Liz Truss, the new Prime Minister, announced that the Online Safety Bill will return to the House of Commons in the near future but will include ‘tweaks’.  The outcome of the Molly Russell enquiry and resultant calls for action from across society, from Molly’s family to the Prince of Wales, will only increase pressure on the government to act.

Welcoming its return, Cyacomb’s CEO Ian Stevenson said: “There’s been much speculation about this crucial piece of legislation and we welcome the news that it will return to the House for further discussion. Parts of the bill have proved divisive, and some feared that it was in danger of being kicked into the long grass as an “unresolvable” problem, which cannot be allowed to happen.

“The debate must be had. If it means there are changes or “tweaks” to the bill, especially around the concept of “legal and harmful”, then let’s get stuck into doing that work because we need to get this right and we need to move this forward.” 

The Online Safety Bill was established as a new regulatory framework to tackle harmful content online, however following the leadership contest this summer there remains uncertainty around the scope of the bill and when it will become law and start protecting people from harm online.

"We need to get this right and we need to move this forward.” - Ian Stevenson

Enabling Investment

Speaking at the Westminster ePolicy Forum this week Ian  noted that while there was currently great investment in debate, the lack of clarity around the bill means that tech firms, platforms and safety tech providers can’t begin to make the significant investments needed to deliver capabilities that will make the ambitions of the bill reality.

Ian said “IF we want capabilities – systems, process and technology – to be ready when the legislation is, we need to see that investment starting immediately, and that requires clarity as early as possible on what shape the bill will finally take.”

 Legislative conflicts

As privacy rights are already legislated for, the Cyacomb founder also highlighted potential regulatory conflicts that may arise closer to the implementation of The Online Safety Bill: “GDPR, the ePrivacy directive in the EU and the Privacy and Electronic Communications Regulations (PECR) in the UK place very specific requirements on platforms relating to how they can access and use personal data. 

“Some of these are potentially in conflict with the objectives of the Online Safety Bill. In the EU the ePrivacy directive had unintended consequences for platform’s work to combat to CSAM.

“These were noticed and a derogation was issued and a long term solution is being sought.

“PECR seems to have some similar problems in the UK, with no carve out for apps using data for online safety purposes, even blocking illegal content. The Online Safety Bill as it currently stands uses language like "best endeavours" which does not meet the standard of being an explicit legal requirement that would activate existing exemptions from PECR.

“It’s vital that we, as an online safety community, highlight these issues and push lawmakers and regulators including Ofcom, ICO, and the Digital Regulation Co-operation Forum, to help ensure conflicts are not a barrier to progress.”

We can be almost certain that if there can be obstacles within a jurisdiction, there will also be obstacles between differing regulatory regimes internationally. UK regulation cannot succeed if platform companies located elsewhere are blocked from compliance by local rules.

End to end encryption

When it comes to messaging, the debate has focused on the apparent dichotomy between privacy and safety on end to end encrypted platforms.

While there will be no single solution to this challenge across all harm types, we hope that lawmakers and regulators will recognise the areas where there are effective solutions to key online safety problems which are capable of preserving user privacy.

“Cyacomb has demonstrated technology, integrated into E2EE without touching core encryption or key management, that can detect and block known CSAM without compromising user privacy. With Cyacomb Safety’s technology there is no way anyone outside the intended members of the conversation can identify, track or match user content, so privacy is completely protected - this is a privacy-by-design approach.  This is not a back-door for government, law enforcement, or anyone else.”

In summary 

As the government revisits the Online Safety Bill we urge them to work quickly to pass legislation that addresses some of the more obvious failings of the status quo, especially around content that is already illegal. 

We cannot afford to postpone this bill indefinitely while we seek perfect solutions to every possible harm. In particular there are 3 key areas that we believe need resolving as a priority:

1. Swift clarity that will enable investment by tech firms in delivery
2. A focus on compatibility with other regulation nationally and internationally
3. An examination of new possibilities to prevent illegal content in End to End Encrypted messaging arising from new technology

We believe now is a critically important time for the UK with regards to online safety, we are heartened by the fact the new PM thinks so too and the Online Safety Bill is coming back to the Commons soon.