[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG]Re: UK online Safety Act

To: list@xxxxxxxxxxxxx
Subject: [LUG]Re: UK online Safety Act
From: fraser kendall <lfs.mailing@xxxxxxxxxxxx>
Date: Thu, 28 Aug 2025 14:21:39 +0100
Antispam-dls: false
Antispam-dlsp:
Antispam-dlsrs:
Antispam-ts: 1.0
Arc-authentication-results: i=1; outgoing.instance-europe-west4-fx36.prod.antispam.mailspamprotection.com; smtp.remote-ip=35.214.100.145; iprev=pass (145.100.214.35.bc.googleusercontent.com) smtp.remote-ip=35.214.100.145; auth=pass (LOGIN) smtp.auth=uk1001.siteground.eu; dkim=pass header.d=leloft.co.uk header.s=default header.a=rsa-sha256; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed; d=outgoing.instance-europe-west4-fx36.prod.antispam.mailspamprotection.com; s=arckey; t=1756387327; bh=Mj6F+V+8knDO+1ftwXfwIwidDyp9J0Q5aKbD1KsSK3g=; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References:In-Reply-To: Message-ID:Subject:To:From:Date:DKIM-Signature:DKIM-Signature; b=Fe91PIu21hsICPY15Tq91yZQhAWJkZNptrgzg/MudUTKqC4ZtrR0klx6IHz9b80w9npZsjMoHW P0+KGlrvkca31SDiAaLYp2e0i20LBTKPckeuweU1BNLO1ODiyNXSBudFBpteiS+Iu+uJZpHxop J9ilb4/MBctOE7sEK0wUiwKc7hgSSMfoQL1NDtkXHFvuUFgdYyLVLtJWzpcQ2+Ow9KnpUR2Ep7 4gxqKJOZLtVSOJEHUcq0oMGMfGvUQgH3sT7rQmYlwOC/xLQMfyWWlI/52etcY0Iwri/DfdHtRw CI0bVf90VjDGsCI6R/wAY2Fn29zhYfR0pp80ZH5DIc6MNQ==;
Arc-seal: i=1; cv=none; a=rsa-sha256; d=outgoing.instance-europe-west4-fx36.prod.antispam.mailspamprotection.com; s=arckey; t=1756387327; b=LwdQvj5a80PwbHKY0e7AHbHOwjrkMbgKhvVbDryfd/De1ncUtmIxgLQKKxCwHgXkk2YkYvvteV MpgkOIJl1iq5Y7qEOP4HjepVLiLnd48gUUxbmnHcnasXMIxE267XM93363Jk6i1gwDt9PpDia3 XxZmJjZ1t+zzYv9GWuYxwOI23Fa0dRXR1Zx7lpiJV8uJKZ/qTZCZ0itTnIwZ2Lo5bKB95ySN3z A014ZJt3b51ti6SVZEcz362GZElL96cN0TxviX4P7Z4772gW/muRflx+ocz7/zvHX+jxFTCkTj hj6L19WdczWae9KIP39E9A5+vSdmzqhN2dGjvpvlnyDgZA==;
Authentication-results: outgoing.instance-europe-west4-fx36.prod.antispam.mailspamprotection.com; iprev=pass (145.100.214.35.bc.googleusercontent.com) smtp.remote-ip=35.214.100.145; auth=pass (LOGIN) smtp.auth=uk1001.siteground.eu; dkim=pass header.d=leloft.co.uk header.s=default header.a=rsa-sha256; arc=none
Cfbl-address: feedback@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; report=arf
Cfbl-feedback-id: 1urcZp-00000005ZPY-0v5k-feedback@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1744744550; h=Content-Transfer-Encoding:Content-Type: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Help:List-Id: Subject:Reply-To:MIME-Version:References:In-Reply-To:Message-ID:To:From:Date: Sender:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Archive; bh=n9u4lc3UU68LgTbCYkJs73g2f/AdrvFNhyJyy1FmPZY=; b=HdiCYqpvYF84C86jtwRQM9F3Ff WqRH8Z06v/X/cbFqrYkflfy9T0EZ8/6EW61gxzAlqpWUIrwGW0HoCLiaXB7QUaP2U+Dbh9txidSpL +DZIKmDOZyUYF9Rvfjsri+7ISrvyCI3gM6LsfYtIkQSwaoVAYYIVfkIOr3vVW71coJr8=;
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=antispam.mailspamprotection.com; s=default; h=CFBL-Feedback-ID:CFBL-Address :Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Subject:To: From:Date:Reply-To:Cc:List-Unsubscribe; bh=5fGGMe5Ls/pM+2wD/D641sFGRhis3Q+01tzjLF9LjYU=; b=adADIOvHmbFwGo+x6m+tVQpusW 5ie/6RChtj6+/2u1V67Lk4hrMQrQef6GZcqeF/AJqFb3jqOuSlLCSloyyj8S6zhmpkmMk1z00im+E cEmdelFKi9FORyzQDS6YtDzD3VcnWMusQAIDvhASlGrLqFotPzlhw1MnIuuQW+MHt6zU=;
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=leloft.co.uk; s=default; h=Subject:To:From:Date:cc:list-help: list-unsubscribe:list-subscribe:list-post:list-owner:list-archive; bh=5fGGMe5Ls/pM+2wD/D641sFGRhis3Q+01tzjLF9LjYU=; b=HCkO0Yi/LkzMTStVjPsXhA3gSN 45Z6KwzAqJsy2ifWYgThMeVmVLCZdxh7k7mSDEz2uZ3BtwymnR+lv0L43em+2U3TF6sY5JZH5386o aQm8TaOETDkYUiL2IDaEbmbrWwheBFLejRNPZRjCvnce5cFW9z9QD/lITVnbfAe/UnKY=;

On Thu, 28 Aug 2025 12:29:21 +0100
Paul Sutton via list <list@xxxxxxxxxxxxx> wrote:

> Hi All
> 
> Just asking a question here regarding the UK Online Safety Act,  does 
> this actually prevent young people from taking part in activities
> such as Mission Libre, and perhaps even joining groups such as this.
> 
> It would be useful to know where people stand on a range of issues in 
> respect of the act.
> 
> Paul
> 
######################################################################
"Create an ordered ranked list detailing the ten most important ways
that the UK Online safety act 2023 impacts on the open source
community.  In particular, detail the ways that considerations of
safeguarding may impact on forum activity"

ChatGPT said:
Thought for 1m 25s

Here’s a ranked, plain-English take on how the UK Online Safety Act
2023 (OSA) most affects open-source communities—especially anyone
running issue trackers, mailing lists, Discord/Matrix/Slack spaces,
Discourse boards, GitHub/GitLab discussions, or self-hosted forums.

Scope: most OSS forums are “in scope” if they have a UK link
If your service lets users post content that others can encounter (a
“user-to-user service”) and you have UK users, target the UK, or pose a
material risk to UK users, the OSA applies—even if you’re not UK-based
or you’re tiny. Practical upshot: project forums and chat spaces count.
GOV.UK inquisitiveminds.bristows.com Burges Salmon

Mandatory illegal-content risk assessment (and keep records)
Every in-scope service must assess risks of illegal content (e.g.,
CSAM, terrorism, fraud, encouragement of suicide), decide proportionate
mitigations, and document/keep these under review. This drives formal
moderation policies, logs, and governance in OSS communities.
Legislation.gov.uk www.ofcom.org.uk A&O Shearman

Enforceable “illegal harms” Codes of Practice (from Mar 17, 2025)
Ofcom’s first Codes are now enforceable. Expect to resource moderation,
make reporting easy, act swiftly on flagged content, and tune service
design to reduce illegal harms. For OSS forums that often rely on
volunteers, this is the single biggest operational change. Herbert
Smith Freehills Taylor Wessing www.ofcom.org.uk

Children’s safety duties (and age assurance where needed)
If your service is “likely to be accessed by children,” you must assess
children’s risks and use measures (including age assurance/age checks
where appropriate) to stop under-18s from encountering “primary
priority” harms (pornography, self-harm encouragement, etc.). Forums
with student contributors or general-audience docs may need safer
defaults, limited features for unverified minors, or age-gating risky
areas. www.ofcom.org.uk White & Case GOV.UK

Grooming/CSAM safeguards—and legal reporting to the NCA
You’re expected to mitigate grooming risks (design + moderation). UK
providers have a statutory duty to report detected, previously
unreported CSAM/CSEA to the National Crime Agency. Forums with private
messaging or invite links need clear escalation and reporting
playbooks. www.ofcom.org.uk +1 Legislation.gov.uk National Crime Agency

User reporting, complaints & redress systems
You must provide easy-to-find reporting tools, respond to reports, and
offer complaint/appeal routes. OSS maintainers will likely add visible
“Report” buttons, abuse mailboxes, serviceable SLAs, and a documented
appeals path—shifting forum activity toward more structured moderation
workflows. www.ofcom.org.uk +1

Governance & accountable leadership (even for small services)
The Codes emphasize risk management, training, and named responsibility
for compliance. Expect communities to designate a lead (or committee),
train moderators, and publish governance notes—formalizing what was
previously ad-hoc volunteer effort. Financial Times swgfl.org.uk

Terms of service & transparency duties
You’re expected to explain moderation policies, apply them
consistently, and balance safety with users’ rights to free expression
and privacy. Many projects will revise CONTRIBUTING.md / Code of
Conduct / forum rules and publish clearer enforcement guidelines.
Wikipedia

Territorial reach & potential geoblocking trade-offs
Because “links to the UK” are enough, non-UK OSS forums may face
compliance decisions. Some communities consider restricting UK access;
others will comply to keep UK contributors. Either way, forum
participation patterns may change. Burges Salmon

Escalation powers & serious penalties raise the stakes
Ofcom can fine up to £18m or 10% of global turnover and even seek
access/service restriction orders for serious non-compliance. That
pressure will push even hobby forums toward more conservative,
safety-first moderation (e.g., quicker removals, tighter link and
keyword rules). Legislation.gov.uk IT Pro

What this means day-to-day for safeguarding on OSS forums

Add quick “Report” on every post/DM; publish triage SLAs and escalation
paths (including law-enforcement reporting for CSAM/CSEA).
www.ofcom.org.uk Legislation.gov.uk

Write a short illegal-content risk assessment (cover grooming, suicide
encouragement, fraud, malware distribution) and keep it updated; log
moderation decisions. www.ofcom.org.uk +1

If minors might use your space: consider age-gating risky categories;
default to safer settings; restrict “invite-only” or image upload
features for unverified minors; signpost helplines on suicide/self-harm
keywords. www.ofcom.org.uk

Train moderators on OSA priorities (e.g., what “encouragement of
suicide” looks like) and provide a clear appeals route. www.ofcom.org.uk

Document who is responsible for compliance and how to contact them;
keep abuse@ monitored. Financial Times

####################################################################

Not bad for 85s!

fraser
-- 
The Mailing List for the Devon & Cornwall LUG
FAQ: https://www.dcglug.org.uk/faq/

References:
- [LUG]UK online Safety Act
  - From: Paul Sutton via list

Prev by Date: [LUG]UK online Safety Act
Next by Date: [LUG]Re: UK online Safety Act
Previous by thread: [LUG]UK online Safety Act
Next by thread: [LUG]Re: UK online Safety Act
Index(es):
- Date
- Thread