Websites To Be Fined Over 'online harms' Under New UK Law

Internet sites could be fined or blocked if they fail to tackle "online harms" such as terrorist propaganda and child abuse, under British government plans. The Department for Digital, Culture, Media and Sport (DCMS) has proposed an independent watchdog that will write a "code of practice" for tech companies.
 
Senior managers could be held liable for breaches, with a possible levy on the industry to fund the regulator. But critics say the plans threaten freedom of speech. 
 
The Online Harms White Paper is a joint proposal from the DCMS and the Home Office. A public consultation on the plans will run for 12 weeks.
 
The paper suggests:
  • establishing an independent regulator that can write a "code of practice" for social networks and internet companies
  •  giving the regulator enforcement powers including the ability to fine companies that break the rules
  • considering additional enforcement powers such as the ability to fine company executives and force internet service providers to block sites that break the rules
Outlining the proposals, Digital, Culture, Media and Sport Secretary Jeremy Wright said: "The era of self-regulation for online companies is over.
 
"Voluntary actions from industry to tackle online harms have not been applied consistently or gone far enough."
Discussing financial penalties on BBC Breakfast, he said: "If you look at the fines available to the Information Commissioner around the GDPR rules, that could be up to 4% of company's turnover... we think we should be looking at something comparable here."
 
What are 'online harms'?
The plans cover a range of issues that are clearly defined in law such as spreading terrorist content, child sex abuse, so-called revenge pornography, hate crimes, harassment and the sale of illegal goods. But it also covers harmful behaviour that has a less clear legal definition such as cyber-bullying, trolling and the spread of fake news and disinformation.
 
It says social networks must tackle material that advocates self-harm and suicide, which became a prominent issue after 14-year-old Molly Russell took her own life in 2017. After she died her family found distressing material about depression and suicide on her Instagram account. Molly's father holds the social media giant partly responsible for her death.
 
Home Secretary Sajid Javid said tech giants and social media companies had a moral duty "to protect the young people they profit from". 
"Despite our repeated calls to action, harmful and illegal content - including child abuse and terrorism - is still too readily available online.
 
What do the Proposals say?
The plans call for an independent regulator to hold internet companies to account. 
It would be funded by the tech industry. The government has not decided whether a new body will be established, or an existing one handed new powers.
 
The regulator will define a "code of best practice" that social networks and internet companies must adhere to.
 
As well as Facebook, Twitter and Google, the rules would apply to messaging services such as Snapchat and cloud storage services.
 
The regulator will have the power to fine companies and publish notices naming and shaming those that break the rules.
The government says it is also considering fines for individual company executives and making search engines remove links to offending websites. Ministers "envisage" that fines and warning notices to companies will be included in an eventual bill. 
They are also consulting over blocking harmful websites or stopping them from being listed by search engines.
On the face of it, this is a tough new regime - and ministers have acted upon the demands of charities like the NSPCC which want what they regard as the "Wild West Web" to be tamed. 
 
But a closer look reveals all sorts of issues yet to be settled. 
Will a whole new organisation be given the huge job of regulating the internet? Or will the job be handed to the media regulator Ofcom? What sort of sanctions will be available to the regulator? And will they apply equally to giant social networks and to small organisations such as parents' message boards?
 
Most tricky of all is how the regulator is going to rule on material that is not illegal but may still be considered harmful. Take this example - Misinformation is listed as a potential harm.
 
So will the regulator tell companies that their duty of care means they must remove such material? The government now plans to consult on its proposals. It may yet find that its twin aims of making the UK both the safest place in the world online and the best to start a digital business are mutually incompatible.The white paper offers some suggestions that could be included in the code of best practice. It suggests the spread of fake news could be tackled by forcing social networks to employ fact-checkers and promote legitimate news sources.
 
But the regulator will be allowed to define the code by itself. The white paper also says social media companies should produce annual reports revealing how much harmful content has been found on their platforms. The children's charity NSPCC has been urging new regulation since 2017 and has repeatedly called for a legal duty of care to be placed on social networks.
A spokeswoman said: "Time's up for the social networks. They've failed to police themselves and our children have paid the price."
 
How have the Social Networks reacted?
Rebecca Stimson, Facebook's head of UK policy, said in a statement: "New regulations are needed so that we have a standardised approach across platforms and private companies aren't making so many important decisions alone. 
"New rules for the internet should protect society from harm while also supporting innovation, the digital economy and freedom of speech."
 
Twitter's head of UK public policy Katy Minshall said in a statement: "We look forward to engaging in the next steps of the process, and working to strike an appropriate balance between keeping users safe and preserving the open, free nature of the Internet."
 
TechUK, an umbrella group representing the UK's technology industry, said the government must be "clear about how trade-offs are balanced between harm prevention and fundamental rights".
 
Matthew Lesh, head of research at free market think tank the Adam Smith Institute, went further. He said: "The government should be ashamed of themselves for leading the western world in internet censorship. 
 
"The proposals are a historic attack on freedom of speech and the free press. "At a time when Britain is criticising violations of freedom of expression in states like Iran, China and Russia, we should not be undermining our freedom at home."
 
Freedom of speech campaigners Article 19 warned that the government "must not create an environment that encourages the censorship of legitimate expression". 
 
A spokesman said it opposed any duty of care being imposed on internet platforms.
They said that would "inevitably require them to proactively monitor their networks and take a restrictive approach to content removal".  "Such actions could violate individuals' rights to freedom of expression and privacy," they added.
 
BBC
 
You Might Also Read:
 
Regulation Might Actually Protect Facebook:
 
British Government Is Planning Internet Regulation:
 
 
 
« Critical Infrastructure Is Under Worldwide Attack
The Maritime Shipping Industry Should Be On Red Alert »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

LexisNexis Risk Solutions

LexisNexis Risk Solutions

LexisNexis Risk Solutions provides technology solutions for Anti-Money Laundering, Fraud Mitigation, Anti-Bribery and Corruption, Identity Management, Tracing and Investigation.

Napatech

Napatech

Napatech develops and manufactures high speed network accelerators specifically designed for real-time network monitoring and analysis applications.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

EYE Security

EYE Security

EYE provides enterprise-grade cyber security services and cyber insurance to SMEs in Europe, Cyber Incident Response and strategic advice in board rooms.

BT Security

BT Security

BT provides telecommunications and network infrastructure services to keep businesses around the world connected and secure.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.