CityCyclingEdinburgh Forum » Computers, GPS, 'Smart' 'Phones

UK Online Safety Act, threat to this forum?

(24 posts)

No tags yet.


  1. Kim
    Member

    I am not sure if the UK Online Safety Act will apply to this forum, but there is a risk that it might...

    If you are not sure what I am talking about, have a read of this https://www.theregister.com/2025/01/14/online_safety_act/

    Posted 2 months ago #
  2. chdot
    Admin

    according to law, regulator Ofcom could impose a fine of £18 million ($22 million) or 10 percent of their global revenue – whichever is greater – for failing to comply

    Not a problem then…

    Though someone is already ‘targeting’ CCE!

    "Every single service will have to go through all 17 categories of priority illegal content and consider ‘non priority’ illegal content too. This is the case even if you're a small cycling based forum that only allows text based comments. That's just the way that Parliament designed the act. Unfortunately, that's not Ofcom's choice to do it that way," Packer said.

    Posted 2 months ago #
  3. fimm
    Member

    My guess is that the

    small cycling based forum that only allows text based comments

    that is being referred to is LFGSS, where the person who runs it has already said that complying will be impossibly difficult for them and the forum will have to close. LFGSS may be small but it is way bigger than CCE!

    I'd not been aware of the bit about number of users before.

    Posted 2 months ago #
  4. fimm
    Member

    From the Register article that Kim linked to

    Organizations with a smaller number of users will simply have to have the [risk assessment] document ready should Ofcom request it.

    The person interviewed by the Register describes the risk assessment as
    quite a detailed and involved process
    .
    I guess the question is, are OFCOM going to come after small forums like this one? The LFGSS person is (IIRC) concerned about malicious reports to OFCOM.

    Posted 2 months ago #
  5. Arellcat
    Moderator

    The draft bill is impossibly broad. Any forum worldwide in which UK users might take part would be in scope, with the risk diminished only by readership or existing controls. Overseas owned forums might opt to refuse UK members henceforth, that is if the owners are aware of the bill or its implications at all.

    The Wikipedia entry for the bill notes that journalistic articles and comments thereto are out of scope. CCE is certainly often politically minded with vigorous discussion, but hard to argue it was journalism.

    I wonder if this could also end Mastodon instances that are also often run by individuals.

    Posted 2 months ago #
  6. bakky
    Member

    This kind of stuff falls within the scope of my day job, so here's a couple of ruminations:

    - Usually with this kind of legislation 'generator' or boilerplate-wizard tools spring up, so while tortuous to go through it will probably be possible to generate the compliance statement needed before the deadline without it being loads of work (happy to help, chris / chris and others);

    - The main vectors for potential harm on this site would be through image/video posting, and through private messaging. The former, it would be very quickly reported by folks using the forum, and moderated out of existence; for private messaging, I have no concept of how frequently that feature is used here, and it might be a question of turning it off if it's not used much.

    That might be a naïve reading of the situation but I reckon as we did with GDPR / Cookie Compliance, we'll see tools appear over the next couple of months that would make an audit and compliance an annoying but non-world-ending project?

    Ofcom's 'Regulation Checker' says (based on six basic questions) that CCE is in scope for this. I've signed up for updates by email which assumedly will result in contact when they publish the tools they've mentioned in the article. At the moment, all they have published is a four steps for compliance summary.

    Posted 2 months ago #
  7. Morningsider
    Member

    Happy to help draft the required paperwork. Not that I'm super lazy or anything, but the first thing I would do is look for published risk assessments from larger online services that we could be "inspired" by.

    Posted 2 months ago #
  8. chdot
    Admin

    Thanks M

    Posted 2 months ago #
  9. neddie
    Member

    All images and videos "posted" here are simply links to things hosted on 3rd-party sites, e.g. Flickr / Youtube

    Surely the responsibility lies with those sites to take down harmful content? Or is it that forums are responsible for moderating links as well as the text?

    Posted 2 months ago #
  10. Morningsider
    Member

    84 page Ofcom guide on conducting risk assessments. Which includes links to a 14 page records keeping guide and references several other documents.

    I've seen worse. Probably worth waiting for the Ofcom online tools before doing anything. If anyone does see an Online Safety Act risk assessment out in the wild it would be great if they could post a link here - always good to have something to work with.

    Posted 2 months ago #
  11. bakky
    Member

    Will keep an eye out!

    @neddie - I'd expect the fact that embedding happens here makes it the platform the content is posted on, rather than the source of the file / embed being rendered. Certainly if someone posted something objectionable most people would first try and approach a CCE mod rather than Flickr or Youtube

    Posted 2 months ago #
  12. bacam
    Member

    I saw this online event with Ofcom mentioned elsewhere, might be useful: https://lu.ma/qijpvfnl

    Posted 2 months ago #
  13. Arellcat
    Moderator

    I think that the hosts, Careful Trouble, may find this event massively oversubscribed but it will likely be useful.

    Posted 2 months ago #
  14. Arellcat
    Moderator

    How time flies. 17 March is in four days' time. It would be a sad thing indeed for CCE to have to move to a read-only form, or to impose moderation of every single post.

    There is useful debate over on yACF. Post #88 is of some interest.

    https://yacf.co.uk/forum/index.php?topic=130158.0

    Posted 2 weeks ago #
  15. Morningsider
    Member

    Okay - just finished an extremely busy time at work. I now have time to get cracking with drafting the necessary documentation. I will get on the case today.

    I will need to chat with @Chrisfl at some point, as we will need to establish a way for people to notify admin/mods of content they have concerns about. I reckon the easiest thing would be to add a "Report content" option to the ribbon at the top of the page, which allows people to contact (email?) the powers that be. As a temporary measure, we could just rename the "contact" tab as "report content".

    Posted 2 weeks ago #
  16. Arellcat
    Moderator

    Disabling PMs appears also to be useful in reducing risk and liability.

    It may be a case of closing the stable door after the horse has bolted but I wrote to my MP to inform them about this state of affairs.

    Posted 2 weeks ago #
  17. Morningsider
    Member

    Okay - have been working my way through all the guidance and forms. A lot to get through.

    Anyway, two ways to go here. I can keep working away - possibly a day or so's work to get it all sorted.

    ...or...

    We take "inspiration" from the Cycling UK forum risk assessment. This is surprisingly light, but looks sufficient: https://forum.cyclinguk.org/viewtopic.php?t=164004

    Thoughts? A fully CCE specific risk assessment or one "inspired" by Cycling UK.

    Posted 2 weeks ago #
  18. chrisfl
    Member

    Thanks for this Morningside; I fully support taking inspiration, It looks like our risk profile is remarkably similar to Cycling UK.

    Posted 2 weeks ago #
  19. chdot
    Admin

    @ Morningsider

    First

    Thanks for doing what you have done.

    Second

    I’d rather you found better things to do than spend a couple of days on this.

    Third

    CUK seems to have ‘done the work’ for something similar to CCE BUT MUCH BIGGER.

    I particularly liked the frequent “Risk level: Negligible”.

    Fourth

    A combination of the removal of automatic registration - some years ago - plus the effective ‘spam trap’ software, I don’t think we have anything to worry about beyond demonstrating we are aware of the new legislation and we have done an appropriate risk assessment.

    Fifth

    Thanks repeated.

    Posted 2 weeks ago #
  20. chdot
    Admin

    Sixth

    Perhaps contact CUK and say ‘we’ are planning to make use of their excellent work and ask if they have anything to add.

    Posted 2 weeks ago #
  21. bakky
    Member

    Looks like a solid starting point. I’d suggest some mention of private message function and any mitigations in using it forms part of it. One mitigation against harm there, if I understand correctly, is that one can ‘unsubscribe’ from a private message thread, couldn’t look up the docs as not sure which plugin is being used but assumedly this is akin to a block and prevents that user from PM’ing you again?

    I’d skip asking CUK as they’ve simply based it (as they say in the intro) on readily available template from powers that be…

    The other thing I’d point out is whatever text character they’ve used for ticks and crosses in initial questions doesn’t render properly on all browsers - just a series of boxes on iPadOS, for example - and this forum doesn’t support emoji, so I’d go for a Y and N for that particular section.

    Thanks @Morningsider for moving it forwards!

    Posted 2 weeks ago #
  22. chdot
    Admin

    “but assumedly this is akin to a block and prevents that user from PM’ing you again?“

    Don’t think so, more like opting out of a group chat - PM on CCE (and presumably commonly) can involve more than two people.

    By definition, PMs are between two registered users. In the event of abuse - of any sort - I hope someone would contact an admin. Perhaps this can be flagged somewhere.

    Posted 2 weeks ago #
  23. Morningsider
    Member

    The risk assessment paperwork is now complete, so CCE can carry on as usual. We do need to get a "Report illegal content" button set up though - or we could just add a line under "the Rules" to say something like:

    "If you think any post contains material that is illegal, or breaches the forum rules, then please report it by clicking on the "contact" tab above and sending a message to the administrator about the post in question."

    I don't think we need to publish the risk assessment, but I think it might make sense if we put it somewhere. I suppose the easiest thing to do is give it a thread of its own, which could then be closed, so comments cannot be added. Any thoughts?

    Posted 2 weeks ago #
  24. chdot
    Admin

    Currently being discussed on R4!

    “Measures proportionate”

    ‘Parliament aware of smaller orgs/websites and ‘understands’ impossible to prevent all abuse. Point of Act is to deal with companies that don’t take adequate action to minimise problems or refuse to take action when things are reported’.

    Suzanne Cater Director of Enforcement, Ofcom

    So, thanks to M (and others) ‘we’ have nothing to worry about!

    Posted 2 weeks ago #

RSS feed for this topic

Reply

You must log in to post.


Video embedded using Easy Video Embed plugin