I am not sure if the UK Online Safety Act will apply to this forum, but there is a risk that it might...
If you are not sure what I am talking about, have a read of this https://www.theregister.com/2025/01/14/online_safety_act/
CityCyclingEdinburgh Forum » Computers, GPS, 'Smart' 'Phones
UK Online Safety Act, threat to this forum?
(24 posts)-
Posted 2 months ago #
-
“
according to law, regulator Ofcom could impose a fine of £18 million ($22 million) or 10 percent of their global revenue – whichever is greater – for failing to comply
“
Not a problem then…
Though someone is already ‘targeting’ CCE!
“
"Every single service will have to go through all 17 categories of priority illegal content and consider ‘non priority’ illegal content too. This is the case even if you're a small cycling based forum that only allows text based comments. That's just the way that Parliament designed the act. Unfortunately, that's not Ofcom's choice to do it that way," Packer said.
“
Posted 2 months ago # -
My guess is that the
small cycling based forum that only allows text based comments
that is being referred to is LFGSS, where the person who runs it has already said that complying will be impossibly difficult for them and the forum will have to close. LFGSS may be small but it is way bigger than CCE!I'd not been aware of the bit about number of users before.
Posted 2 months ago # -
From the Register article that Kim linked to
Organizations with a smaller number of users will simply have to have the [risk assessment] document ready should Ofcom request it.
The person interviewed by the Register describes the risk assessment asquite a detailed and involved process
.
I guess the question is, are OFCOM going to come after small forums like this one? The LFGSS person is (IIRC) concerned about malicious reports to OFCOM.Posted 2 months ago # -
The draft bill is impossibly broad. Any forum worldwide in which UK users might take part would be in scope, with the risk diminished only by readership or existing controls. Overseas owned forums might opt to refuse UK members henceforth, that is if the owners are aware of the bill or its implications at all.
The Wikipedia entry for the bill notes that journalistic articles and comments thereto are out of scope. CCE is certainly often politically minded with vigorous discussion, but hard to argue it was journalism.
I wonder if this could also end Mastodon instances that are also often run by individuals.
Posted 2 months ago # -
This kind of stuff falls within the scope of my day job, so here's a couple of ruminations:
- Usually with this kind of legislation 'generator' or boilerplate-wizard tools spring up, so while tortuous to go through it will probably be possible to generate the compliance statement needed before the deadline without it being loads of work (happy to help, chris / chris and others);
- The main vectors for potential harm on this site would be through image/video posting, and through private messaging. The former, it would be very quickly reported by folks using the forum, and moderated out of existence; for private messaging, I have no concept of how frequently that feature is used here, and it might be a question of turning it off if it's not used much.
That might be a naïve reading of the situation but I reckon as we did with GDPR / Cookie Compliance, we'll see tools appear over the next couple of months that would make an audit and compliance an annoying but non-world-ending project?
Ofcom's 'Regulation Checker' says (based on six basic questions) that CCE is in scope for this. I've signed up for updates by email which assumedly will result in contact when they publish the tools they've mentioned in the article. At the moment, all they have published is a four steps for compliance summary.
Posted 2 months ago # -
Happy to help draft the required paperwork. Not that I'm super lazy or anything, but the first thing I would do is look for published risk assessments from larger online services that we could be "inspired" by.
Posted 2 months ago # -
Thanks M
Posted 2 months ago # -
All images and videos "posted" here are simply links to things hosted on 3rd-party sites, e.g. Flickr / Youtube
Surely the responsibility lies with those sites to take down harmful content? Or is it that forums are responsible for moderating links as well as the text?
Posted 2 months ago # -
84 page Ofcom guide on conducting risk assessments. Which includes links to a 14 page records keeping guide and references several other documents.
I've seen worse. Probably worth waiting for the Ofcom online tools before doing anything. If anyone does see an Online Safety Act risk assessment out in the wild it would be great if they could post a link here - always good to have something to work with.
Posted 2 months ago # -
Will keep an eye out!
@neddie - I'd expect the fact that embedding happens here makes it the platform the content is posted on, rather than the source of the file / embed being rendered. Certainly if someone posted something objectionable most people would first try and approach a CCE mod rather than Flickr or Youtube
Posted 2 months ago # -
I saw this online event with Ofcom mentioned elsewhere, might be useful: https://lu.ma/qijpvfnl
Posted 2 months ago # -
I think that the hosts, Careful Trouble, may find this event massively oversubscribed but it will likely be useful.
Posted 2 months ago # -
How time flies. 17 March is in four days' time. It would be a sad thing indeed for CCE to have to move to a read-only form, or to impose moderation of every single post.
There is useful debate over on yACF. Post #88 is of some interest.
Posted 3 weeks ago # -
Okay - just finished an extremely busy time at work. I now have time to get cracking with drafting the necessary documentation. I will get on the case today.
I will need to chat with @Chrisfl at some point, as we will need to establish a way for people to notify admin/mods of content they have concerns about. I reckon the easiest thing would be to add a "Report content" option to the ribbon at the top of the page, which allows people to contact (email?) the powers that be. As a temporary measure, we could just rename the "contact" tab as "report content".
Posted 2 weeks ago # -
Disabling PMs appears also to be useful in reducing risk and liability.
It may be a case of closing the stable door after the horse has bolted but I wrote to my MP to inform them about this state of affairs.
Posted 2 weeks ago # -
Okay - have been working my way through all the guidance and forms. A lot to get through.
Anyway, two ways to go here. I can keep working away - possibly a day or so's work to get it all sorted.
...or...
We take "inspiration" from the Cycling UK forum risk assessment. This is surprisingly light, but looks sufficient: https://forum.cyclinguk.org/viewtopic.php?t=164004
Thoughts? A fully CCE specific risk assessment or one "inspired" by Cycling UK.
Posted 2 weeks ago # -
Thanks for this Morningside; I fully support taking inspiration, It looks like our risk profile is remarkably similar to Cycling UK.
Posted 2 weeks ago # -
@ Morningsider
First
Thanks for doing what you have done.
Second
I’d rather you found better things to do than spend a couple of days on this.
Third
CUK seems to have ‘done the work’ for something similar to CCE BUT MUCH BIGGER.
I particularly liked the frequent “Risk level: Negligible”.
Fourth
A combination of the removal of automatic registration - some years ago - plus the effective ‘spam trap’ software, I don’t think we have anything to worry about beyond demonstrating we are aware of the new legislation and we have done an appropriate risk assessment.
Fifth
Thanks repeated.
Posted 2 weeks ago # -
Sixth
Perhaps contact CUK and say ‘we’ are planning to make use of their excellent work and ask if they have anything to add.
Posted 2 weeks ago # -
Looks like a solid starting point. I’d suggest some mention of private message function and any mitigations in using it forms part of it. One mitigation against harm there, if I understand correctly, is that one can ‘unsubscribe’ from a private message thread, couldn’t look up the docs as not sure which plugin is being used but assumedly this is akin to a block and prevents that user from PM’ing you again?
I’d skip asking CUK as they’ve simply based it (as they say in the intro) on readily available template from powers that be…
The other thing I’d point out is whatever text character they’ve used for ticks and crosses in initial questions doesn’t render properly on all browsers - just a series of boxes on iPadOS, for example - and this forum doesn’t support emoji, so I’d go for a Y and N for that particular section.
Thanks @Morningsider for moving it forwards!
Posted 2 weeks ago # -
“but assumedly this is akin to a block and prevents that user from PM’ing you again?“
Don’t think so, more like opting out of a group chat - PM on CCE (and presumably commonly) can involve more than two people.
By definition, PMs are between two registered users. In the event of abuse - of any sort - I hope someone would contact an admin. Perhaps this can be flagged somewhere.
Posted 2 weeks ago # -
The risk assessment paperwork is now complete, so CCE can carry on as usual. We do need to get a "Report illegal content" button set up though - or we could just add a line under "the Rules" to say something like:
"If you think any post contains material that is illegal, or breaches the forum rules, then please report it by clicking on the "contact" tab above and sending a message to the administrator about the post in question."
I don't think we need to publish the risk assessment, but I think it might make sense if we put it somewhere. I suppose the easiest thing to do is give it a thread of its own, which could then be closed, so comments cannot be added. Any thoughts?
Posted 2 weeks ago # -
Currently being discussed on R4!
“Measures proportionate”
‘Parliament aware of smaller orgs/websites and ‘understands’ impossible to prevent all abuse. Point of Act is to deal with companies that don’t take adequate action to minimise problems or refuse to take action when things are reported’.
Suzanne Cater Director of Enforcement, Ofcom
So, thanks to M (and others) ‘we’ have nothing to worry about!
Posted 2 weeks ago #
Reply
You must log in to post.
posts
