Around 450 People Will Be Working On The Enforcement Of The UK’s Online Safety Act – To Begin With, At Least…
Techdirt has been covering the UK's awful Online Safety Act for nearly five years now. During that time it has changed name - it was originally called the Online Harms Bill - but the many bad ideas have remained. Some have even become worse. For example, the UK government said that it wouldn't enforce the part that effectively outlaws encryption, but that it would leave the relevant section in the Act, which means that it could still be used at any time.
However badly drafted, the Online Safety Act is nonetheless law in the UK, which means we pass from the years of argument over what should be in the legislation to how it is actually enforced. That's the responsibility of the UK regulatory body Ofcom, which released last year a roadmap for rolling out the law. A news item in the Financial Times provides a glimpse of what is going on behind the scenes:
Ofcom has been poaching staff from Big Tech companies as the UK media watchdog prepares to enforce one of the world's toughest new regulatory regimes for the internet.
The regulator has created a new team of nearly 350 people dedicated to tackling online safety, including new hires from senior jobs at Meta, Microsoft and Google. Ofcom also aims to hire another 100 this year, it said.
To put those figures in context, Ofcom's most recent annual report (pdf) for 2021-22, shows that the average number of employees rose from 992 in 2020/21 to 1,102 the following year. The report says that this was primarily as a result of the preparation work for our new duties regarding Online Safety." Ofcom's Online Safety Act team, which is expected to grow to around 450 according to the FT news item, will represent therefore around a quarter to a third of the entire Ofcom personnel. That's a measure of how big the task facing them will be. It will also be an expensive undertaking. According to the FT article:
Ofcom has estimated that implementing the act will cost 166mn [around $210 million] by April 2025, of which 56mn [approximately $70 million] will have been spent by April this year. The regulator plans to create a fee structure for companies to recover costs.
It's not clear whether those figures take into account what is likely to become a major cost: legal battles.
Ofcom also expects that many of its decisions may need to be defended in the courts, with tech companies keen to challenge unclear aspects of the act to clarify the law. That will test how effective the watchdog is up against the legal teams of some of the world's deep-pocketed tech companies.
We are fully prepared to take risky cases in terms of our own legal exposure," said Suzanne Cater, director of enforcement at Ofcom. We will be up against some big companies; there could be a very hostile environment here."
That's putting it mildly. As we have seen with the EU's GDPR privacy legislation, companies like Meta are happy to litigate repeatedly in an effort to block rulings that would adversely affect their business models. There is likely to be a fierce fight against the Online Safety Act, which aims to bring in some of the toughest online regulations in the world. Ofcom will doubtless find that this is harder than it thinks, which will probably result in the Online Safety Act team growing larger to meet the increased demands placed upon it.
The danger is that Ofcom's Online Safety Act department will grow into a huge administrative monster that overshadows and drains the rest of the regulatory body, while still failing to bring about the revolution in online behavior the new law clearly aims to produce. Along the way it will also harm the UK's flourishing digital economy with an unrealistic new compliance regime, and encourage other countries to engage in the same hopeless quest to make the Internet safe."