Despite widespread criticism and scrutiny, the UK government is within touching distance of delivering its controversial new internet safety rules. Credit: Shutterstock The Online Safety Bill has passed its final UK parliamentary debate and is now ready to become law. Despite widespread criticism and scrutiny from security and privacy leaders, as well as significant amendments, this major milestone means the UK government is within touching distance of delivering its controversial new internet safety rules. Online Safety Bill aims to protect users, tackle fraud The Online Safety Bill takes a zero-tolerance approach to protecting children and makes sure social media platforms are held responsible for the content they host, along with ensuring adults are better empowered to take control of their online lives, the UK government said. Under the bill, the biggest social media platforms will have to stop users being exposed to dangerous fraudulent adverts by blocking and removing scams, or face Ofcom’s huge new fines. If social media platforms do not comply with these rules, Ofcom could fine them up to £18 million or 10% of their global annual revenue, whichever is biggest – meaning fines handed down to the biggest platforms could reach billions of pounds. The regulator will immediately begin work on tackling illegal content and protecting children’s safety, with its consultation process launching in the weeks after Royal Assent. It will then take a phased approach to bringing the Online Safety Bill’s into force. “The Online Safety Bill is a game-changing piece of legislation. Today, this government is taking an enormous step forward in our mission to make the UK the safest place in the world to be online,” said Michelle Donelan, technology secretary. Security, privacy experts slam UK Online Safety Bill In July, almost 70 UK information security and cryptography researchers signed an open letter strongly opposing the UK Online Safety Bill, raising concerns over its interaction with security and privacy technologies. The letter criticized the bill’s proposal to technologically enable the routine monitoring of personal, business, and civil society online communications to prevent the dissemination of child sexual exploitation and abuse (CSEA) content. The letter also noted that several international communication providers have indicated that they will refuse to comply with Online Safety Bill orders that compromise the security and privacy of their customers, threatening to leave the UK market. This puts those in the UK in a vulnerable situation, having to adopt compromised and weak solutions for online interactions, it added. In December, 70 organizations, cybersecurity experts and elected officials signed a separate open letter highlighting their concerns that the legislation could attack end-to-end encryption, putting users at greater risk. In June, tech giant Apple echoed similar sentiments. Earlier this month, the UK government rolled back on its proposed controversial encryption rules, stating that the powers granted by the legislation will not be used to scan encrypted messaging apps for harmful content until it can be done in a targeted manner. Related content news AT&T suffers critical breach impacting 73 million customers Data released on the dark web impacts 7.6 million existing account holders and 65.4 million past subscribers. By Shweta Sharma 01 Apr 2024 4 mins Data Breach feature Recruit for diversity: Practical ways to remove bias from the hiring process Changing the wording on job descriptions and introducing a diverse hiring panel are some of the ways to remove bias when hiring cybersecurity professionals. By Aimee Chanthadavong 01 Apr 2024 8 mins Careers feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff 01 Apr 2024 17 mins Technology Industry IT Skills Events news Top cybersecurity product news of the week New product and service announcements from Bedrock Security, GitGuardian, Legit Security, Nametag, and Cybereason and Observe By CSO staff 29 Mar 2024 70 mins Generative AI Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe