Internet News

The Australian internet industry has produced draft censorship rules related to age/ID verification. The schedule is for these to come into force in 2025.

One of the rules that has caught the attention is that search engines will be required to age/ID verify users before links to porn or gambling sites sites can be provided.

The draft codes will apply to websites, social media, video games, search engines, gaming companies, app developers and internet service providers, among others.

As is the case in most other countries, the authorities are refusing to specify exactly what age/ID verification mechanisms will be acceptable and will leave it to companies to take enormous commerical risks in guessing what mechanisms will be acceptable. Examples of options include checking photo ID, facial age estimation, credit card checks, digital ID wallets or systems, or attestation by a parent or guardian.

The codes have been developed by the Australian Mobile Telecommunications Association (Amta), the Communications Alliance, the Consumer Electronics Suppliers Association (CESA), the Digital Industry Group Inc. (Digi), and the Interactive Games and Entertainment Association (IGEA).

Dr Jennifer Duxbury, Digi's director for policy, regulatory affairs, and research, told Guardian Australia that the group doesn't speak for the porn industry, and added:

I can't predict what their reaction might be, whether they would withdraw from the market, or what's the likely outcome.

Ofcom writes:

Parliament set us a deadline of April 2025 to finalise our codes and guidance on illegal harms and children's safety. We will finalise our illegal harms codes and guidance ahead of this deadline. Our expected timing for key milestones over the next year -- which could change -- include:

• December 2024: Ofcom will publish first edition illegal harms codes and guidance. Platforms will have three months to complete illegal harms risk assessment.

• January 2025: Ofcom will finalise children's access assessment guidance and guidance for pornography providers on age assurance. Platforms will have three months to assess whether their service is likely to be accessed by children.

• February 2025: Ofcom will consult on best practice guidance on protecting women and girls online, earlier than previously planned. March 2025: Platforms must complete their illegal harms risk assessments, and implement appropriate safety measures.

• April 2025: Platforms must complete children's access assessments. Ofcom to finalise children's safety codes and guidance. Companies will have three months to complete children's risk assessment.

• Spring 2025: Ofcom will consult on additional measures for second edition codes and guidance.

• July 2025: Platforms must complete children's risk assessments, and make sure they implement appropriate safety measures.

We will review selected risk assessments to ensure they are suitable and sufficient, in line with our guidance, and seek improvements where we believe firms have not adequately mitigated the risks they face. Ready to take enforcement action.

Ofcom has the power to take enforcement action against platforms that fail to comply with their new duties, including imposing significant fines where appropriate. In the most serious cases, Ofcom will be able to seek a court order to block access to a service in the UK, or limit its access to payment providers or advertisers.

We are prepared to take strong action if tech firms fail to put in place the measures that will be most impactful in protecting users, especially children, from serious harms such as those relating to child sexual abuse, pornography and fraud.

Another layer of secrecy is being stripped from Australian internet users. At a time when users are being forced to and over personal ID data in the name of age verification, it seems that governments will be quick in demanding that internet companies have to hand over such data to them.

It was announced that internet companies will now be forced to reveal the ages of active users supposedly so that the Australian Government can get a grip on the impact these platforms are having on Australian kids.

Last week the Albanese Government announced sweeping reforms intended to boost transparency and accountability for digital platforms used by Australians including popular social media, messaging and gaming services. Communications Minister Michelle Rowland said the government had amended the Basic Online Safety Expectations to better address new and emerging online safety issues and help hold the tech industry accountable.

The new Determination will also require companies to provide, on request of the eSafety Commissioner, a report on the number of active end-users of services in Australia, broken down according to the number of users who are children or adults.

eSafety Commissioner Julie Inman Grant said that without information on users' ages, the Government was flying blind. Inman Grant said these strengthened powers meant her office would now be able to find out precisely how many children are on specific services. She said:

This needs to be a starting point of understanding how many under-aged users are on these platforms today, otherwise governments are flying blind. If we're serious about effectively managing the ages and stages at which a child can partake in social media, we need to move forward with all technology companies deploying effective age-assurance systems.

With a theatrical flourish clamouring to the 'won't somebody think of the children' mob, Ofcom has proposed a set of censorship rules that demand strict age/ID verification for practically ever single website that allows users to post content. On top of that they are proposing the most onerous mountain of expensive red tape seen in the western world.

There are few clever slight of hands that drag most of the internet into the realm of strict age/ID verification. Ofcom argues that nearly all websites will have child users because 16 and 17 year old 'children' have more or less the same interests as adults and so there is no content that is not of interest to 'children'

And so all websites will have to offer content that is appropriate to all age children or else put in place strict age/ID verification to ensure that content is appropriate to age.

And at every stage of deciding website policy, Ofcom is demanding extensive justification of decision made and proof of data used in making decisions. The amount of risk assessments, documents, research, evidence required makes the 'health and safety' regime look like child's play.

On occasions in the consultation documents Ofcom acknowledges that this will impose a massive administrative burden, but swats away criticism by noting that is the fault of the Online Safety Act law itself, and not Ofcom's fault.

 

Comment: Online Safety proposals could cause new harms

See article from openrightsgroup.org

Ofcom's consultation on safeguarding children online exposes significant problems regarding the proposed implementation of age-gating measures. While aimed at protecting children from digital harms, the proposed measures introduce risks to cybersecurity, privacy and freedom of expression.

Ofcom's proposals outline the implementation of age assurance systems, including photo-ID matching, facial age estimation, and reusable digital identity services, to restrict access to popular platforms like Twitter, Reddit, YouTube, and Google that might contain content deemed harmful to children.

Open Rights Group warns that these measures could inadvertently curtail individuals' freedom of expression while simultaneously exposing them to heightened cybersecurity risks.

Jim Killock, Executive Director of Open Rights Group, said:

Adults will be faced with a choice: either limit their freedom of expression by not accessing content, or expose themselves to increased security risks that will arise from data breaches and phishing sites.

Some overseas providers may block access to their platforms from the UK rather than comply with these stringent measures.

We are also concerned that educational and help material, especially where it relates to sexuality, gender identity, drugs and other sensitive topics may be denied to young people by moderation systems.

Risks to children will continue with these measures. Regulators need to shift their approach to one that empowers children to understand the risks they may face, especially where young people may look for content, whether it is meant to be available to them or not.

Open Rights Group underscores the necessity for privacy-friendly standards in the development and deployment of age-assurance systems mandated by the Online Safety Act. Killock notes, Current data protection laws lack the framework to pre-emptively address the specific and novel cybersecurity risks posed by these proposals.

Open Rights Group urges the government to prioritize comprehensive solutions that incorporate parental guidance and education rather than relying largely on technical measures.