Skip to main content

A Barbed Net

·4218 words·20 mins· loading · loading ·
Elwood
Author
Elwood
Writer, researcher

Intro
#

Recently a law has had the rare moment of actually capturing public attention in the UK, kicking up a real stink especially with the younger generations, the “Online Safety Act”, a wide ranging internet censorship and regulation law, originally passed by the now ousted Conservative Party government back in 2023, now promoted by the recent Labour Party government, I’d noticed the arguments over it back when it was in the works for its attempts to break encryption and police “legal but harmful” content with the classic argument of “think of the children”, using it as an example of attempts to nationalise the internet in Ukrainian Divide’s Episode 4 and when it actually came out, an example of badly written law in my Democracy article, but I mostly forgot about it since rather than being one big dump of changes its components came in gradually over time, now it’s back in the public eye and felt it was worth getting out my 2 cents on the latest from my dogshit government.

The Law
#

The Online Safety Act is broken up into 12 parts and 17 schedules, but the key bits in terms of the rules it implements are in parts 3, 4, 5, 7 and 10, other parts are related to definitions, financing and admin, penalties and reporting requirements.

A small number of these sections are part of the law but not currently in force, these I’ll mark in bold when describing them, the government can choose to enforce them at a later time through passing a statutory instrument (a simple yes vote in parliament rather than a full lawmaking process).

Part 3 is the most extensive part of the law, demanding  “duties of care” for what it calls “user-to-user” sites (think social media, anywhere where people can interact with each other directly) and search engines.

These duties include removing what they call “priority” illegal content for everyone, which includes:

  • Terrorism: membership, inviting support, meetings, fundraising, property management, weapons training, collection info for terrorism 
  • Child sexual exploitation/abuse
  • Assisting suicide, threats to kill, harassment, stalking, threats of/inciting fear of violence, racial public order offences, drug supply, firearms distribution, assisting illegal immigration, human trafficking, sexual exploitation, sharing sexual photos/films without consent, handling criminal property, fraud, financial misconduct, foreign interference (threats, property damage, financial loss, emotional harm and identity impersonation), animal abuse

And restricting “legal but harmful” content for kids and adults who choose to opt in to restrictions, these include:

On top of the things it forces these outlets to take down, it also has rules on what user-to-user sites have to keep up, demanding that these sites must have a system that accounts for “democratic importance” of content before removing it (material related to journalists and public debates) and an appeals process if it is removed, if it is removed they must also notify journalists of the reasoning, justifying why it overrides free speech concerns.

And lastly, it includes a duty to remove fraudulent ads (for everyone).

Part 4 is a section labelled as “other duties” for user-to-user sites and search engines, and it’s completely unused, it includes:

and, for user-to-user providers, demands that they:

Part 5 is duties for porn providers, which involves using age verification/age estimation to block children’s access to porn sites.

7 involves the powers of OFCOM, the UK media regulator, where they can:

And lastly, 10 is other regulations (communications offences), a series of bans on

The Thoughts
#

So, here’s what I think of this laundry list of rules and regulations, starting nice then getting nasty.

Most of 10 is very agreeable: Causing direct deliberate harm/trauma with epilepsy, unwanted exposure and death threats are all no brainers and should be illegal, the misinfo part I don’t agree with because of free speech concerns (I just don’t trust the state to decide these things) to a lesser degree I think the self harm part has the same kinds of issues.

Some of 4 is also decent, although I don’t like the government meddling in how companies handle moderation I do like the idea that they should have to actually give clear reasoning for bans and other penalties, which often right now they don’t, me and Massi have experienced that problem ourselves several times.

The other parts I see as unneeded meddling in how TOS is structured, the “right to id” was basically designed as a way for people to verify themselves and then toggle an option where they would only interact with other verified users, hypothetically cutting out spam bots, but it’s something practically no one asked for and no one would use, so forcing it down platform’s throats is ridiculous, and for the contact info part, it might be a controversial view but I do think that if someone uses a platform they have a right to privacy on it if that’s what they want, and if they sadly die young then that wish should be respected, even if it’s not what parents want.

And as for message scanning, on the surface to someone who hasn’t thought it through it sounds like a reasonable demand to eliminate one of the most (if not the most) disgusting crimes and abuses imagineable, but the problem is this, if you have to demand that every instance of child abuse material, anywhere on a platform, is detected, deleted and reported, you have to know what every single message says, so that on the off chance it does include CSEA (also called Child Sexual Abuse Material - CSAM) it can be captured.

This obviously stands at odds with user privacy, social media sites and texting providers have been increasingly implementing what’s called End-to-End Encryption, where the only people who can read your messages are you and the person you send them to, not the platform or anyone else, you just can’t force every message to be scanned for CSAM without breaking that encryption, either by eliminating it entirely or adding in a backdoor. The obvious problem with adding a backdoor in, is once you do that, it can and will be exploited for other purposes, either by overzealous governments and companies or by hackers. It also completely undermines the privacy value of the encryption, once there’s a hole in it, it might as well not be there.

Your right to privacy shouldn’t be overridden by the government’s non existent right to treat every single message you send as guilty until proven innocent of noncery, companies aren’t going to do it and it’s an insane idea to begin with, many like WhatsApp and Signal have openly said they’d rather pull out of the UK than break their encryption, and these problems are a large part in why Part 4 was kept in the law, but not actually implemented.

And to some that might seem wrong, believing that there should be no corner for messages to avoid being read when we’re talking about such serious abuses, but let’s look at it this way, why don’t we put listening devices in every room of every home? In every public space? Record as much data, collect as much as possible, check everything? We absolutely would catch more abuses including serious ones, assaults, murders, sex crimes, but would we accept that level of monitoring? No we wouldn’t, because at some point we draw a line where safety can’t overtake freedom and privacy, even if it comes at a cost.

So why should it be different in the digital world? Why should the government be able to, through a proxy, eliminate any iota of privacy you have from them, to demand everything you say and see? And of course, after all that, there’s just the obvious problem, if you ban legal platforms from providing this privacy, there will be illegal ones you have no control over that the worst of the worst will turn to, loopholes will be found and used and your boasted safety goes away.

Then there’s 5 and 7, where I have a more simple view: I don’t agree with any of it.

The age verification is what’s kicked up the most notoriety lately, and here’s the thing, I actually don’t agree with the people suggesting it’s about data collection or power, because in this case it demands data that the government already has, and has companies collect it, not the government themselves, so I do think that it’s genuinely about what they say it is, trying to keep children away from sites they shouldn’t be seeing.

But the problem is that it’s just riddled with holes, since it can easily be fooled or bypassed with VPN it’s already a paper tiger for many, and it’ll actually grow VPN use massively. There are also going to be plenty of websites that just refuse to implement these age gating rules, the government threatens massive fines for sites that don’t comply but unless they have some UK branch or are UK based, let’s face it, they’re not getting that bag.

Let’s say that when I’ve wanted to have a wank lately, it hasn’t been difficult to find sites that don’t use the age gating, and sure the government can try and have them blocked, but every time you block a site half a dozen copycats and mirrors will pop up, it’s a completely unwinnable war.

But there are some platforms where it’s either difficult or not really possible to avoid the age gate, in my case that was Discord, which I use as my no.1 chat platform, if I wanted to view channels that were marked 18+ (they can be marked this way by moderators regardless of what content they hold) and also PornHub, not because it was a necessity obviously, but let’s just say I have a lot of favourited vids and a playlist or two I wouldn’t like to lose.

So when you do force people to do this, it leads to concerns about data handling through unnecessary collection of very sensitive info, these verification systems often rely on you showing ID (which I did with Discord, where its shitty system didn’t accept my driver’s licence and only took my passport after many many tedious manoeuvres) or banking info (which is what PH did), although they also offered other options like selfies, where yeah, I don’t fancy taking one of those for some random company either.

I have no idea how reliable these systems are, in Discord’s case their provider said they’d immediately delete my data after I was verified, but how can I know if that’s true? The simple answer is, I can’t, so I’m left with sensitive info potentially up in the air so a politician can feel like they’re doing something.

I also fundamentally think the government shouldn’t be involved in this issue, I do believe keeping kids online experiences age appropriate is important, in my case my dad handled it by just not giving me a smartphone until I was in my second year of high school (in my first year I had a flip phone, before that I had nothing), and having my computer in the living room, with no headphones, where my use could be keenly watched.

And I hated that at the time, especially the dinky little flip phone, but over time I’ve come to understand why, he didn’t want me to be sucked into that world too early, now I’m not saying his solution should be everyone’s, but the point is it should be the job of parents and guardians to monitor their kids internet use and make sure it’s age appropriate (where tools already exist) or just not give them devices until they’re old enough to begin with.

Of course, when I grew older those rules loosened up, I got my headset, my laptop and later desktop went to my room, I got my smartphone and I gained a lot more privacy, and although my dad still tried to regulate some things (like my internet time to try and stop me staying up too late) I learnt to outsmart him by simply making my PC undiscoverable when accessing the home network, so I was cranking it out, playing violent video games he wouldn’t approve of (especially GTA, which was basically the spawn of Satan as far as he was concerned) and getting into chats he couldn’t see and there was nothing he could do about it.

And that’s inevitable, unless you parent like a draconian dictator, which you really shouldn’t, kids will find their way around you, and maybe that’ll have mixed results, it certainly did for me, I found freedom, communities, friends I’m still with today, but I also fell prey to dodgy propaganda, especially right wing culture war grifting, although I later climbed out of it it certainly tainted my mentality in a bad way. Although I wasn’t even having the worst of it in my circle, I had friends (not my friends now, just to be clear) who would go around watching real life gore videos, even on the fucking school computers, which I found sinister and disgusting, I really don’t want to think about how that messed with them.

So there really are risks, kids being exposed to people being brutalised, porn warping their ideas of sex before they’re ready to experience it for real, propaganda burrowing into their minds before they have the tools to judge it and think for themselves, for most damage done is recoverable, for some it may screw them up for good. But either way we should try to avoid it, sadly I’ve seen parents who will just give their kid a device, maybe a phone or tablet, plop them in front of it and treat it as their kid’s off switch, while I understand why they might do that, trying to give themselves peace in the difficult world of parenting, it can be very irresponsible and cause lots of damage, many parents above my generation aren’t internet savvy and aren’t aware of the harm that can cause.

What the government could actually do with is some powerful info campaigns encouraging parents to think carefully about this stuff, keep a watchful eye (the younger they are, the more watchful they should be) and know the tools of the trade to establish guard rails, but they shouldn’t be establishing a culture of guilty until proven innocent, where they try and force companies to set up useless expectations that everyone’s a kid until proven otherwise.

That’s all 5, as for 7, I’ve already said my piece on why I don’t think the power should exist to force socials to reveal kids private details, and why CSEA/CSAM scanning might seem reasonable on the surface, but is actually a very sinister concept, these parts are basically a straight copy of the rules in Part 4, rules which were suspended to appease privacy and plausibility concerns, putting them back in 7 is just a dodgy loophole, saying that while the powers of Part 4 don’t exist, 7 gives OFCOM the power to try and force them in anyway whenever they want.

Then there’s a slight return to nuance with the mammoth of the mammoth, part 3, where I understand some of it but disagree with most of it.

When it comes to illegal content, I don’t agree with most of the terrorism laws listed (except obvious ones like weapons training), where I’ve already written an article pushing back on them, arguing how they can be misused, and the concerns for free expression they cause, but many other laws like cracking down on CSAM, threats, stalking, etc etc are obviously agreeable, these crimes can’t always be caught if you don’t break encryption and that’s a price I’m willing to be paid, but where these things can be seen they should be dealt with.

How much of that should be for socials to deal with and how much the gov? Mostly gov, but I can’t say I’m against holding them accountable if they don’t get rid of CSAM they know about.

As for “legal but harmful” content, if it’s legal the government shouldn’t be meddling with it in my mind, stopping kids from accessing it is again for guardians not the government, and while I sympathise with giving adults the ability to opt out of some topics, that sympathy doesn’t go to the point where I agree the gov should be able to strangle platforms into adopting it.

It has also led to even more unnecessary age checks as while the law only specifically demands them for porn many companies would rather just use them more widely and try to block off minors from their services than create a tailored kids algorithm with more restrictions, invest in intensified moderation, or risk getting punished for not doing enough by using other methods of age detection, so now you need to start showing your ID just to use social features on Xbox or even listen to “explicit” music on fucking Spotify of all things, making large swathes of the internet a more intrusive and tedious place to navigate for no good reason.

When it comes to the issues of “democratic importance” I’m sympathetic to the part about notifying ban reasons as I mentioned already, but the rest, I don’t care if content has “democratic importance”, free speech and free expression includes freedom to speak and not to, platforms shouldn’t be forced to remove or keep content just because the government wants them to.

So there are bits of this behemoth that aren’t so bad, but much of it is a draconian disasterpiece.

The Last Word
#

I’m obviously biased to really hate it because of my views on the internet, where partly just on my own and partly from Massi’s influence I have a view of the internet that I usually label as “Internet Anarchism”, where we view the internet as an international free platform that no government has a right to regulate and just on a practical level any attempts to do it are easy to bypass, a “wild west”. It’s easy enough to set up VPNs, share files privately, bypass paywalls and shovelled ads, “you wouldn’t download a car”? Yes I fucking would!

Although it’s becoming a more corporatised, meddled with place, that foundation is still there and will probably never go away thanks to the internet’s decentralised, international nature.

And while I’d like much of that free expression to exist on a national level too, while it doesn’t I value the internet for being the way around all those rules. Obviously we have our exceptions to these principles, if nonce porn platforms or dark web sites dedicated to ordering assassins get shut down we’re not going to be crying about it, but in general we really value the internet not just as a means to expand communication in a way past generations never dreamed of, but to create and preserve freedoms we’ve otherwise lost.

Looking at my online community, my closest creative collaborator is a German, with that German I share ties to a Pole, several Czechs and some Hungarians, we’ve also collaborated with a Malaysian and I almost daily chat with an Australian and these people have all inspired our work in their own ways, in the past I used to hang out with Libyans, Americans.

I did all this on platforms from a variety of places, Google, YouTube, Discord and DuckDuckGo are from the US, Vivaldi my browser is from Norway, Skype was from Luxembourg, used on operating systems (Windows and Kubuntu) with a mix of US, British and German foundations and international contributions around the world.

So not that I believe in “rule of law” anyway, but say I did, why would I believe any one country should get to say how these things all work?

And for the first 30 or so years of this tech, I think governments mostly did actually understand these problems, leaving the internet mostly deregulated partly because they didn’t understand the tech, partly because they just realised that weren’t going to get far if they tried, and partly because they realised it was better for growth and cultural engagement that way.

But in the last few years that understanding is slipping away, leading to what I called in our Ukrainian Divide project a series of attempts to “nationalise the internet”, which will always have a paradoxical impact: Doomed to fail but capable of intense harm.

The sheer number of loopholes means they’ll never establish the kind of control they’re meant to create will never work, and since I’ve started writing this early stories are already coming out to show it, 4chan has casually ignored British demands to impose age regulations and once they started levying fines for non compliance 4chan’s lawyers have told them to get lost, since they’re not UK based there’s nothing the government can really do except ban them, bans that can easily be bypassed.

Porn sites enforcing checks have seen a massive “drop” in UK traffic, which idiots have treated as a sign the rules are working, when it’s obvious what’s actually happening, VPN apps have become the most downloaded apps in the country, that traffic hasn’t stopped, it’s migrated, same people, same traffic, different connections.

And with the VPN problem the government has already been forced to pretty much admit defeat, with our tech minister admitting that the checks can be dodged, using a number of embarrassing tactics to try and convince people not to, sheepishly asking nicely, ridiculously claiming that verifying your age protects a child, or just shaming, presenting non compliance as a sign of being a sinister abuser, he recently branded Nigel Farage a friend of serial child abuser (thankfully now rotting in the dirt) Jimmy Saville for speaking out against the law, and much as I don’t want to defend a far right political leader I do have to say that being against authoritarian throttling doesn’t make him a fan of kiddy diddlers.

None of this is going to work because people aren’t going to accept rules that inconvenience them and give them fears over data handling over propaganda tactics from a government that already isn’t trusted or valued.

But even so, it’s a government that now has more power over media and people, to fine, jail and muffle, power that definitely doesn’t belong in their hands, that does make it a real threat even if it’s one we definitely have the means to beat.

And there’s a real risk of more tools ending up in their toolbox, well meaning authoritarian activists will try to tighten the throttle until we choke, the latest push, for VPNs to be forced into ID checks just like the webpages, another layer of red tape wrapping round people’s means to get their sovereignty back.

But if it happens, which wouldn’t surprise me at all as the government tries to close their loopholes and turn the paper tiger into a real one, they’ll just lose again, there will be the defiant and the people who don’t have any fear because they’re not here, out of the reach of this stupid government, leaving their only tool as blocks that can be beaten by more mirrors, and in the end if we want our sovereignty we’ll still have the means to take it.

The good thing is this isn’t a hope of mine, it’s something I just know for a fact is going to happen, we’re not going to give up the last word on how things will go, no matter how much any government might want it, there will be problems, services that can’t be accessed, constraints we have to work with, something we’ve already had to do before, EU regulations forced us to exclude some content from Ukrainian Divide so we could keep it up on YouTube, I’ve had to word my Terror Article carefully in some places to avoid giving my government an excuse to throw me in jail for potentially years, but ultimately we can still choose what we want to see and say and it’s not a right we’re going to give up.

You don’t have to negotiate your rights, find the tools or build them, and use them, keep your spaces how you want them, they’re yours.


Changelog
#

  • Edit 1 - 27/08/25 - Added links to Divide Episode 4 from the new Divide Multimedial release

Related

LBRY - An attractive YouTube alternative?
·2102 words·10 mins· loading · loading
Cheecken
The Democracy Bonus - Going Local
·5955 words·28 mins· loading · loading
Elwood
What makes a country?
·8879 words·42 mins· loading · loading
Elwood