Online safety – 2022 begins with regulatory developments in both the UK and the EU
Last week saw developments within both the UK and the EU in their respective attempts to ensure online businesses do more to address illegal and harmful online content.
UK Online Safety Bill
In the UK, parliament’s Digital, Culture, Media and Sport Committee released a report with recommendations to the government on how to improve the draft Online Safety Bill (see our previous article discussing the bill here.)
Key points from the report included a finding that it didn’t go far enough to tackle various types of illegal and harmful content on user-to-user and search services. A key weakness was that the definition of ‘harm’ (and, as such, content that could be dealt with under the bill) was vague. This could result in a situation where lawful content was subject to “excessive takedowns” by overly cautious online businesses, whilst other more “insidious” content, such as images of abuse, was allowed through.
The bill is in draft form and the government, whilst taking an initially defensive approach to the report’s conclusions, is expected to issue a revised bill in the coming months.
EU Digital Services Act
In the EU, the draft Digital Services Act (“DSA”) took a further step towards entering into force with the European Parliament adopting its position for trilogue negotiations with the Council and Commission.
For a UK audience less familiar with the EU’s proposals in this space, the DSA is part of the EU’s package of measures to prevent illegal and harmful online content by regulating the activities of intermediary services, namely, online businesses providing services in the EU (such as internet service providers, cloud services, messaging, marketplaces, or social networks). The DSA is intended to complement rather than replace the existing E-Commerce Directive’s broader rules (which are also already part of UK law).
Two issues of note from the parliament’s draft were that (if implemented in accordance with that draft):
- There would be a ban on the use of sensitive data (such as data relating to sexual orientation, race or ethnic origin) in targeted advertising.
These proposals may pose a particular concern for the adtech sector, already facing a shakeup in the wake of Google’s proposed Privacy Sandbox initiative and Apple’s new anti-tracking features.
How may this affect businesses in the UK?
Whilst the DSA does have extra-territorial reach, meaning that online intermediary services offering services into the EU would be subject to its requirements, post-Brexit, the DSA will not apply directly in the UK. Given the existence of the draft Online Safety Bill, it is perhaps unlikely that the UK government would wholesale adopt the DSA (in fact, it stated as much in guidance published on the E-Commerce Directive after the Brexit transition period) – notwithstanding concerns around maintaining adequacy or facilitating Anglo-EU trade. However, as the UK’s own proposals remain in draft form, UK legislators will likely be keeping an eye on developments in Brussels. In the unlikely event that the UK did adopt the DSA, there would be no requirement to repeal or make significant changes to existing UK legislation. Whilst the UK implemented the E-Commerce Directive through the E-Commerce Regulations, as mentioned above, the E-Commerce Directive’s provisions are largely unaffected by the new regime.
For completeness, the Online Safety bill is a piece of UK legislation and its effects will apply in the UK directly.
Whilst there will clearly be further changes before either piece of legislation enters into force, these developments show how seriously online safety will be taken in 2022 and going forwards. We will be closely monitoring developments.