Continued construction of the Great Wall of Starmer continues apace...

The OSA dates which received royal assent in 2023, it's a tory-brexiter act, the blame lies with them not the current gang of self-serving posturers.

https://www.legislation.gov.uk/ukpga/2023/50

The fact-averse may not like this, that's tough.

Labour fully supported it.

But it is also worth noting that most of the legislation came from Carnegie UK, not the Tory party.

But it's the Tories that made it law and signed it into effect.

The fact OFCOM are happy to name the porn companies but not the 'suicide forum' sums it up. A legitimate cause, and grieving parents, weaponised by mainly Tory puritans for much greater control.

Do you want to be the one MP who stands up in Parliament trying to argue that the research shows videos of graphic bum sex are not really that bad for children, quite fun to have a laugh at during lunch break actually, all part of the learning process, that it should be up to parents and teachers to control internet access, and decide how & when they educate children, and that the legislation is wholly disproportionate?

Only to be shot-down by the argument that parents clearly can't successfully control internet access and kids have died as a result . Shame on you for even questioning this bill.

No you don't. So they all got in line.

The 2015 Tory Manifesto is where it began (so not actually the Brexiteer faction). They weren't successful until it got tied to the suicide harms which weren't even mentioned to begin with:

We will protect children

Every child deserves a warm, loving home, and to feel safe online and at school. We have made improving support for children and young people with special educational needs and disabilities a priority blah blah blah, lots of other pretty great stuff to pad the section and leave the controversial bit til last And we will stop children's exposure to harmful sexualised content online, by requiring age verification for access to all sites containing pornographic material and age-rating for all music videos

" weaponised by unelected NGOs for much greater control"

Fixed it for you.

What does Carnegie UK have to gain from the OSA? Politicians will always bend to 'won't someone think of the children!'.

Carnegie invest in biometric verification firms and the Carnegie UK Trust pushes the OSA, so the theory goes.

What does Carnegie UK have to gain from the OSA?

Nice narrative you've got on repeat there but there are lots of charities, trusts and think-tanks lobbying for all kinds of stuff all the time and they didn't get involved until long after the Tories did.

repeating comment from Wikimedia Foundation loses first court battle to swerve Online Safety Act regulation

[ [1]Link ]

The OSA 2023 was drafted, debated and passed under the previous Tory administration - but with little guidance on how the Act was to be complied with. This Labour administration has put it on steroids by the guidance it has established on what organizations need to do in order to comply with the Act, and possible means of compliance.

The Tories rightly deserve heavy criticism for the original OSA 2023, but Labour has earned the opproprium being directed at it for what it has done in beefing up the Act.

(and since you were asking about facts - https://votes.parliament.uk/votes/commons/division/1926)

[1] https://forums.theregister.com/forum/all/2025/08/11/wikimedia_foundation_loses_online_safety/

This is rubbish, especially the 'steroids' quip. The original act compels the government to set thresholds once OFCOM has advised what those thresholds should be. This is just part of the timeline for the Act coming into effect, and was set in 2023.

https://www.legislation.gov.uk/ukpga/2023/50/schedule/11

Count the number of occurrences of 'The Secretary of State must make', also note the requirements for OFCOM to 'carry out research' first. The vote you link is just secondary legislation being rubber-stamped without debate following OFCOM's 'advice' which was always going to be followed unless a government was willing to invest significant political capital U-turning the whole show.

Here is the original Act's impact assessment, the numbers brought into the highest categories seem reasonably close to how it's panned out: https://assets.publishing.service.gov.uk/media/6231dc9be90e070ed8233a60/Online_Safety_Bill_impact_assessment.pdf

Wow what a waste of resources compiling that 'literature'. no wonder businesses struggle in UK. thought US was bad. yikes. so if I sneeze in public in UK then I've probably broken some law.

pretty much

that'll be a £1k fine which doubles every 2 weeks of none payment & doesn't matter if it wasn't you that sneezed your still guilty if you where in the vicinity also good luck appealing.

There appears to be no consideration of the risk or impact of data breaches of the age verifiers. Search for "breach" produces most hits on breach of contract. There are very few mentions of "personal data". There are a few hits for "privacy including this magnificent piece of hand-waving:

"There are a number of indirect costs and wider impacts on society which have not been monetised, these include ... privacy implications*, and trade impacts - these have all been thoroughly assessed qualitatively." followed, unsurprisingly, by an empty table in which benefits could be but aren't listed.

* Yes, next to last.

That's because there hasn't been a breach that revealed the names of MPs visiting porn sites. Just a matter of time.

> Continued construction of the Great Wall of Starmer continues apace

If there's one thing in common between the two major UK political parties, it's that they often want to restrict what the "common people" can do.

The only real difference tends to be the justification: the right-wing tend to whitter on about moral principles, while the left is more likely to ask if anyone is thinking of the children.

Meanwhile, both sides tend to want exceptions for themselves.

And it's not just in the UK; over in the USA, it's perhaps quite telling that services such as Grindr see a major spike in usage whenever there's a Republican convention, despite the fact that said politicians spend much of their time seeking to shut down that type of service, while simultaneously preaching about things like the sanctity of marriage and the sins of the flesh...

https://www.fusemagazine.com.au/lgbtiq-news/world/834-the-grindr-superbowl-in-the-bizarre-world-of-us-republicans.html

https://unherd.com/newsroom/grindr-ceo-confirms-significant-user-spike-during-rnc/

"If an image's hash matches or shows signs of similarity with one in the database"

Surely any has function worth its salt either matches or it doesn't. Similarity of hash means a quite different object being hashed.

The term "hash" is now often used more generally to include a function of some data that allows approximate matching while still being much smaller than the original and not allowing it to be reconstructed. For example, the fingerprint data stored in a phone.

See https://www.ofcom.org.uk/siteassets/resources/documents/research-and-data/online-research/other/perceptual-hashing-technology.pdf?v=328806

The CSAM perceptual hash function, and list of matching hatches, are private. There are hash functions that are public, but you try asking OFCOM to publish the list of hashes in N different formats and see what happens....

So small web sites, FOSS etc are SOL.

AGAIN

Many (many, many) years ago when I was writing forensic investigation tools - as a sideline to writing and using data recovery tools - a library of hashes was readily available. You had to sign up for it which makes sense but it wasn't a secret. The feature was really very useful. Our file system explorer used it by default and it would colour code directories to indicate that they were known installs (one colour, for 'as expected', another colour for 'not as expected'). Our software would also create a separate virtual folder where everything that matched with a 'naughty' hash would appear. We also flagged files whose extensions didn't match what the hash indicated - a common trick employed by 'wrong uns' at the time apparently.

Then again this was so long ago that we were only just starting to consider switching from MD5 to something with fewer collisions and the library updates came on a CD.

Today we've seen it in action, holding platforms to account...

They really are utterly deluded, aren't they?

As 4chan's lawyers have already pointed out in a legal response (TL;DR - "Fuck Off"), 4chan has no assets in the UK and the chances of anyone getting a confiscation order by stomping all over their First Amendment rights in the US is about 0% of the square root of bugger-all.

So all this is actually meaningless.

I await the 4chan memes about this.

@TeeCee: Thanks, that sort of answers the question I came here to ask. If 4chan (or any other internet entity) chooses to ignore UK (or any other geopolitical entity) fines, how does the UK (or any other geopolitical entity) propose to collect them?

Stomp their feet and scream.

Well, I suppose they could compel British providers to block their IP address, but that might show up the harsh level of censorship that the current government is engaging in (because that's going so well when trying to label supporters of Palestinians a bunch of terrorists, right?).

> stomping all over their First Amendment rights in the US

The Online Safety Act is UK law and 4chan is owned by Hiroyuki Nishimura who is Japanese, nothing to do with the USA and your meaningless ammendments.

you should reread everything

Yeah, I'm quite surprised that Ofcom is still making a noise about this. Surely they realise they haven't a hope of extracting any money from 4chan? Would be much better for Ofcom to quietly let this "investigation" get forgotten, and focus on investigations where they do have some legal power.

The best way for all of the world is to geoblock the UK completely, regardless what content you are distributing. Let them have the UK Internet in the UK only to see the UK for the UK where no one can take a peek other than the UK.

Fine, we'll build our own internet with blackjack and hookers.

....both blackjack and hookers deemed not valid content on the UK Internet under the OSA...

They've banned Russian bombers and rugby players? The swines.

Only for the age-verified users, of course!

They will just add an endless number of sites that do not cough up cash to ISP block lists.

The UK is like China now. You do not want to develop tech here, base tech here or allow your tech to be used or accessed from here.

On the plus side, I now hate Labour for passing this when we had optional ISP blocks as much as I hate the Tories for Brexit and cooking it up. I will not vote for either party for the rest of my life. As much as I think Reform will be a disaster, I would like to see both Labour and Tory get wiped out at the next election. The UK is over. Broken beyond fixing by its politicians. So no reason to care what happens next.

This is no Labour government, they're Temu quality Tories using the Labour name.

And given the awfulness of the Tory days, it's actually quite astonishing how badly Labour are fucking this up, it's almost as if they're doing it on purpose...

"The UK is over"

Stop getting your "news" from X and Musk, you hyperbolic simpleton.

You have absolutely no idea of what China is like, and it shows.

But the end justifies the means, and saving the children justifies any means, even if they're irrelevant to the purpose and useless in practice.

Just like Section 28 was. That's where we're going.

That's ironic. 4chan's normal game is pretending things do exist.

I am seeing more and more internet broken in the UK. It's very much unusable without VPN.

For instance, on one specialist forum that I use, people post content to imgur and then link images to the forum. Given that imgur geoblocked UK, you cannot see what people are talking about.

Then some UK services block access from VPN.

So you have to constantly change VPNs and turn them on and off.

Ahhhh, that's why sites I've used lately that inline imgur have blank images...

Does this goon really think 4chan is going to listen to her or Ofcom.

The USA rightly had a revolution to kick nonentities like this out of their business.

Governments the world over seem to be playing a game of chicken with their citizens.

"How many ways can we control them?..." isn't a long term strategy for a society. It's sad that history isn't read and our grandparents' wisdom is ignored.

4chan can stop the additional fines by providing copies of its illegal content risk assessments and information about its qualifying worldwide revenue to Ofcom.

When opening the investigation, Ofcom said it was looking to understand whether 4chan has failed, or is failing, to abide by its duties under the Online Safety Act.

4chan is well regarded as the cesspit of the internet, I'd imagine there is plenty of content there to take more proactive enforcement including speaking to regulators in the nations that host 4chan & also invoking law enforcement in this jurisdictions to quash the content and those posting it. the fact they are not doing so demonstrates this is more about control of content by strong-arming those that run the sites.

Tech secretary Liz Kendall said: "The Online Safety Act is not just law, it's a lifeline. Today we've seen it in action, holding platforms to account so we can protect people across the UK.

"Services can no longer ignore illegal content, like encouraging self-harm or suicide, circulating online which can devastate young lives and leave families shattered.

"This fine is a clear warning to those who fail to remove illegal content or protect children from harmful material. We fully back the regulator in taking action against all platforms that do not protect users from the darkest corners of the internet."

First look at beefed-up requirements

Among Ofcom's proposed amendments to its obligations to platforms was the requirement for in-scope apps and websites to make use of hash-matching technology, which is seen as a more accurate, automated way of preventing the dissemination of illegal content such as CSAM.

Hash matching involves a system fingerprinting an image and comparing the hash it generates to a database of known harmful images, which are also hashed. If an image's hash matches or shows signs of similarity with one in the database, then it can be removed entirely autonomously and reported to local authorities for follow-up investigations.

again shows its enforced self censorship by the content providers using extensible tools the government controls.

While platforms are forbidden from guiding users toward these types of workarounds, this alone is unlikely to prevent VPNs being used to bypass geo-blocks and similar measures.

so this drivers normal users into using extra techniques to restore service to the services they use which will look just like the techniques used by the bad actors who are posting & hosting the nasty content we all want to be eradicated.

this won't stop the evil doers but does Beverly impinge on normal peoples ability to use services and severely impacts our privacy.

A better way to keep citizens and. kids safe online would be for the BBC to run a walled garden Internet that can be accessed via an app on our phones/tablets or a website.

The BBC can then run scam scanning and provide a means and mechanism to report dangerous content.

parents can then rely on the service to keep kids safe online and adults can use it too safe in the knowledge that there is less risk of happening across undesirable material & if we did we could report it & prompt action can be taken.

it would go some way to justifying our licence fee.

Personally I'd open it up for global use as kids planet wide can take advantage of the walled garden approach.

The fact that government hasn't come up with the idea or that big tech hasn't either just shows that no one is interested in stopping the nasty content but they are interested in censoring us using the nasty content as the stick.

if it was run by big tech with a requirement that in order to reach their subscribers vendors must adhere to these scanning solutions etc it'll have a better chance of success,

everyone would know that to go raw internet there be dragons but go by walled garden & your kids are safe. easy message to get through.

yes there will be monsters who would seek to deliberately put nasty content in there but as a walled garden it should be easier to spot, easier to report & easier to stamp out. all while leaving the raw internet for the rest of us.

The number of organizations issuing TLS/SSL certs is decreasing and once the 47 day requirement hits, there isn't much of a business model left for most of that industry. That means the number of groups that can control who has a valid web site goes way down. Right now there are about 500 top level domains so it is trivial to hop from example.com to exmaple.somethingelse but there are less than 70 organizations that can issue a valid SSL certificate and about half of those are country specific.