Firms will be required to assess the risk

Firms will be required to assess the risk of users being harmed by illegal content on their platform, and take appropriate steps to protect them from it. There is a particular focus on ‘priority offences’ set out in the legislation, such as child abuse, grooming and encouraging suicide; but it could be any illegal content,” it writes in a press release, adding: “Given the range and diversity of services in scope of the new laws, we are not taking a ‘one size fits all’ approach. We are proposing some measures for all services in scope, and other measures that depend on the risks the service has identified in its illegal content risk assessment and the size of the service.”


The regulator appears to be moving relatively cautiously in taking up its new responsibilities, with the draft code on illegal content frequently citing a lack of data or evidence to justify preliminary decisions to not recommend certain types of risk mitigations — such as Ofcom not proposing hash matching for detecting terrorism content; nor recommending the use of AI to detect previously unknown illegal content.


Although it notes that such decisions could change in future as it gathers more evidence (and, doubtless, as available technologies change).


It also acknowledges the novelty of the endeavour, i.e. attempting to regulate something as sweeping and subjective as online safety/harm, saying it wants its first codes to be a foundation it builds on, including via a regular process of review — suggesting the guidance will shift and develop as the oversight process matures.