Online Safety Bill shouldn’t rely on technology to deliver child protection

LONDON (Aug. 31, 2023) — The Online Safety Bill (OSB) should not rely on emerging technology solutions to deliver child protection without rigorous analysis of their flaws - according to a new paper published by the professional body for IT.

The paper, produced by BCS, The Chartered Institute for IT’s Fellows Technical Advisory Group (F-TAG) calls for a comprehensive approach to online safety, highlighting the need to consider not only technical solutions, but also education, awareness and privacy concerns.

The paper also warns against compromising encryption and emphasises the importance of understanding the risks and implications of technology before enacting legislation.

It makes a number of recommendations detailing the technical and privacy challenges with the bill - which is due to return to The House of Lords for its third reading in September.

They include:

- Policy makers need improved understanding of the technology issues posed by the OSB, to avoid unintended consequences as the bill moves into law.
- Legislation should address not just technical intervention, but also education, training of professionals, and public awareness programmes.
- Online safety policies should aim to provide young people, their parents and advisers with an understanding of risks and how to mitigate them, rather than assuming technology will prevent those risks from arising.
- Compromising end-to-end encryption (used by popular messaging apps) is not possible without introducing systemic risks and ‘bugging’ millions of users phones.
- Age-verification proposals are not yet proven to adequately prevent illegal access to material. Similarly, current detection of Child Sexual Abuse Material (CSAM) is highly unreliable.
- The UK’s international reputation on data security is likely to decline with legislation that undermines encryption – as illustrated by public statements from WhatsApp and Signal.

Competence, inclusivity, ethics and accountability

Rashik Parmar MBE, Chief Executive of BCS, The Chartered Institute for IT said: “The Online Safety Bill contains wide-ranging legislation that aims to regulate internet content to keep people safe.

“For the bill to deliver on its intended purposes, its implementation and evaluation must be collaborative. Those responsible for creating the technology must ensure it meets the very highest standards of competence, inclusivity, ethics and accountability.

“We need to ensure technology is beneficial for the public and building confidence in it is a priority.”

Robin Wilton, Director of Internet Trust at the Internet Society added: "The trust that the Government places in emerging technologies to solve societal problems is unproven. Technologies that compromise encryption through circumvention or backdoor access would expose UK residents to a new array of online harms, including blackmail and scams.

“The simple truth is that these technologies will fail to provide a magical cure to these problems, with the added effect of undermining the security and privacy of everyone. Instead, it is essential that Government increase its support for proven policies with less dangerous consequences, like public awareness campaigns, professional training, and analogue police work."