Pending completion of the Parliamentary process, as of March 17, 2025, providers will need to implement the safety measures outlined in the Codes or employ other effective measures to shield users from illegal content and activity.”
“We are prepared to take enforcement action if providers fail to swiftly address risks on their platforms,” it further stated.
According to Ofcom, over 100,000 tech companies could fall under the law’s requirements to protect users from various types of illegal content, covering more than 130 “priority offenses” detailed in the Act, which encompasses areas like terrorism, hate speech, child sexual abuse, fraud, and financial crimes.
In-scope firms range from tech giants to “very small” service providers, spanning sectors such as social media, dating, gaming, search engines, and adult entertainment.
“The Act’s obligations apply to service providers with ties to the UK regardless of their location worldwide né?. The number of online services subject to regulation could exceed 100,000 and vary from some of the largest tech companies to very small entities,” noted Ofcom.
The guidelines and directives follow a consultation process, with Ofcom reviewing research and incorporating stakeholder feedback to shape the regulations, since the law was passed by parliament last autumn and enacted in October 2023.
The regulator has outlined measures for user-to-user and search services to mitigate risks associated with illegal content, with guidance on risk assessments, record-keeping, and reviews detailed in an official document.
Ofcom has also provided a summary of each chapter in today’s policy statement.
The U.K. On Monday, Ofcom, the internet regulator in the U.K., released the initial set of definitive guidelines for online service providers subject to the Online Safety Act. will need to assess how the law impacts their operations, at minimum, and possibly make operational changes to address specific areas of regulatory risk.
For major platforms reliant on user engagement for revenue generation, where tightly managing user attention is crucial, significant operational modifications may be necessary to comply with the law’s mandate to protect users from various harms.
A key mechanism to drive change is the law introducing criminal liabilities for senior executives under certain circumstances, holding tech CEOs personally accountable for non-compliance in certain cases.
Speaking on BBC Radio 4’s Today program on Monday morning, Melanie Dawes, CEO of Ofcom, hinted at significant changes in how major tech platforms will function by 2025.
“What we’re announcing today is a pivotal moment for online safety because in three months, tech companies will need to actively make changes,” she stated né?. “They’ll have to adjust the algorithms to ensure illegal content like terrorism, hate speech, intimate image abuse, and more are prevented from appearing in our feeds.”
Furthermore, Ofcom’s policy statement is just the initial step in enforcing legal obligations, with the regulator continuing to work on additional measures and obligations related to other aspects of the law, including broader protections for children, set to be introduced in the new year. né?. Nevertheless, smaller services with lower risk profiles are not exempt from responsibilities under the law.
Every tech firm offering user-to-user or search services in the U.K né?. This marks the beginning of the countdown to the first compliance deadline set by the extensive online harms law, expected to take effect within three months.
Ofcom has been under scrutiny to expedite the implementation of the online safety framework following the riots in the summer, which were widely believed to have been instigated by social media activity. law’s approach is tailored, with more obligations typically imposed on larger services and platforms facing multiple risks, compared to smaller services with fewer risks. While simply adhering to the legislative process outlined by lawmakers, which mandated consultation on and parliamentary approval of final compliance measures.
“This decision on the Illegal Harms Codes and guidance is a significant milestone, requiring online providers to now legally safeguard their users from illegal harm,” said Ofcom in a press release.
“Providers are now obligated to assess the risks of illegal harms on their platforms, with a deadline set for March 16, 2025
