On 6 July 2022, Ofcom published their roadmap to regulating under the Online Safety Bill and an accompanying call for evidence. Here are our five key takeaways:

  1. Prioritising engagement with high-risk/ high impact services: Ofcom flag that they expect to prioritise engagement with high-risk or high-impact services early on and that they intend to issue formal information requests to some services “identified as facing particular risks” shortly after their powers come into force. This means that, by spring 2023, the biggest platforms need to be ready to tell Ofcom what they’re already doing to comply and what more they plan to do to get ready.

     
  2. Moving rapidly: Ofcom note that they plan to “move as rapidly as possible after the Bill is passed” and that they will “look for opportunities to bring forward implementation as the legislative timetable becomes clearer”. They will be restricted to a large extent by the speed at which the relevant secondary legislation is passed. However, as the roadmap notes, Ofcom have been preparing for their new role since February 2020 and significant investment has gone in to building up the team. We can expect that Ofcom will seek to ‘make their mark’ as early on as possible.

     
  3. Detailed timeline: Ofcom sets out a detailed timeline for implementation. Assuming that the Online Safety Act passes by early 2023, Ofcom expect their powers to come into force two months later, following which they will publish a series of consultations, starting with a consultation on guidance and Codes for illegal harms, children’s access assessments, transparency reporting and categorisation thresholds.

    Ofcom expect parliament to approve the first codes in spring 2024 and it looks like they expect full implementation by late 2024. This might sound like a long time away, but in that time in-scope services would be wise to actively engage in the consultation process and prepare for implementation.

     
  4. Call for evidence: In their call for evidence, which is open until 13 September 2022, Ofcom are inviting responses to help them “strengthen our understanding of the range of approaches and techniques platforms can employ to help them meet their proposed duties under the Online Safety Bill”. Reviewing the call for evidence form in detail may provide some clues as to the questions that in-scope platforms need to be ready to answer in spring 2023, e.g. “What are your governance, accountability and decision-making structures for user and platform safety?”.

     
  5. Ofcom's risk-focused proactive approach: Ofcom outline their approach to online safety regulation, which will be unsurprising for those of us who have been following Ofcom’s pronouncements so far. In short, they intend to take a risk-focused proactive approach to supervision, prioritising their engagement with high-risk or high-impact services allowing them to identify systemic issues early rather than simply reacting. Ofcom say that they expect platforms to be open and to engage constructively with them.

    Ofcom also give some insight into their expectations around platforms' governance for online safety, noting their desire to “build a strong culture and practice of risk management” and adding that their expectation is that discussions about user protection and safety and any trade-offs that need to be made with other objectives such as user engagement should be had “regularly by senior-decision makers, and owned at the most senior levels”.

We will be covering the Online Safety Bill in more detail in a practical Guide to the UK's Online Safety Bill - coming soon.