s Online Safety Act 2023

Corina Demeter, Joanne Elieli, Carol Holley, Carolina Ljungwaldh, James Maton, Morgan McCormack, Daniel Millard, Guadalupe Sampedro, Edward Turtle
Cooley LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Cooley LLP

The UK’s Online Safety Act (OSA) 2023, which became law on 26 October 2023, imposes extensive new obligations on certain types of online service providers, requiring them to protect their users by identifying, mitigating, and managing risks relating to illegal and harmful content. Due to its extraterritorial reach, the OSA is expected to regulate approximately 100,000 organisations worldwide.

However, the full implementation of the OSA will not be immediate. Ofcom, the UK’s communications regulator, has set out a phased implementation plan that is expected to span about three years, allowing in-scope providers time to adjust to and comply with their new obligations. Ofcom’s first consultation with affected services, regarding ‘illegal harms’, has already opened and will close on 23 February 2024. Its second consultation, on child safety, is due to open before the end of 2023.

Certain provisions in the OSA have given rise to privacy concerns. In particular, Section 121 empowers Ofcom to mandate services to use ‘accredited technology’ to identify, remove or prevent users from encountering certain types of content, including terrorism and child sexual exploitation and abuse (CSEA) material. Ofcom also may require services to use their ‘best endeavours’ to develop or source new technology to achieve this. Certain services, such as end-to-end encrypted messaging applications, may find this difficult to comply with because any scanning of private messages required by Ofcom could conflict with the principles of user privacy inherent in such services. However, it remains to be seen how Ofcom will interpret and apply this part of the legislation, given the delicate balance between ensuring online safety and preserving user privacy.

In our November 2023 Cooley client alert, we tackled the OSA in more depth, including the following topics:

  1. The types of services that are subject to the OSA.
  2. The law’s impact on in-scope services, including obligations and duties of care.
  3. Key practical implications for in-scope services.
  4. Enforcement by Ofcom, including fines and service restriction orders.
  5. Compliance tips.
Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Cooley LLP | Attorney Advertising

Written by:

Cooley LLP
Cooley LLP
Contact
more
less

Cooley LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide