What is the Online Safety Bill?
Every sixty minutes £28,000 is lost to fraud – this is more than the average UK salary. In an effort to tackle fraud, illegal content, and online safety, the UK government is introducing a new piece of legislation redefining online platforms’ duty of care towards their users.
This act aims to regulate the online space from media that is considered unsafe or age-sensitive, such as social media content, fraudulent advertising, and the sale of sensitive or age-restricted products. Any platform failing to uphold its duty of care could receive fines of up to £18 million or 10% of its annual turnover. The bill is currently in its second stage in the House of Commons and is likely to see revision before becoming legislation.
Below are the 5 most significant inbound changes.
Impacted platforms that have a duty of care must ensure the removal of illegal material online, such as terrorism and child sexual exploitation and abuse. Platforms likely to be accessed by children will need to remove content that depicts sensitive topics, including self-harm or eating disorders.
Providers who publish or host pornographic content on their services will be required to prevent children from accessing that content. This means that age verification checks will become mandatory to prevent children from freely accessing sites. The ‘are you 18+? Yes or no’ boxes will no longer suffice.
Businesses must provide adult users with greater levels of autonomy over their safety, by controlling who they interact with, what content they can see, as well as verifying their identity. This can be used in several ways, for example: an identity verification feature that gives users the ability to only interact with other verified members. The onus will be on the platforms to decide which methods to use to fulfil this identity verification duty, but they must give users the option to opt-in or out.
Platforms must stop fraudulent adverts being published or hosted on their service. This bid to reduce fraud might find some success, however, fraudsters find victims in many more ways than adverts alone.
Platforms must provide a method of appeal for users who feel their content has been unfairly restricted or taken down. News content will be completely exempt from any regulation under the Bill.
The government states ‘Freedom of expression will be protected because these laws are not about imposing excessive regulation or state removal of content but ensuring that companies have the systems and processes in place to ensure users’ safety.’
The Next Steps
You might be thinking ‘so what does this mean for my business?’ It should be noted that only sites which host user-generated content such as images, videos, and comments, or which allow UK users to talk with other people online through messaging, comments, and forums are impacted. If this applies to you, these next steps may be vital.
Conduct a risk assessment on any key issues relevant to your business
Remove any content from your site which may be considered illegal
Put in place a system to swiftly identify and remove future illegal content
Outline in Terms of Service how you are thoroughly and fairly protecting users from illegal content
Put in place a system for reporting and reinstating potentially unjustified content removal
If applicable, put in place a robust identity verification system with an ability for users to moderate interactions
If applicable, put in place a robust age verification system
Document all information relevant to these new systems
The Mobile Solution
There are intelligent solutions to identify and validate details about your users which do not produce substantial amounts of customer friction – one of the most effective being MNO (Mobile Network Operator) data. During onboarding, users are quick to hand over phone numbers, yet the information surrounding the mobile is rarely utilised properly.
MNO data can be matched with information provided by a user to verify age, address, name, device, SIM-card, and so on. It can even be used to check for indicators of fraud such as whether call forwarding or porting is active, or whether a SIM-swap attack has occurred.
When deciding how to validate users, companies such as Phronesis can harness the MNO data using an easily integrated API (Application Programme Interface) to provide your business with GDPR (General Data Protection Regulation) compliant and frictionless identity validation. They can also validate whether your user is 18+ or not using just a phone number – making your customers happy, and your website legally compliant.
If you have any questions about using mobile data when verifying identity, or more specifically, age, please arrange a call, or reach out to a member of the team.