Legislation – Online Safety Act 2023

New Search

Introduction

PART 1
Introduction

1 Introduction

2 Overview of Act

PART 2
Key definitions

3 “User-to-user service” and “search service”

4 “Regulated service”, “Part 3 service” etc

5 Disapplication of Act to certain parts of services

PART 3
Providers of regulated user-to-user services and regulated search services: duties of care

CHAPTER 1 Introduction

6 Overview of Part 3

CHAPTER 2 Providers of user-to-user services: duties of care

User-to-user services: which duties apply, and scope of duties

7 Providers of user-to-user services: duties of care

8 Scope of duties of care

Illegal content duties for user-to-user services

9 Illegal content risk assessment duties

10 Safety duties about illegal content

User-to-user services likely to be accessed by children

11 Children’s risk assessment duties

12 Safety duties protecting children

13 Safety duties protecting children: interpretation

Category 1 services

14 Assessment duties: user empowerment

15 User empowerment duties

16 User empowerment duties: interpretation

17 Duties to protect content of democratic importance

18 Duties to protect news publisher content

19 Duties to protect journalistic content

Duties about content reporting and complaints procedures

20 Duty about content reporting

21 Duties about complaints procedures

Cross-cutting duties

22 Duties about freedom of expression and privacy

23 Record-keeping and review duties

CHAPTER 3 Providers of search services: duties of care

Search services: which duties apply, and scope of duties

24 Providers of search services: duties of care

25 Scope of duties of care

Illegal content duties for search services

26 Illegal content risk assessment duties

27 Safety duties about illegal content

Search services likely to be accessed by children

28 Children’s risk assessment duties

29 Safety duties protecting children

30 Safety duties protecting children: interpretation

Duties about content reporting and complaints procedures

31 Duty about content reporting

32 Duties about complaints procedures

Cross-cutting duties

33 Duties about freedom of expression and privacy

34 Record-keeping and review duties

CHAPTER 4 Children’s access assessments

35 Children’s access assessments

36 Duties about children’s access assessments

37 Meaning of “likely to be accessed by children”

CHAPTER 5 Duties about fraudulent advertising

38 Duties about fraudulent advertising: Category 1 services

39 Duties about fraudulent advertising: Category 2A services

40 Fraud etc offences

CHAPTER 6 Codes of practice and guidance

Codes of practice

41 Codes of practice about duties

42 Codes of practice: principles, objectives, content

43 Procedure for issuing codes of practice

44 Secretary of State’s powers of direction

45 Procedure for issuing codes of practice following direction under section 44

46 Publication of codes of practice

47 Review of codes of practice

48 Minor amendments of codes of practice

49 Relationship between duties and codes of practice

50 Effects of codes of practice

51 Duties and the first codes of practice

Guidance

52 OFCOM’s guidance about certain duties in Part 3

53 OFCOM’s guidance: content that is harmful to children and user empowerment

54 OFCOM’s guidance about protecting women and girls

CHAPTER 7 Interpretation of Part 3

55 “Regulated user-generated content”, “user-generated content”, “news publisher content”

56 “Recognised news publisher”

57 “Search content”, “search results” etc

58 Restricting users’ access to content

59 “Illegal content” etc

60 “Content that is harmful to children”

61 “Primary priority content that is harmful to children”

62 “Priority content that is harmful to children”

63 Content harmful to children: OFCOM’s review and report

PART 4
Other duties of providers of regulated user-to-user services and regulated search services

CHAPTER 1 User identity verification

64 User identity verification

65 OFCOM’s guidance about user identity verification

CHAPTER 2 Reporting child sexual exploitation and abuse content

66 Requirement to report CSEA content to the NCA

67 Regulations about reports to the NCA

68 NCA: information sharing

69 Offence in relation to CSEA reporting

70 Interpretation of this Chapter

CHAPTER 3 Terms of service: transparency, accountability and freedom of expression

71 Duty not to act against users except in accordance with terms of service

72 Further duties about terms of service

73 OFCOM’s guidance about duties set out in sections 71 and 72

74 Interpretation of this Chapter

CHAPTER 4 Deceased Child Users

75 Disclosure of information about use of service by deceased child users

76 OFCOM’s guidance about duties set out in section 75

CHAPTER 5 Transparency reporting

77 Transparency reports about certain Part 3 services

78 OFCOM’s guidance about transparency reports

PART 5
Duties of providers of regulated services: certain pornographic content

79 “Provider pornographic content” and “regulated provider pornographic content”

80 Scope of duties about regulated provider pornographic content

81 Duties about regulated provider pornographic content

82 OFCOM’s guidance about duties set out in section 81

PART 6
Duties of providers of regulated services: fees

83 Duty to notify OFCOM

84 Duty to pay fees

85 Regulations by OFCOM about qualifying worldwide revenue etc

86 Threshold figure

87 Secretary of State’s guidance about fees

88 OFCOM’s fees statements

89 Recovery of OFCOM’s initial costs

90 Meaning of “charging year” and “initial charging year”

PART 7
OFCOM’s powers and duties in relation to regulated services

CHAPTER 1 General duties

91 General duties of OFCOM under section 3 of the Communications Act

92 Duties in relation to strategic priorities

93 Duty to carry out impact assessments

CHAPTER 2 Register of categories of regulated user-to-user services and regulated search services

94 Meaning of threshold conditions etc

95 Register of categories of certain Part 3 services

96 Duty to maintain register

97 List of emerging Category 1 services

CHAPTER 3 Risk assessments of regulated user-to-user services and regulated search services

98 OFCOM’s register of risks, and risk profiles, of Part 3 services

99 OFCOM’s guidance about risk assessments

CHAPTER 4 Information

Information powers and information notices

100 Power to require information

101 Information in connection with an investigation into the death of a child

102 Information notices

103 Requirement to name a senior manager

Skilled persons’ reports

104 Reports by skilled persons

Investigations and interviews

105 Investigations

106 Power to require interviews

Powers of entry, inspection and audit

107 Powers of entry, inspection and audit

108 Amendment of Criminal Justice and Police Act 2001

Information offences and penalties

109 Offences in connection with information notices

110 Senior managers’ liability: information offences

111 Offences in connection with notices under Schedule 12

112 Other information offences

113 Penalties for information offences

Disclosure of information

114 Co-operation and disclosure of information: overseas regulators

115 Disclosure of information

116 Intelligence service information

117 Provision of information to the Secretary of State

118 Amendment of Enterprise Act 2002

119 Information for users of regulated services

120 Admissibility of statements

CHAPTER 5 Regulated user-to-user services and regulated search services: notices to deal with terrorism content and CSEA content

121 Notices to deal with terrorism content or CSEA content (or both)

122 Requirement to obtain skilled person’s report

123 Warning notices

124 Matters relevant to a decision to give a notice under section 121(1)

125 Notices under section 121(1): supplementary

126 Review and further notice under section 121(1)

127 OFCOM’s guidance about functions under this Chapter

128 OFCOM’s annual report

129 Interpretation of this Chapter

CHAPTER 6 Enforcement powers

Provisional notices and confirmation decisions

130 Provisional notice of contravention

131 Requirements enforceable by OFCOM against providers of regulated services

132 Confirmation decisions

133 Confirmation decisions: requirements to take steps

134 Confirmation decisions: risk assessments

135 Confirmation decisions: children’s access assessments

136 Confirmation decisions: proactive technology

137 Confirmation decisions: penalties

138 Confirmation decisions: offences

Penalty notices etc

139 Penalty for failure to comply with confirmation decision

140 Penalty for failure to comply with notice under section 121(1)

141 Non-payment of fee

142 Information to be included in notices under sections 140 and 141

Amount of penalties etc

143 Amount of penalties etc

Business disruption measures

144 Service restriction orders

145 Interim service restriction orders

146 Access restriction orders

147 Interim access restriction orders

148 Interaction with other action by OFCOM

Publication of enforcement action

149 Publication by OFCOM of details of enforcement action

150 Publication by providers of details of enforcement action

Guidance

151 OFCOM’s guidance about enforcement action

CHAPTER 7 Committees, research and reports

152 Advisory committee on disinformation and misinformation

153 Functions of the Content Board

154 Research about users’ experiences of regulated services

154A Information for research about online safety matters

155 Consumer consultation

156 OFCOM’s statement about freedom of expression and privacy

157 OFCOM’s reports about use of age assurance

158 OFCOM’s reports about news publisher content and journalistic content

159 OFCOM’s transparency reports

160 OFCOM’s report about reporting and complaints procedures

161 OFCOM’s report about use of app stores by children

162 OFCOM’s report about researchers’ access to information

163 OFCOM’s report in connection with investigation into a death

164 OFCOM’s reports

CHAPTER 8 Media literacy

165 Media literacy

166 Media literacy strategy and media literacy statement

PART 8
Appeals and super-complaints

CHAPTER 1 Appeals

167 Appeals against OFCOM decisions relating to the register under section 95

168 Appeals against OFCOM notices

CHAPTER 2 Super-complaints

169 Power to make super-complaints

170 Procedure for super-complaints

171 OFCOM’s guidance about super-complaints

PART 9
Secretary of State’s functions in relation to regulated services

172 Statement of strategic priorities

173 Consultation and parliamentary procedure

174 Directions about advisory committees

175 Directions in special circumstances

176 Secretary of State’s guidance

177 Annual report on the Secretary of State’s functions

178 Review

PART 10
Communications offences

179 False communications offence

180 Exemptions from offence under section 179

181 Threatening communications offence

182 Interpretation of sections 179 to 181

183 Offences of sending or showing flashing images electronically

184 Offence of encouraging or assisting serious self-harm

185 Extra-territorial application and jurisdiction

186 Liability of corporate officers

187 Sending etc photograph or film of genitals

188 Sharing or threatening to share intimate photograph or film

189 Repeals in connection with offences under sections 179 and 181

190 Repeals in connection with offences under section 188

191 Consequential amendments

PART 11
Supplementary and general

192 Providers’ judgements about the status of content

193 OFCOM’s guidance about illegal content judgements

194 Time for publishing first guidance under certain provisions of this Act

195 Providers that are not legal persons

196 Individuals providing regulated services: liability

197 Liability of parent entities etc

198 Former providers of regulated services

199 Information offences: supplementary

200 Offence of failure to comply with confirmation decision: supplementary

201 Defences

202 Liability of corporate officers for offences

203 Application of offences to providers that are not legal persons

204 Extra-territorial application

205 Offences: extra-territorial application and jurisdiction

206 Payment of sums into the Consolidated Fund

207 Publication by OFCOM

208 Service of notices

209 Amendments of Part 4B of the Communications Act

210 Repeal of Part 4B of the Communications Act

211 Repeal of Part 4B of the Communications Act: transitional provision etc

212 Repeals: Digital Economy Act 2017

213 Offence under the Obscene Publications Act 1959: OFCOM defence

214 Offences regarding indecent photographs of children: OFCOM defence

215 Power to regulate app stores

216 Power to regulate app stores: supplementary

217 Power to impose duty about alternative dispute resolution procedure

218 Power to amend section 40

219 Powers to amend sections 61 and 62

220 Powers to amend or repeal provisions relating to exempt content or services

221 Powers to amend Part 2 of Schedule 1

222 Powers to amend Schedules 5, 6 and 7

223 Power to make consequential provision

224 Regulations: general

225 Parliamentary procedure for regulations

PART 12
Interpretation and final provisions

226 “Provider” of internet service

227 “User”, “United Kingdom user” and “interested person”

228 “Internet service”

229 “Search engine”

230 “Age verification” and “age estimation”

231 “Proactive technology”

232 Content communicated “publicly” or “privately”

233 “Functionality”

234 “Harm” etc

235 “Online safety functions” and “online safety matters”

236 Interpretation: general

237 Index of defined terms

238 Financial provisions

239 Extent

240 Commencement and transitional provision

241 Short title

SCHEDULES

SCHEDULE 1 Exempt user-to-user and search services

SCHEDULE 2 User-to-user services and search services that include regulated provider pornographic content

SCHEDULE 3 Timing of providers’ assessments

SCHEDULE 4 Codes of practice under section 41: principles, objectives, content

SCHEDULE 5 Terrorism offences

SCHEDULE 6 Child sexual exploitation and abuse offences

SCHEDULE 7 Priority offences

SCHEDULE 8 Transparency reports by providers of Category 1 services, Category 2A services and Category 2B services

SCHEDULE 9 Certain internet services not subject to duties relating to regulated provider pornographic content

SCHEDULE 10 Recovery of OFCOM’s initial costs

SCHEDULE 11 Categories of regulated user-to-user services and regulated search services: regulations

SCHEDULE 12 OFCOM’s powers of entry, inspection and audit

SCHEDULE 13 Penalties imposed by OFCOM under Chapter 6 of Part 7

SCHEDULE 14 Amendments consequential on offences in Part 10 of this Act

SCHEDULE 15 Liability of parent entities etc

SCHEDULE 16 Amendments of Part 4B of the Communications Act

SCHEDULE 17 Video-sharing platform services: transitional provision etc

Changes to legislation:

There are currently no known outstanding effects for the Online Safety Act 2023, SCHEDULE 4. Help about Changes to Legislation

Close

Changes to Legislation

Revised legislation carried on this site may not be fully up to date. At the current time any known changes or effects made by subsequent legislation have been applied to the text of the legislation you are viewing by the editorial team. Please see ‘Frequently Asked Questions’ for details regarding the timescales for which new effects are identified and recorded on this site.

SCHEDULES

SCHEDULE 4Codes of practice under section 41: principles, objectives, content

Section 42

General principles

1

In preparing a draft of a code of practice or amendments of a code of practice, OFCOM must—

(a)

consider the appropriateness of provisions of the code of practice to different kinds and sizes of Part 3 services and to providers of differing sizes and capacities, and

(b)

have regard to the principles mentioned in paragraph 2.

Annotations:
Commencement Information

I1Sch. 4 para. 1 in force at Royal Assent, see s. 240(4)(d)

2

The principles are as follows—

(a)

providers of Part 3 services must be able to understand which provisions of the code of practice apply in relation to a particular service they provide;

(b)

the measures described in the code of practice must be sufficiently clear, and at a sufficiently detailed level, that providers understand what those measures entail in practice;

(c)

the measures described in the code of practice must be proportionate and technically feasible: measures that are proportionate or technically feasible for providers of a certain size or capacity, or for services of a certain kind or size, may not be proportionate or technically feasible for providers of a different size or capacity or for services of a different kind or size;

(d)

the measures described in the code of practice that apply in relation to Part 3 services of various kinds and sizes must be proportionate to OFCOM’s assessment (under section 98) of the risk of harm presented by services of that kind or size.

Annotations:
Commencement Information

I2Sch. 4 para. 2 in force at Royal Assent, see s. 240(4)(d)

Online safety objectives

3

OFCOM must ensure that measures described in codes of practice are compatible with pursuit of the online safety objectives.

Annotations:
Commencement Information

I3Sch. 4 para. 3 in force at Royal Assent, see s. 240(4)(d)

4

The online safety objectives for regulated user-to-user services are as follows—

(a)

a service should be designed and operated in such a way that—

(i)

the systems and processes for regulatory compliance and risk management are effective and proportionate to the kind and size of service,

(ii)

the systems and processes are appropriate to deal with the number of users of the service and its user base,

(iii)

United Kingdom users (including children) are made aware of, and can understand, the terms of service,

(iv)

there are adequate systems and processes to support United Kingdom users,

(v)

(in the case of a Category 1 service) users are offered options to increase their control over the content they encounter and the users they interact with,

(vi)

the service provides a higher standard of protection for children than for adults,

(vii)

the different needs of children at different ages are taken into account,

(viii)

there are adequate controls over access to the service by adults, and

(ix)

there are adequate controls over access to, and use of, the service by children, taking into account use of the service by, and impact on, children in different age groups;

(b)

a service should be designed and operated so as to protect individuals in the United Kingdom who are users of the service from harm, including with regard to—

(i)

algorithms used by the service,

(ii)

functionalities of the service, and

(iii)

other features relating to the operation of the service.

Annotations:
Commencement Information

I4Sch. 4 para. 4 in force at Royal Assent, see s. 240(4)(d)

5

The online safety objectives for regulated search services are as follows—

(a)

a service should be designed and operated in such a way that—

(i)

the systems and processes for regulatory compliance and risk management are effective and proportionate to the kind and size of service,

(ii)

the systems and processes are appropriate to deal with the number of users of the service and its user base,

(iii)

United Kingdom users (including children) are made aware of, and can understand, the publicly available statement referred to in sections 27 and 29,

(iv)

there are adequate systems and processes to support United Kingdom users,

(v)

the service provides a higher standard of protection for children than for adults, and

(vi)

the different needs of children at different ages are taken into account;

(b)

a service should be assessed to understand its use by, and impact on, children in different age groups;

(c)

a search engine should be designed and operated so as to protect individuals in the United Kingdom who are users of the service from harm, including with regard to—

(i)

algorithms used by the search engine,

(ii)

functionalities relating to searches (such as a predictive search functionality), and

(iii)

the indexing, organisation and presentation of search results.

Annotations:
Commencement Information

I5Sch. 4 para. 5 in force at Royal Assent, see s. 240(4)(d)

6

In the case of a combined service—

(a)

the online safety objectives set out in paragraph 4 do not apply in relation to the search engine;

(b)

the online safety objectives set out in paragraph 5 apply in relation to the search engine, and accordingly references in that paragraph to a search service are to be read as references to the search engine;

(c)

the reference in paragraph 5(a)(iii) to a publicly available statement includes a reference to provisions of the terms of service which relate to the search engine.

Annotations:
Commencement Information

I6Sch. 4 para. 6 in force at Royal Assent, see s. 240(4)(d)

7

The Secretary of State may by regulations amend paragraph 4 or 5 so as to vary the online safety objectives for regulated user-to-user services or regulated search services, and such regulations may make consequential amendments of paragraph 6.

Annotations:
Commencement Information

I7Sch. 4 para. 7 in force at Royal Assent, see s. 240(4)(d)

8

If regulations are made amending the online safety objectives, OFCOM must, as soon as reasonably practicable after the regulations come into force, consider whether a review of the codes of practice published under section 46 is required and, if OFCOM consider that it is required, carry out a review to assess whether any amendments are needed to reflect the revised objectives.

Annotations:
Commencement Information

I8Sch. 4 para. 8 in force at Royal Assent, see s. 240(4)(d)

Content of codes of practice

9

(1)

Codes of practice that describe measures recommended for the purpose of compliance with a duty set out in section 10(2) or (3) (illegal content) must include measures in each of the areas of a service listed in section 10(4).

(2)

Codes of practice that describe measures recommended for the purpose of compliance with a duty set out in section 12(2) or (3) (children’s online safety) must include measures in each of the areas of a service listed in section 12(8).

(3)

Codes of practice that describe measures recommended for the purpose of compliance with a duty set out in section 27(2) or (3) (illegal content) must include measures in each of the areas of a service listed in section 27(4).

(4)

Codes of practice that describe measures recommended for the purpose of compliance with a duty set out in section 29(2) or (3) (children’s online safety) must include measures in each of the areas of a service listed in section 29(4).

(5)

Sub-paragraphs (1) to (4) apply to the extent that inclusion of the measures in question is consistent with paragraph 1(a) and the principles mentioned in paragraph 2(c) and (d).

Annotations:
Commencement Information

I9Sch. 4 para. 9 in force at Royal Assent, see s. 240(4)(d)

10

(1)

Measures described in a code of practice which are recommended for the purpose of compliance with any of the relevant duties must be designed in the light of the principles mentioned in sub-paragraph (2) and (where appropriate) incorporate safeguards for the protection of the matters mentioned in those principles.

(2)

The principles are—

(a)

the importance of protecting the right of users and (in the case of search services or combined services) interested persons to freedom of expression within the law, and

(b)

the importance of protecting the privacy of users.

(3)

In sub-paragraph (2)(b) the reference to protecting the privacy of users is to protecting users from a breach of any statutory provision or rule of law concerning privacy that is relevant to the use or operation of a user-to-user service or a search service (including, but not limited to, any such provision or rule concerning the processing of personal data).

(4)

In this paragraph “the relevant duties” means the duties set out in—

(a)

sections 10 and 27 (illegal content),

(b)

sections 12 and 29 (children’s online safety),

(c)

section 15 (user empowerment),

(d)

section 17 (content of democratic importance),

(e)

section 19 (journalistic content),

(f)

sections 20 and 31 (content reporting),

(g)

sections 21 and 32 (complaints procedures), and

(h)

sections 38 and 39 (fraudulent advertising).

Annotations:
Commencement Information

I10Sch. 4 para. 10 in force at Royal Assent, see s. 240(4)(d)

11

Measures described in a code of practice may relate only to the design or operation of a Part 3 service—

(a)

in the United Kingdom, or

(b)

as it affects United Kingdom users of the service.

Annotations:
Commencement Information

I11Sch. 4 para. 11 in force at Royal Assent, see s. 240(4)(d)

Content of codes of practice: age assurance

12

(1)

This paragraph is about the inclusion of age assurance in a code of practice as a measure recommended for the purpose of compliance with any of the duties set out in section 12(2) or (3) or 29(2) or (3), and sub-paragraph (2) sets out some further principles, in addition to those in paragraphs 1 and 2 (general principles) and 10(2) (freedom of expression and privacy), which are particularly relevant.

(2)

In deciding whether to recommend the use of age assurance, or which kinds of age assurance to recommend, OFCOM must have regard to the following—

(a)

the principle that age assurance should be effective at correctly identifying the age or age-range of users;

(b)

relevant standards set out in the latest version of the code of practice under section 123 of the Data Protection Act 2018 (age-appropriate design code);

(c)

the need to strike the right balance between—

(i)

the levels of risk and the nature, and severity, of potential harm to children which the age assurance is designed to guard against, and

(ii)

protecting the right of users and (in the case of search services or the search engine of combined services) interested persons to freedom of expression within the law;

(d)

the principle that more effective kinds of age assurance should be used to deal with higher levels of risk of harm to children;

(e)

the principle that age assurance should be easy to use, including by children of different ages and with different needs;

(f)

the principle that age assurance should work effectively for all users regardless of their characteristics or whether they are members of a certain group;

(g)

the principle of interoperability between different kinds of age assurance.

(3)

In a code of practice that describes measures for the purpose of compliance with the duty set out in section 12(3)(a), OFCOM must recommend (among other things) age verification or age estimation which is such of a kind, and which is to be used in such a way, that it is highly effective at correctly determining whether or not a particular user is a child (see section 12(6)).

(4)

In deciding which kinds and uses of age verification or age estimation to recommend for the purpose of compliance with the duty set out in section 12(3)(a), OFCOM must have regard to their guidance under section 82 that gives examples of kinds and uses of age verification and age estimation that are, or are not, highly effective at correctly determining whether or not a particular user is a child.

(5)

Nothing in sub-paragraph (2) is to be read as allowing OFCOM to recommend, for the purpose of compliance with the duty set out in section 12(3)(a) by providers subject to the requirement in section 12(4), a kind or use of age verification or age estimation which does not meet the requirement to be highly effective as mentioned in section 12(6).

(6)

A code of practice that recommends the use of age assurance for the purpose of compliance with the duties set out in section 12(2) or (3) must also describe measures recommended for the purpose of compliance with the duties set out in—

(a)

section 12(9), (11) and (13) (inclusion of clear information in terms of service), and

(b)

section 21(2) and (3) (see, in particular, section 21(5)(e) (complaints about age assurance)).

(7)

A code of practice that recommends the use of age assurance for the purpose of compliance with the duties set out in section 29(2) or (3) must also describe measures recommended for the purpose of compliance with the duties set out in—

(a)

section 29(5) and (8) (inclusion of clear information in publicly available statement), and

(b)

section 32(2) and (3) (see, in particular, section 32(5)(d) (complaints about age assurance)).

(8)

A code of practice may—

(a)

refer to industry or technical standards for age assurance (where they exist);

(b)

elaborate on the principles mentioned in paragraphs (a) and (c) to (g) of sub-paragraph (2).

(9)

In this paragraph “age assurance” means age verification or age estimation, and see in particular section 230(4) (self-declaration of age not to be regarded as age verification or age estimation).

Annotations:
Commencement Information

I12Sch. 4 para. 12 in force at Royal Assent, see s. 240(4)(d)

Content of codes of practice: proactive technology

13

(1)

If OFCOM consider it appropriate to do so, and in accordance with the principles to which they must have regard (see paragraphs 1 and 2 and, in particular, 10(2)), they may include in a code of practice a measure describing the use of a kind of technology.

(2)

But there are constraints, set out in the rest of this paragraph, on OFCOM’s power to include in a code of practice a measure describing the use of proactive technology as a way (or one of the ways) of complying with a duty set out in this Act (a “proactive technology measure”).

(3)

A proactive technology measure may be recommended only for the purpose of compliance with any of the duties set out in—

(a)

section 10(2) or (3) (illegal content),

(b)

section 12(2) or (3) (children’s online safety),

(c)

section 27(2) or (3) (illegal content),

(d)

section 29(2) or (3) (children’s online safety), or

(e)

section 38(1) or 39(1) (fraudulent advertising).

(4)

A proactive technology measure may relate to the use of a kind of technology on or in relation to any Part 3 service or any part of such a service, but if the technology operates (or may operate) by analysing user-generated content or metadata relating to such content, the measure may not recommend the use of the technology to analyse user-generated content communicated privately, or metadata relating to user-generated content communicated privately.

(5)

A proactive technology measure may be included in a code of practice in relation to Part 3 services of a particular kind or size only if OFCOM are satisfied that use of the technology in question by such services would be proportionate to the risk of harm that the measure is designed to safeguard against (taking into account, in particular, the risk profile for the time being published by OFCOM under section 98 relating to such services).

(6)

In deciding whether to include a proactive technology measure in a code of practice, OFCOM must have regard to the degree of accuracy, effectiveness and lack of bias achieved by the technology in question, and may—

(a)

refer in the code of practice to industry or technical standards for the technology (where they exist);

(b)

set out principles in the code of practice designed to ensure that the technology or its use is (so far as possible) accurate, effective and free of bias.

(7)

Sub-paragraph (6) does not apply in relation to proactive technology which is a kind of age verification or age estimation technology.

Annotations:
Commencement Information

I13Sch. 4 para. 13 in force at Royal Assent, see s. 240(4)(d)

General

14

A code of practice may make different provision for different purposes and may, in particular—

(a)

make different provision with regard to—

(i)

user-to-user services, and

(ii)

search services;

(b)

make different provision with regard to user-to-user services of different kinds or search services of different kinds; and

(c)

otherwise differentiate between Part 3 services, and between providers of such services, in such manner as OFCOM consider appropriate.

Annotations:
Commencement Information

I14Sch. 4 para. 14 in force at Royal Assent, see s. 240(4)(d)

15

A code of practice may apply in relation to a person who provides a Part 3 service from outside the United Kingdom.

Annotations:
Commencement Information

I15Sch. 4 para. 15 in force at Royal Assent, see s. 240(4)(d)

Interpretation

16

In this Schedule—

code of practice” means a code of practice under section 41;

search results” has the meaning given by section 57(3);

user-generated content” has the meaning given by section 55 (see subsections (3) and (4) of that section).

Annotations:
Commencement Information

I16Sch. 4 para. 16 in force at Royal Assent, see s. 240(4)(d)