Can someone explain why this won't result in a renaissance for peer to peer and e2e encrypted chat/forums/social media etc.? When government or industry makes it nearly impossible for consumer needs to be met we inevitably see a grey and black market spring up to meet those needs. My prediction is that if legislation like this becomes widespread we'll see a freely distributed application rise to prominence among a gaggle of others, it'll dominate the chat and social market until even grandma is using it and the establishment will have a right proper freak out as other social media giants implode and everyone is communicating anything they want with zero oversight from the government or industry. This is roughly how I remember the Napster affair going when DRM was pushed hard by the recording industry, it eventually collapsed but not before dealing a massive blow to the status quo and forcing a transition to streaming.
If UK government really cared about children, and not about surveillance and censorship, they would solve the problem another way.<p>The only way protect children online is to ban them from Internet. Children should not have access to normal laptops and smartphones, instead they should use "kid phones". Such phones would allow children to communicate only with people approved by parents or teachers and visit only approved sites. This way they will enjoy perfect safety which this Bill fails to provide.<p>Every site which wants to become approved, must fulfill all the requirements from the Bill and indicate this with a HTTP header. Kid phones and laptops should allow only to visit such compliant sites.<p>Kid-oriented phones and laptops must be visually distinctive: for example, have a shape of a cute animal. In this case teachers, parents or police will be able to instantly spot and confiscate illegal devices.<p>This is a win-win plan: kids would be safe and adults would be safe from government overreach. Obviously no government will agree to such plan.
With respect to the politicians not turning up, it's worth noting that at least some of the candidates for PM are against the Online Safety Bill and want to scrap it. So for them, campaigning to become the next leader may actually be a more useful way to spend time than hearing what they already know.<p>It appears the OSB has become a victim of incoherent requirements specifications. It's grown enormously during its gestation period and is now trying to do way too much, including things that are self-contradictory. Some politicians recognize this, for example Kemi Badenoch:<p><a href="https://order-order.com/2022/07/11/watch-badenoch-slams-online-safety-bill-promises-to-champion-free-speech/" rel="nofollow">https://order-order.com/2022/07/11/watch-badenoch-slams-onli...</a><p>but I recall others saying similar things. I just can't find the references right now.
If I, a US citizen, started an online service that attracted Ofcom attention, what binds me to following UK regulations? The article mentions "extraterritorial enforcement", but what does that mean? Will the US extradite me to the UK if I don't put monitoring in place? Will I get arrested if I visit the UK? Will they try to sue me in US court?<p>I mean realistically if it became a problem I'd just IP-block all of the UK because they're small, but I don't understand what the legal framework for "extraterritorial enforcement" even is.
I dread to think what this will mean for the free and open Internet - the source of much mirth, yes, and much dread. But that's just a reflection of the human condition. It should be just left be.<p>Another case of myopic, joyless stodges ruining what they don't understand.<p>I've paid enough taxes to this worthless, bloated institution that claims to 'protect my liberties' - is it too late to get a refund? Don't they owe me something for clear breach of contract? The 'social contract' isn't what it was when I was born!
> Or it would have, if the nine MPs across three parties who were scheduled to attend actually showed up. Only one did.<p>Everything else aside, if MPs don't show up for a scheduled meeting they should just be sacked.<p>How many of us can just blow off meetings like that with no consequence?
<i>who also has skin in the game about being on the receiving end of the most horrific online abuse</i><p>Do people just not get educated in online literacy anymore? An adult getting abused online is like getting third degree burns because you laid your hand on a hot burner and refused to take it off. If people saying mean things to you is disturbing your groove so much you're calling it "abuse" maybe you should <i>stop reading them</i>. This is stuff from the first week of 1990s computer class in elementary school.
This is NOT regulation of big tech.<p>This creates a barrier to entry that allows ONLY big tech access to the playing field.<p>These types of barriers to entry already exist in other areas like the pharmaceutical business and finance. Now we're getting artificial barriers created in IT.
Sadly, the only safe way for startups to ensure compliance will be to block IP blocks of any country they're not intentionally doing business in. You will start by intentionally doing business in your country of incorporation, contract out with a consultant to ensure that you are meeting your compliance requirements in your local jurisdiction, and only expand intentionally from there. Sure, users can use VPNs to bypass IP blocks, but at least then you have a defense that the user "traveled" to a jurisdiction where you do operate.<p>Or - you take a leaf from the pirate's book and throw caution to the wind. Which will be pretty much the only way to get the growth that investors expect, even as investors will refuse to invest without at least the appearance of legal certainty of the first option.
The OSB has become a big bucket which UK politicians can point to and say "see, we're doing something". When faced with a question about the internet, the stock response of Tory MPs is to say "wait for the Online Safety Bill". In that way, it's quite similar to the situation before Brexit, where representatives would evade responsibility for policy by claiming that their hands were tied by Brussels.
> If a British child could merely type your URL into a browser, the site is in scope.<p>Seems incorrect, no? The visit is more important than just typing URL. Worst-case scenario I will check your IP and if its in UK/GB scope, you will see "Unable to browse this site due to your-stupid-anti-blah-blah-UK-policy"
If this applies to every site that hosts user generated content then that's nuts. When the internet first started, part of the appeal is that you could just make stuff without people looking over your shoulder, asking for forms, etc. Seems that the internet we created today is technically the same as the one from before, but now with governments throwing up red tape at every corner.<p>Makes me wonder what a site like HN would have to do in order to stay in compliance. While on the one hand HN could make the argument that the site is not geared towards children so this kind of stuff is not a concern, regulations will say: well TECHNICALLY a child could use HN, and TECHNICALLY a predator could message with them, and therefore there is TECHNICALLY a risk, so please pay up $20k/yr for compliance costs.<p>I use HN as a stand in example for many many sites and services out there. IMO, I don't think it will be that enforceable. Sure the big tech companies will comply, anyone that runs a smaller service outside the UK will just tell the UK govt to kick rocks if they come knocking (what can they do besides blocking the site in the UK).<p>If this bill gets passed were going to get the following:<p>- Big tech company scandal over CSAM.<p>- A heartbreaking story over some small time website owner facing prison time over non-compliance.<p>- Opinion pieces from the tech community about how it's a terrible idea all around.<p>- Puff pieces from non-tech outlets that praise the legislation without fully understanding the technical ramifications.<p>- Flame war between techies and non-techies over competing puff pieces.
It seems to me that the solution to all the woes of this bill is to just <i>not allow any content to be shared</i>. That basically eliminates this being a problem for 95% of all companies.
The whole thing is so completely and utterly braindead that it must surely be an attempt to shift the overton window & subsequently pass something slightly toned down.
The article says:<p>"Is it possible for your site, service, or app, which allows content to be shared and/or people to communicate with each other, to be accessed by any adult or any child within the UK?<p>Then you’re in scope.<p>NB “accessed” doesn’t necessarily mean that a user can set up an active account on your service. If a British adult can merely download your app on the app store, the app is in scope."<p>However, the draft bill doesn't seem to say that. I found the draft here: <a href="https://www.gov.uk/government/publications/draft-online-safety-bill" rel="nofollow">https://www.gov.uk/government/publications/draft-online-safe...</a> (and note that the article doesn't seem to link it, which seems odd).<p>The bill says:<p>"In this Act “user-to-user service” means an internet service by means of which content that is generated by a user of the service, or uploaded to or shared on the service by a user of the service, may be encountered by another user, or other users, of the service.<p>That seems reasonable to me. There are more details, but as far as I can see, the ability to merely download an app <i>does not</i> put it in scope contrary to the claim in TFA.<p>I now find myself doubting the the other claims made by this author.
The worst thing is, with the EU DSA coming in, a lot of this is probably completely unnecessary. So it creates extra bureaucracy, and gives the UK establishment a new boot to place on the necks of those that carry others' speech (and also pose a threat to traditional media), for very limited gain.
As someone from the EU, with no money or anuthing coming in from the UK, why would I even care about this?<p>The GDPR has teeth only because the EU is big enough to make companies care. It is a watered down version from some privacy rights compared to the old laws in my country. But the old laws were ignorde by US tech because why wouldn't they.<p>So as the UK left the EU, they are now a small country in the computer world. I'll ignore its laws just as I ignore Afghan laws requiring women to stay at home or whatever country's laws to forbif gays from existing.
We're all sitting here shaking our heads wondering how we got here.<p>The answer is we demanded it.<p>Instead of parents taking responsibility for what their children see on their phone, we tried to push a parental responsibility into the service provider, that they're simply unable to logistically comply with.<p>This is the end result of trying to solve a problem in meat space with legislation. Everyone that sat around going "Hurr hurr XKCD! Slippery slope! Seat belts and road safety!" are complicit.
One of the candidates for the Tory party leadership has already spoken out against it. I get the impression its not that popular and might well be scrapped or dropped.
I found the comparisons to the EU privacy regulations a bit annoying. I think the article would be stronger without them. I think they give too rosy an impression of the EU regulations (which can also be bad or burdensome) and that makes me think the U.K. regulations are less bad (rather than that they are so bad they make the EU regulations look good, I suppose).
Whilst this draft bill is laughable and outrageous, isn't a similar concept in the making for the EU? One not emphasizing children but copyrights and such instead? Article 13, I think it's called.<p>I consider them conceptually similar because in both cases it means that permission-less publishing will ultimately die. Right now the consensus is to allow publication, after which a reasonable effort is made to moderate, including the typical "report" function where you correct after publication.<p>It looks like we're swinging in the direction where whatever you publish (by means of your users) makes you fully accountable hence the only way to dodge that legal liability is to pre-check instead of post-check.<p>There's some hope in the sense that none of this can actually work nor is it enforceable. GDPR is a fine example of that. In my country, privacy authorities are a few hundred in staff only. When you report a violation to them, absolutely nothing will happen. They're 2 years behind and the cases they do handle almost never lead to any kind of verdict. No government is going to add thousands in staff just to regulate cookies, as surely they have better things to do with a budget. As such, the strategy seems to be to occasionally make an example out of a few by applying severe fines, just to scare everybody else and remind them that this legislation is a thing.<p>Let's also not underestimate the ability for people to revolt. If memory serves me well, article 13 had a modification so that people can continue to meme, lol.
> In addition to the risk assessments, you will have administrative compliance obligations to Ofcom as your content regulator. [long list follows]<p>So everybody around the world could and should register with them and basically perform a DoS at that very first step of the process?
The extra-territoriality part is interesting. It's still part of the post-Brexit hangover. GDPR got enforced globally because a) it covered 500 million rich europeans so you could not ignore that market b) it was the first and not insane.<p>This is insane - and worse the UK is just, just small enough that you could if you wanted, turn off the service to those geo-IPs and carry on.<p>I wonder. If any non-English speaking country tried it, it would almost be guaranteed
Do you think non-giant non-UK websites will be just ignoring this, even though theoretically if their website is accessible to those in the UK, the UK wants their compliance?
My belief is that the open internet began to pose a threat to those in power, they now seek to divide the internet back up along national boundaries via absurd regulations in order to for the traditional institutions to maintain their power. We are already seeing it with many sites being unwilling to deal with the compliance headache of GDPR and just blocking European users, plus it seems like half the internet is off limits to China because everyone blocks Chinese IP addresses because of their bad behavior.<p>Ultimately the only people who benefit as the internet gets more and more locked down and more and more regulated is the people at the top who are able to reassert control of the information those unwashed masses receive.
British politicians envy the spying, I mean, access American politicians have on private stuff traveling in US big tech.<p>They want their cut. At least about their own cattle, I mean, they surely see British people as.. people?
As an American who has no desire to visit the UK, is there any particular reason I need to care? The article says it would affect me but they don't have any jurisdiction over me.
hmmm how many countries are there 180+? must be fun to be compliant to all of them. Either rules should apply to only within the country or be handled by international organization. About time we created lawmaking internet committee, there are many for technical standards already.
> Online Safety Bill, plus amendments as was published on 28 June 2022. Unfortunately, it is only available in PDF (that link opens up the document, which is 230 pages).<p>The total size of legislation should be constitutionally limited. So that if someone wants to add 230 pages of new legislation, he should point to other 230 pages of the older legislation that should be eliminated.<p>So I think.
I like how the English write. Maybe it's because it was originally their language and so they teach it well in their schools.<p>As an American, I rarely see young people able to write like this anymore.<p>On the topic: are they trying to kill their startups? Because this is how you drive startups out of the UK.
Does anyone have a tldr? Respectfully to the author, I don’t have the patience to read through this blog post full of metaphores and anecdotes. So what happened?
> What I’ve come to realise since then is it’s not a joke. That’s the intention. Make it too prohibitive, risky, or impossible for public discourse to flow on smaller platforms and services; require the larger ones to become speech police and societal monitors<p>This is, I believe, also the intention behind the calls to repeal Section 230. It takes politics back to the simpler age where there were just a few entities deciding what the public were talking about, and they could be reached with either a bribe or an arrest warrant.<p>For a lot of politicians, who don't understand social media and mostly receive criticism on it, I can imagine them not caring if the costs of pre-screening all content ended up making social media accounts require annual payments. That would have the immediate effect of removing anonymity from users, and limiting online comments to people with disposable income (who could be profitably sued for insulting politicians).