Websites To Be Fined Over 'online harms' Under New UK Law

Internet sites could be fined or blocked if they fail to tackle "online harms" such as terrorist propaganda and child abuse, under British government plans. The Department for Digital, Culture, Media and Sport (DCMS) has proposed an independent watchdog that will write a "code of practice" for tech companies.
 
Senior managers could be held liable for breaches, with a possible levy on the industry to fund the regulator. But critics say the plans threaten freedom of speech. 
 
The Online Harms White Paper is a joint proposal from the DCMS and the Home Office. A public consultation on the plans will run for 12 weeks.
 
The paper suggests:
  • establishing an independent regulator that can write a "code of practice" for social networks and internet companies
  •  giving the regulator enforcement powers including the ability to fine companies that break the rules
  • considering additional enforcement powers such as the ability to fine company executives and force internet service providers to block sites that break the rules
Outlining the proposals, Digital, Culture, Media and Sport Secretary Jeremy Wright said: "The era of self-regulation for online companies is over.
 
"Voluntary actions from industry to tackle online harms have not been applied consistently or gone far enough."
Discussing financial penalties on BBC Breakfast, he said: "If you look at the fines available to the Information Commissioner around the GDPR rules, that could be up to 4% of company's turnover... we think we should be looking at something comparable here."
 
What are 'online harms'?
The plans cover a range of issues that are clearly defined in law such as spreading terrorist content, child sex abuse, so-called revenge pornography, hate crimes, harassment and the sale of illegal goods. But it also covers harmful behaviour that has a less clear legal definition such as cyber-bullying, trolling and the spread of fake news and disinformation.
 
It says social networks must tackle material that advocates self-harm and suicide, which became a prominent issue after 14-year-old Molly Russell took her own life in 2017. After she died her family found distressing material about depression and suicide on her Instagram account. Molly's father holds the social media giant partly responsible for her death.
 
Home Secretary Sajid Javid said tech giants and social media companies had a moral duty "to protect the young people they profit from". 
"Despite our repeated calls to action, harmful and illegal content - including child abuse and terrorism - is still too readily available online.
 
What do the Proposals say?
The plans call for an independent regulator to hold internet companies to account. 
It would be funded by the tech industry. The government has not decided whether a new body will be established, or an existing one handed new powers.
 
The regulator will define a "code of best practice" that social networks and internet companies must adhere to.
 
As well as Facebook, Twitter and Google, the rules would apply to messaging services such as Snapchat and cloud storage services.
 
The regulator will have the power to fine companies and publish notices naming and shaming those that break the rules.
The government says it is also considering fines for individual company executives and making search engines remove links to offending websites. Ministers "envisage" that fines and warning notices to companies will be included in an eventual bill. 
They are also consulting over blocking harmful websites or stopping them from being listed by search engines.
On the face of it, this is a tough new regime - and ministers have acted upon the demands of charities like the NSPCC which want what they regard as the "Wild West Web" to be tamed. 
 
But a closer look reveals all sorts of issues yet to be settled. 
Will a whole new organisation be given the huge job of regulating the internet? Or will the job be handed to the media regulator Ofcom? What sort of sanctions will be available to the regulator? And will they apply equally to giant social networks and to small organisations such as parents' message boards?
 
Most tricky of all is how the regulator is going to rule on material that is not illegal but may still be considered harmful. Take this example - Misinformation is listed as a potential harm.
 
So will the regulator tell companies that their duty of care means they must remove such material? The government now plans to consult on its proposals. It may yet find that its twin aims of making the UK both the safest place in the world online and the best to start a digital business are mutually incompatible.The white paper offers some suggestions that could be included in the code of best practice. It suggests the spread of fake news could be tackled by forcing social networks to employ fact-checkers and promote legitimate news sources.
 
But the regulator will be allowed to define the code by itself. The white paper also says social media companies should produce annual reports revealing how much harmful content has been found on their platforms. The children's charity NSPCC has been urging new regulation since 2017 and has repeatedly called for a legal duty of care to be placed on social networks.
A spokeswoman said: "Time's up for the social networks. They've failed to police themselves and our children have paid the price."
 
How have the Social Networks reacted?
Rebecca Stimson, Facebook's head of UK policy, said in a statement: "New regulations are needed so that we have a standardised approach across platforms and private companies aren't making so many important decisions alone. 
"New rules for the internet should protect society from harm while also supporting innovation, the digital economy and freedom of speech."
 
Twitter's head of UK public policy Katy Minshall said in a statement: "We look forward to engaging in the next steps of the process, and working to strike an appropriate balance between keeping users safe and preserving the open, free nature of the Internet."
 
TechUK, an umbrella group representing the UK's technology industry, said the government must be "clear about how trade-offs are balanced between harm prevention and fundamental rights".
 
Matthew Lesh, head of research at free market think tank the Adam Smith Institute, went further. He said: "The government should be ashamed of themselves for leading the western world in internet censorship. 
 
"The proposals are a historic attack on freedom of speech and the free press. "At a time when Britain is criticising violations of freedom of expression in states like Iran, China and Russia, we should not be undermining our freedom at home."
 
Freedom of speech campaigners Article 19 warned that the government "must not create an environment that encourages the censorship of legitimate expression". 
 
A spokesman said it opposed any duty of care being imposed on internet platforms.
They said that would "inevitably require them to proactively monitor their networks and take a restrictive approach to content removal".  "Such actions could violate individuals' rights to freedom of expression and privacy," they added.
 
BBC
 
You Might Also Read:
 
Regulation Might Actually Protect Facebook:
 
British Government Is Planning Internet Regulation:
 
 
 
« Critical Infrastructure Is Under Worldwide Attack
The Maritime Shipping Industry Should Be On Red Alert »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Help Net Security

Help Net Security

Help Net Security has been a prime resource for information security news and insight since 1998.

ServiceNow

ServiceNow

ServiceNow is the enterprise IT cloud company. We transform IT by automating and managing IT service relationships across the global enterprise.

Fieldfisher

Fieldfisher

Fieldfisher's Technology, Outsourcing & Privacy Group has class-leading expertise in privacy, data & cybersecurity, digital media, big data, the cloud, mobile payments and mobile apps.

International Security Management Association (ISMA)

International Security Management Association (ISMA)

ISMA is an international security association of senior security executives from major business organizations located worldwide.

NextLabs

NextLabs

NextLabs provides data-centric security software to protect business-critical data and applications.

CyberSift

CyberSift

CyberSift is a cyber security provider. We develop threat detection software which needs no infrastructure changes as it integrates with almost any security tool.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Six Degrees Group

Six Degrees Group

Six Degrees is a specialist managed IT services organisation offering a range of solutions including Managed Security Services.

Cybeats Technologies

Cybeats Technologies

Cybeats delivers an integrated security platform designed to secure and protect high-valued connected devices.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

Elron Electronic Industries

Elron Electronic Industries

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are Medical Devices and Cyber.

Otlo

Otlo

Otlo delivers affordable, trustworthy solutions that identify cyber threats, improve and protect your digital security, helping you take control with our sector-specific expertise.

Fairfirst Insurance

Fairfirst Insurance

Fairfirst Cyber Insurance protects your business assets against the complexity of cyber threats.

INFRA Security & Vulnerability Scanner

INFRA Security & Vulnerability Scanner

INFRA is a powerful platform with an easy interface for any kind of Ethical Hacking, from corporate monitoring and VAPT (vulnerability assessments and penetration testing) to military intelligence.

Phakamo Tech

Phakamo Tech

Phakamo Tech offers a full set of governance, risk, compliance, cybersecurity and Microsoft Cloud services that include consulting, planning, implementation and cyber incident response.

Computacenter

Computacenter

Computacenter is a leading independent technology partner, trusted by large corporate and public sector organisations. We help our customers to source, transform and manage their IT infrastructure.