UK Online Safety Regulations and impact on Forums

RobinHood said:
That looks like a really cool tool you've been working on.

For the purpose of just analysing single message DMs though, surely you don't need such huge context limits?
Click to expand...
True depends on how you plan to analyse Xenforo messages. To get around API limits, you can batch thread/messages into one API call, so that can increase token context sizes. In a 1 - 2 million context LLM model, you could batch between 10,000 and 20,000 messages in one API call https://github.com/centminmod/or-cli/blob/master/examples/example-structured-xenforo-output.md :)
 
chillibear said:
FWIW I did contact Yoti, prices start at about £200 a month.

We've mulled over the joys of this catch22 in a few posts earlier in the thread, but basically if you can't prove children are not accessing your site then you have to assume they might be. That will impact your risk assessment, ie you have to consider children using the site, but doesn't mean you have to have age verification, but having it might make life easier!
Click to expand...
Thank you! Well I aint paying £200 a month! And thinking about it, face id could be fraught with difficulties. Many 18 year olds look younger than they are. I agree it would make life easier to have age verification.

This is the document I've just spent ages filling in (and that's just for one forum). I can't seem to link it for some reason so here's a screenshot of the top of it. There are then boxes to fill in for each "risk" and how you mitigate it.

Apparently this isn't even a risk assessment - it's just record keeping. So I need to do a risk assessment as well?

OFcome screenshot.webp
 
ICU A3 - Large or multirisk services - Written statement of responsibilities

Does this include small services who are classed as multirisk even if it's low risk?
 
ICU D9? Services that are neither large not multirisk (so does that mean all services or only small services?) Something about an appeals process.

Sorry - has anyone gone through all these recommendations and there's a guide to whether they apply to forums generally or not?!
 
ICU G3 - Terms of service: Clarity and accessibility - does this mean we have to make the site fully accessible with special features = braille?!!
 
"
Individual accountable for illegal content safety duties and reporting and complaints duties

ICU A2


This measure sets out that providers should name an individual accountable to the most senior governance body for compliance with the illegal content safety duties and the reporting and complaints duties."

Does this mean you have to display your real name somewhere, publicly? If as owner of the forum, you are the accountable person?
 
Jon12345 said:
Regarding this pointless exercise, I need to get moving on it because the bill must be taking effect real soon now, if it hasn't already kicked in. Given that, do I need to send them anything, or is it just a question of doing a written audit for your own site, and then storing that? Yes, I am aware of the need to act fast on people reporting complaints, but aside from that. I feel a bit overwhemled by it all.
Click to expand...
Here you go. Just got to nearly the end of the Ofcom online guide, having read the 84 pages of the Illegal Content Codes of Practice, and it says this.

"Once you have decided on safety measures for your service, you will need to implement them.


We recognise that it may take some time for you to implement the necessary measures to bring yourself fully into compliance with the relevant duties. We also acknowledge that some measures may take longer than others to implement. As such, for approximately the first six months following the duties coming into force, we will focus on ensuring service providers are adequately assessing risk and taking steps to put in place the measures that will be most effective at protecting users, especially children, from serious harms. After six months, we would expect almost all of the measures recommended in our Codes of Practice to be in place.

We published our illegal content Codes of Practice as part of our statement on 16 December 2024. The Codes of Practice will come into force from 17 March 2025."
 
I'll stop posting now! But I think the TOS is going to need a big update to comply with all that. And also put in a more prominent place. Plus "contact us" needs to be in a more prominent place.
 
My general feeling is that this act makes us, as forum owners, much more accountable than before, overriding disclaimers and various aspects of the current terms of service. The responsibility is all on us now, not users responsible for what they post. IMO
 
Re age verification again. According to this it seems to say most sites can be assumed to be accessed by children unless they have an age verification process. (Mentions that further up in the article).

So the only way to be sure children don't access the site is to have age verification. So to me, that means we need age verification.

The Ofcom guidance (somewhere in the huge document about Age Verification) says ticking your age etc isn't seen as full age verification. It needs to be an acceptable type.

But - what about guests and unregistered users? They can see the site without even signing up!

Age verification needed.webp

LINK:
 
"Is it possible for children to normally access the service? You can only conclude it is not possible for children to access the service if you have highly effective age assurance."

So even with proper age vertification - does that mean a forum should only be visible to registered users and not guests?

I'm beginning to see why the bike forum just threw in the towel!

Childrens Access.webp

 
rogerl said:
I find it rather ironic that Meta in the guise of Facebook Messenger and Whatapp are able to continue to allow private messaging on the basis that it is technically not possible to look at the messages (because they are end to end encrypted
Click to expand...

Negative. Facebook definitely monitors Messenger private messages AND censors them. It's why I quit using Facebook... and then Messenger.
 
Alvin63 said:
Sorry - has anyone gone through all these recommendations and there's a guide to whether they apply to forums generally or not?!
Click to expand...
I have and so has a commercial entity via their qualified legal adviser on whose behalf I manage a forum. If you are asking for official guidance on your responsibilities as forum owner in regard to the act, here's the definition as set out on a .gov.uk webpage (note my embolden text).

The Act’s duties apply to search services and services that allow users to post content online or to interact with each other. This includes a range of websites, apps and other services, including social media services, consumer file cloud storage and sharing sites, video-sharing platforms, online forums, dating services, and online instant messaging services.
Click to expand...
www.gov.uk

Online Safety Act: explainer

www.gov.uk www.gov.uk

In addition forum owners outside of the UK may have similar obligations. From the same .gov.uk page...

The Act applies to services even if the companies providing them are outside the UK should they have links to the UK. This includes if the service has a significant number of UK users, if the UK is a target market, or it is capable of being accessed by UK users and there is a material risk of significant harm to such users.
Click to expand...

My personal view based on common sense and a hint of legal advice is if your forum is family/child friendly (reference my previous post regarding the 130 priority offences) and has proper procedures for maintaining that environment with no private messaging then you have to all intents and purposes satisfied the requirements of the act.
 
One of my forums is child friendly but the other one isn't. I mean it's not anything solubrious but it relates to legal matters and family courts and not something children should be involved in. It doesn't breach any online safety but I'd probably need age verification on it.

On the other hand - until this child assessment becomes available in April we won't even know what it's like or how much that affects things. And from what I've read, everyone will need to do a Child Assessment, to be on the safe side - if children can access even a part of the site at any time, and regardless of age verification (ie if they could view as a guest). I have the addon that prevents more than x guest views before asking people to register, but that is still guest views.
 
Final question. It is still as clear as mud to me - which documentation we are supposed to have. I downloaded the file from the Online Safety Risk assessment and completed that - which took about two hours! Still stuck on the last bit of it. That';s the "record keeping" that needs updating each year. Does it also class as a risk assessment or do you need to draw up a separate document for a risk assessment (like the one @Mr Lucky has done?

I am also not clear whether an actual name (ie my name) has to appear in the TOS along with the bit about what measures you've taken to ensure online safety (a requirement for the TOS). Because I don;t want my real name publicly on the forum thank you!
 
Also. I am in terms_rules_text to edit the wording, but it just says (age). Where do I change the age number?
 
This is the link to the download file for record keeping (the one that's just taken me two hours to fill in) and I think this is the thing you have to email to Ofcom. I am still not clear if that is a risk assessment as well as record keeping (it seems to be). Where it says download the record keeping template. It downloads as a word file but seems to have extra properties (eg you can't upload the word file on here).

As far as I can tell this record keeping template is also the risk assessment.

Download file.webp
 
You must log in or register to reply here.
Back
Top Bottom