Lfgss shutting down 16th March 2025 (day before Online Safety Act is enforced)

> Introduce rules so hard to comply with that only big tech will be able to comply

When intentional, this is Regulatory Capture. Per https://www.investopedia.com/terms/r/regulatory-capture.asp :

> Regulation inherently tends to raise the cost of entry into a regulated market because new entrants have to bear not just the costs of entering the market but also of complying with the regulations. Oftentimes regulations explicitly impose barriers to entry, such as licenses, permits, and certificates of need, without which one may not legally operate in a market or industry. Incumbent firms may even receive legacy consideration by regulators, meaning that only new entrants are subject to certain regulations.

A system with no regulation can be equally bad for consumers, though; there's a fine line between too little and too much regulation. The devil, as always, is in the details.

It's called "Perverse incentive" and Wikipedia runs an illustrative set of examples:

https://en.wikipedia.org/wiki/Perverse_incentive

There's the Cobra Effect popularized by Freakonomics

Too many cobras > bounty for slain cobras > people start breeding them for the bounty > law is revoked > people release their cobras > even more cobras around

Why do people foolishly claim these are unintended consequences?

This is a way to regulate political speech and create a weapon to silence free speech online. It's what opponents to these measures have been saying forever. Why do we have to pretend those enacting them didn't listen, are naive, or are innocent well intentioned actors? They know what this is and what it does. The purpose of a system is what it does.

Related to this, and one version of a label for this type of silencing particularly as potentially weaponized by arbitrary people not just politicians is Heckler's veto. Just stir up a storm and cite this convenient regulation to shut down a site you don't like. It's useful to those enacting these laws that they don't even themselves have to point the finger, disgruntled users or whoever will do it for them.

Politicians should take a mandatory one-week training in:

- very basic macro economics

- very basic game theory

- very basic statistics

Come to think of it, kids should learn this in high school

There also is a very simple, uncontrived effect. You put pressure to a thing, the thing is quashed and ceased to exist.

Many things in a society exist on thin margins, not only monetary, but also of attention, free time, care and interest, etc. You put a burden, such as a regulation, saying that people have to either comply or cease the activity, and people just cease it, like in the post. What used to be a piece of flourishing (or festering, depending on your POV) complexity gets reduced to a plain, compliant nothing.

Maybe that was the plan all along.

> Is there some generalized law (yet) about unintended consequences?

These are not unintended consequences. All media legislation of late has been to eliminate all but the companies that are largest and closest to government. Clegg works at Facebook now, they'd all be happy to keep government offices on the premises to ensure compliance; they'd even pay for them.

Western governments are encouraging monopolies in media (through legal pressure) in order to suppress speech through the voluntary cooperation of the companies who don't want to be destroyed. Those companies are not only threatened with the stick, but are given the carrots of becoming government contractors. There's a revolving door between their c-suites and government agencies. Their kids go to the same schools and sleep with each other.

Sociologist Robert K. Merton coined the term "unintended consequences" (amongst numerous others), and developed an existing notion of manifest vs. latent functions and dysfunctions.

In particular, Merton notes:

Discovery of latent functions represents significant increments in sociological knowledge .... It is precisely the latent functions of a practice or belief which are not common knowledge, for these are unintended and generally unrecognized social and psychological consequences.

Robert K. Merton, "Manifest and Latent Functions", in Wesley Longhofer, Daniel Winchester (eds) Social Theory Re-Wired, Routledge (2016).

<https://www.worldcat.org/title/social-theory-re-wired-new-co...>

More on Merton:

<https://en.wikipedia.org/wiki/Robert_K._Merton#Unanticipated...>

Unintended consequences:

<https://en.wikipedia.org/wiki/Unintended_consequences#Robert...>

Manifest and latent functions:

<https://en.wikipedia.org/wiki/Manifest_and_latent_functions_...>

This is what Javier Milei means when he says that everything politicians touch turns to shit and therefor government should be minimal.

The concept of Rule Beating from Systems Thinking seems apt. You have some goal so you introduce a rule, but if you choose a bad rule, it ends up making things worse. The solution is to recognize that it was a bad rule, repeal it, and find a better one.

It is also that big business can influence legislators, and small business cannot, so big business can influence regulation to their own advantage.

There's a whole YouTube playlist about that sort of thing: https://m.youtube.com/playlist?list=PLBuns9Evn1w9XhnH7vVh_7C...

I've heard it called "law of unintended consequences" and "cobra effect".

I don't think these consequences are unintended.

Laws are meant to be dynamic. So you iterate on them as you get feedback from their implementation

I mean, that’s what I call “rules lawyering” in game parlance. When someone utilizes the rules in such a way as to cause legal harm in service of their own interests, regardless of the intent of said rules in preventing harm.

It’s why when a law/rule/standard has a carveout for its first edge case, it quickly becomes nothing but edge cases all the way down. And because language is ever-changing, rules lawyering is always possible - and governments must be ever-resistant to attempts to rules lawyer by bad actors.

Modern regulations are sorely needed, but we’ve gone so long without meaningful reform that the powers that be have captured any potential regulation before it’s ever begun. I would think most common-sense reforms would say that these rules should be more specific in intent and targeting only those institutions clearing a specific revenue threshold or user count, but even that could be exploited by companies with vast legal teams creating new LLCs for every thin sliver of services offered to wiggle around such guardrails, or scriptkiddies creating millions of bot accounts with a zero-day to trigger compliance requirements.

Regulation is a never-ending game. The only reason we “lost” is because our opponent convinced us that any regulation is bad. This law is awful and nakedly assaults indietech while protecting big tech, but we shouldn’t give up trying to untangle this mess and regulate it properly.

>Protect the children -> Criminalize activites that might in any way cause an increase in risk to children -> Best to just keep them indoors playing with electronic gadgets -> Increased rates of obesity/depression etc -> Children worse off.

Not sure how keeping kids off the internet keeps them indoors? Surely the opposite is true?

Your first example is a case of lawmakers not willing to finish the job moreso than of regulation being bad.

That is like saying "when we write software there are bugs, so rather than fix them, we should never write software again".

Your second example is ascribing to regulation something that goes way beyond regulation.

I don't think anyone believe that the "think of the children" argument leads to "unintended" consequences. They are thoroughly intended. It doesn't look like that, but policy makers do analyze potential impact and this is a problem you understand if you are more than 5 minutes into the topic.

Although I do think they overlook that their legislation is restricted to their domestic market though, so any potential positive effect is more or less immediately negated. That is especially true for English speaking countries.

These can not be unintended consequences. Obviously the UK government is aware of what they are doing and are using whatever language they can.

Modern fanatics don't care. They are eager to destroy everything for the sake of "protecting children".

Behold the failure to consider second order consequences when legislating rules.

Why are gas-guzzling trucks exempt from fuel standards? (Genuine question)

Oppositional Defiance Disorder?

>Increase fuel economy -> Introduce fuel economy standards -> Economic cars practically phased out in favour of guzzling "trucks" that are exempt from fuel economy standards -> Worse fuel economy.

tl;dr: This is a myth.

There is no incentive to the consumer to purchase a vehicle with worse fuel economy.

There USED to be an incentive, 30-40 years ago.

It is not 1985 anymore.

The gas guzzler tax covers a range of fuel economies from 12.5 to 22.5 mpg.

It is practically impossible to design a car that gets less than 22.5 mpg.

The Dodge Challenger SRT Demon 170, with an 6.2 L 8 cylinder engine making ONE THOUSAND AND TWENTY FIVE horsepower is officially rated for 13 mpg but that's bullshit, it's Dodge juicing the numbers just so buyers can say "I paid fifty-four hundred bucks gas guzzler tax BAYBEE" and in real-world usage the Demon 170 is getting 25 mpg. Other examples of cars that cannot achieve 22.5 mpg are the BMW M2/M3/M4/M8, the Cadillac CT5, high-performance sports sedans for which the gas guzzler tax is a <5% price increase. ($5400 is 5% of the Demon 170 price, but 2-3% of what dealers are actually charging for it.)

The three most popular vehicles by sales volume in the United States are: 1. The Ford F-150, 2. The Chevy Silverado, and 3. The Dodge Ram 1500.

The most popular engine configuration for these vehicles is the ~3L V6. Not a V8. A V6.

Less than 1/4th of all pickup trucks are sold equipped with a V8.

According to fueleconomy.gov every single Ford, Chevrolet, and Ram full-size pickup with a V6 would pay no gas guzzler tax.

Most V8s would be close, perhaps an ECU flash away, to paying no gas guzzler tax. The only pickups that would qualify for a gas guzzler tax are the high-performance models-- single-digit percentages of the overall sales volume and at those prices the gas guzzler tax would not even factor into a buyer's decision.

People buy trucks, SUVs, and compact SUVs because they want them and can afford them.

Not because auto manufacturers phased out cars due to fuel economy standards. Not because consumers were "tricked" or "coerced". And certainly not because "the gubmint" messed things up.

They buy them because they WANT them.

The Toyota RAV4 is the 4th most popular car in the US. The Corolla is the 13th most popular. They are built on the same platform and dimensionally, the Corolla is actually very slightly larger except for height. They both come with the same general ballpark choices in engines. The gas guzzler tax only applies to the Corolla, but that doesn't matter because they both would be exempt. People don't freely choose the RAV4 over the Corolla because of fuel economy they buy it because the Corolla has 13 cubic feet of cargo capacity and the RAV4 has 70 cubic feet.

And before anyone says that the gas guzzler tax made passenger cars more expensive, passenger cars can be purchased for the same price adjusted for inflation they could be 50 years ago, but people don't want a Mitsubishi Mirage, which is the same price as a vintage VW Beetle (perennial cheapest new car from the 1960s) and better in every quantifiable metric, they want an SUV.

What may be true is that there is a national policy to keep fuel prices as low as possible, for a myriad of reasons, with one side effect of that policy being that it has enabled people to buy larger less fuel-efficient cars.

I do not believe it is auto manufacturers who are pushing for this policy. I believe it is the freight and logistic market. The auto market is valued at $4 billion, the freight and logistics market is $1,300 billion. GM and Ford are insignificant specks compared to the diesel and gasoline consumers of the freight and logistics firms (who have several powerful lobbies).

https://www.thetruthaboutcars.com/2017/08/v8-market-share-ju...

https://www.fueleconomy.gov

https://www.irs.gov/pub/irs-pdf/f6197.pdf (gas guzzler worksheet)

"Gaming The Law"

> We have something similar in Australia with the Online Safety Act 2021.

That wasn't the one I was thinking of, to be honest.

I'd have thought you would be mentioning the latest ball of WTF: "Online Safety Amendment (Social Media Minimum Age) Bill 2024".

According to the bill, HN needs to identify all Australian users to prevent under-16's from using it.

https://www.aph.gov.au/Parliamentary_Business/Bills_Legislat...

> it imagines the internet as a handful of giant platforms rather than a rich tapestry of independent, community-driven spaces.

As sad as it may be, their imagination is correct. The small spaces, summed up all together, are lost in the rounding errors.

You're assuming the point of these laws is what they say on the tin and the people writing these laws are ignorant. A huge amount of legislation is written by think tanks and lobbyists.

Authoritarians don't want people to be able to talk (and organize) in private. What better way to discourage them than some "think of the children" nonsense? That's how they attacked (repeatedly) encryption.

Google, Facebook, and Twitter all could have lobbied against this stuff and shut it down, hard. They didn't.

That speaks volumes, and my theory is that they feel shutting down these forums will push people onto their centralized platforms, increasing ad revenues - and the government is happy because it's much easier to find out all the things someone is discussing online.

[flagged]

This isn't how laws work. If you give a layperson a large law and tell him that, if he is in violation, he has to pay millions, then it pretty much doesn't matter that there is some way where, with some effort, he can comply. Most people aren't lawyers and figuring out how to actually comply with this is incredibly tedious and risky, as he is personally liable for any mistakes he makes interpreting those laws.

Companies have legal departments, which exist to figure out answers to questions like that. This is because these questions are extremely tricky and the answers might even change as case law trickles in or rules get revised.

Expecting individuals to interpret complex rulesets under threat of legal liability is a very good way to make sure these people stop what they are doing.

This: OP seems to be throwing the baby out with the bathwater.

Im surprised they don’t already have some form of report/flag button.

> having a content moderation function to review and assess suspected illegal content

That costs money. The average person can't know every law. You have to hire lawyers to adjudicate every report or otherwise assess every report as illegal. No one is going to do that for free if the penalty for being wrong is being thrown in prison.

A fair system would be to send every report of illegal content to a judge to check if it's illegal or not. If it is the post is taken down and the prosecution starts.

But that would cost the country an enormous amount of money. So instead the cost is passed to the operators. Which in effect means only the richest or riskiest sites can afford to continue to operate.

Answered here: https://news.ycombinator.com/item?id=42434349

If only more people actually read the actual documents in context (same with GDPR), but the tech world has low legal literacy

This feels relevant to your comment: https://archive.is/9V2Bf

Orgs are already fleeing LSEG for deeper capital markets in the US.

As an aside, the UK is a great tourist destination, especially if you leave London right after landing.

Beautiful landscape, the best breakfast around, really nice people, tons of sights to see.

How much damage can they withstand before they figure out how to stop hurting themselves? I wouldn't touch UK investment with a ten foot pole.

[dead]

> Looks like it now requires an online community to have its own bureaucracy in place

What do you mean by bureaucracy in this case? Doing the risk assessment?

Just like our knees… we might have started as fg, but now ss, and soon our Phils will not be laced for the track but for our chairs. The fight is fading.

There’s several stories of open source projects being handed off to someone who seemed helpful, only to have them turn around and add malware months later.

I completely understand a desire to shut things down cleanly, rather than risk something you watched over for years become something terrible.

This is my question as well. It seems like there would be someone willing to do this, especially outside the EU.

Finding someone trustworthy is hard, but I know buro9 knows tons of people.

"The Act applies to services even if the companies providing them are outside the UK should they have links to the UK. This includes if the service has a significant number of UK users"

I think that the fact that no one is fully sure is part of the problem.

The act is intentionally very vague and broad.

Generally, the gist is that it's up to the platforms themselves to assess and identify risks of "harm", implement safety measures, keep records and run audits. The guidance on what that means is very loose, but some examples might mean stringent age verifications, proactive and effective moderation and thorough assessment of all algorithms.

If you were to ever be investigated, it will be up to someone to decide if your measures were good or you have been found lacking.

This means you might need to spend significant time making sure that your platform can't allow "harm" to happen, and maybe you'll need to spend money on lawyers to review your "audits".

The repercussions of being found wanting can be harsh, and so, one has to ask if it's still worth it to risk it all to run that online community?

From Wikipedia:

> The act creates a new duty of care of online platforms, requiring them to take action against illegal, or legal but "harmful", content from their users. Platforms failing this duty would be liable to fines of up to £18 million or 10% of their annual turnover, whichever is higher.

It is essentially requiring tech companies to work for the UK government as part of law enforcement. They are required to monitor and censor users or face fines and Ofcom has the ability to shutdown things they don't like.

This basically ensures that the only people allowed to host online services for other people in the UK will be large corporations. As they are the only ones that can afford the automation and moderation requirements imposed by this bill.

You should be able to self-host content, but you can't do something like operate a forums website or other smaller social media platform unless you can afford to hire lawyers and spend thousands of dollars a month hiring moderators and/or implementing a bullet proof moderation system.

Otherwise you risk simply getting shutdown by Ofcom. Or you can do everything yo are supposed to do and get shutdown anyways. Good luck navigating their appeals processes.

https://www.ofcom.org.uk/online-safety/illegal-and-harmful-c...

You need to do a risk assessment and keep a copy. Depending on how risky things are, you need to put more mitigations in place.

If you have a neighbourhood events thing that people can post to, and you haven't had complaints and generally keep an eye out for misuse, that's it.

If you run a large scale chat room for kids with suicidal thoughts where unvetted adults can talk to them in DMs you're going to have a higher set of mitigations and things in place.

Scale is important, but it's not the only determining factor. An example of low risk for suicide harm is

> A large vertical search service specialised in travel searches, including for flights and hotels. It has around 10 million monthly UK users. It uses recommender systems, including for suggesting destinations. It has a basic user reporting system. There has never been any evidence or suggestion of illegal suicide content appearing in search results, and the provider can see no way in which this could ever happen. Even though it is a large service, the provider concludes it has negligible or no risk for the encouraging or assisting suicide offence

An example for high risk of grooming is

> A social media site has over 10 million monthly UK users. It allows direct messaging and has network expansion prompts. The terms of service say the service is only for people aged 16 and over. As well as a content reporting system, the service allows users to report and block other users. While in theory only those aged 16 and over are allowed to use the service, it does not use highly effective age assurance and it is known to be used by younger children. While the service has received few reports from users of grooming, external expert organisations have highlighted that it is known to be used for grooming. It has been named in various police cases and in a prominent newspaper investigation about grooming. The provider concludes the service is high risk for grooming

The linked page has this phrasing, which I’m not entirely sure what it means, but could be understood as personal liability?

> Senior accountability for safety. To ensure strict accountability, each provider should name a senior person accountable to their most senior governance body for compliance with their illegal content, reporting and complaints duties.

I think OP feels it indirectly creates massive personal liabilities for site operators, in that a user can deliberately upload illegal material and then report the site under the Act, opening the site operator up to £18M in fines.

This seems very plausible to me, given what they and other moderators have said about the lengths some people will go to online when they feel antagonised.

> Might the author be overreacting a bit to this new law

As i have read it, no, it's worth a read to see for yourself though.

> it doesn't put that much of an onerous demand on forum operators.

It doesn't until it does, the issue is the massive amount of work needed to cover the "what if?".

It's not clear that it doesn't apply and so it will be abused, that's how the internet works, DMCA, youtube strikes, domain strikes etc.

> Then again, maybe he's just burnt out from running these sites and this was the final straw. I can understand if he wants to pack it in after so long, and this is as good reason as any to call it a day.

Possibly, worth asking.

> Though, has no-one in that community offered to take over? Forums do change hands now and then.

Someone else taking over doesn't remove the problem, though there might be someone willing to assume the risk.

>Might the author be overreacting a bit to this new law?

How much money should he spend on a lawyer to figure this out for him?

Would you be willing to risk personal liability for your interpretation of this law? Obviously I would not.

Yes. I think so. The chances of some well meaning forums being taken down by this law is zero.

Op uses they/them pronouns.

> Might the author be overreacting a bit to this new law? As I understand it, it doesn't put that much of an onerous demand on forum operators.

As the manager of a community where people meet in person, I understand where he is coming from. Acting like law enforcement puts one in a position to confront dangerous individuals without authority or weapons. It is literally life-endangering.

I host a Mastodon server in the US. I almost wish I could get a legal threat from the UK so that I could print it and hang it on my wall as a conversation piece.

I have zero legal connection to the UK and their law doesn't mean jack to me. I look forward to thoroughly ignoring it, in the same way that I thoroughly ignore other dumb laws in other distant jurisdictions.

UK, look back on this as the day -- well, another day -- when you destroyed your local tech in favor of the rest of the world.

The hacker in me is real grumpy about all this, and believes that they’re nannying a whole lot of the dumb superficial stuff while pushing serious malfeasance underground.

But they make a good point: if you exclude the smaller providers, that’s where the drugs and CSAM and the freewheeling dialog go. Assuming it’s their policy goal to deter these categories of speech, I’m not sure how you do that without a net fine enough to scoop up the 4chans of the world too.

It’s not the behavior of a confident, open, healthy society, though…

> do not want individuals hosting websites

It's more about "accepting and publishing arbitrary content".

But, in practice, how hard is it to host a website anonymously? Or off-shore?

you don't need archiveteam to save databases you already have. just dump the PII columns and put 'em up for torrent.

FTR, the admin is now talking to ArchiveTeam and is willing to help reduce barriers to archiving the site to IA. For eg removing rate limits, allow-listing AT user-agents etc.

That's an excellent article. Another quote I found especially relevant:

>Every step that law takes down the enormous hierarchy of bureaucracy, the incentives for the public servants who operationalize it is to take a more literal, less flexible interpretation. By the time the daycare worker interacts with it, the effect of the law is often at odds with lawmakers’ intent.

Put another way, everyone in the chain is incentivized to be very risk averse when faced with a vague regulation, and this risk aversion can compound to reach absurd places.

100%

I used to run a moderately sized forum for a few years. Death threats, legal threats, had faeces mailed to my house, someone found out where I worked and started making harrasing calls/turning up to the office.

I don't run a forum no more. For what I feel are obvious reasons.

> I managed a pissant VBulletin forum, and ... got me woken up at 2, 3, 4am with phone calls because someone got banned and was upset about it.

I home-hosted a minecraft server and was repeatedly DDoS'd. Don't underestimate disgruntled 10yo's.

I used to be a moderator for the french forum OP mention in his post and helped maintain the previous website. I threw the towel long before they migrated to microcosm. I didn't even ask to be that moderator but ended up somehow when other "hired members" when they themselves tried to distance themselves from the moderation. It is so thankless. Some trolls were constantly making thread derails, were repeatedly banned but kept creating new accounts, joining other forums I was a simple member to stalk me and get more information in order to publish stuff about me or my family online.

It also raises the barrier to entry for newcomers, ensuring established large players continue to consolidate power, since they have the means to deflect and defend themselves from these regulations (unless there are specific carve-outs in place, of course).

This is something the EU got right for once in the DMA/DSA: It only applies starting from a certain, large size - if you're that big, you can afford the overhead.

It's not like there are laws that are more lenient with non-profits or with tiny companies right?

If you read the guidance:

https://www.ofcom.org.uk/siteassets/resources/documents/onli...

It amounts to your basic terms of service. It means that you'll need to moderate your forums, and prove that you have a policy for moderation. (basically what all decent forums do anyway) The crucial thing is that you need to record that you've done it, and reassessed it. and prove "you understand the 17 priority areas"

Its similar for what a trustee of a small charity is supposed to do each year for its due diligence.

Maybe he did. Or maybe that is the first step in the very path that op doesnt want to walk.

With 1 or 2 competent mods, a forum can be very low-maintenance.

He is running the infra and maintain the code. Each of those forums have their own moderators. They are basically his customers.

I think what he fears is he has no control on how these individual forums moderate their content and how liable he would be as the hosting admin.

Omegle was widely known to be full of underage children and overage child sexual predators.

If I designed a site for 14-year-old girls to sext with 30-year-old men it would be rightfully shut down.

If I designed a site as a fun chat site but becomes in actual reality it became a sexting site for 14-year-old girls with adult men, should it be shut down?

> I feel like the whole time this was being argued and passed, everyone in power just considered the internet to be the major social media sites and never considered that a single person or smaller group will run a site.

Does this shock you? I don't recall a time in memory where a politician discussing technology was at best, cringe and at worst, completely incompetent and factually wrong.

> It's insane that they never carved out any provisions for "non big-tech".

That would be insane, and it's not true. You have to consider the risks and impacts of your service, and scale is a key part of that.

I think it's really important around this to actually talk about what's in the requirements, and if you think something that has gone through this much stuff is truly insane (rather than just a set of tradeoffs you're on the other side of) then it's worth asking if you have understood it. Maybe you have and lots of other people are extremely stupid, or maybe your understanding of it is off - if it's important to you in any way it probably makes sense to check right?

I'm sure Big Tech helped to write the bill.

> It's insane that they never carved out any provisions for "non big-tech".

There's only 13 provisions that apply to sites with less than 7 million users (10% of the UK population).

7 of those are basically having an inbox where people can make a complaint and there is a process to deal with complaints.

1 is having a 'report' button for users.

2 say you will provide a 'terms of service'

1 says you will remove accounts if you think they're run by terrorists.

The OP is blowing this out of proportion.

> It's insane that they never carved out any provisions for "non big-tech".

Very little legislation does.

Two things my clients have dealt with: VATMOSS and GDPR. The former was fixed with a much higher ceiling for compliance but not before causing a lot of costs and lost revenue to small businesses. GDPR treats a small businesses and non profits that just keep simple lists for people (customers, donors, members, parishioners, etc.) has to put effort into complying even thought they have a relatively small number of people's data and do not use it outside their organisation. The rules are the same as for a huge social network that buys and sells information about hundreds of millions of people.

How is it insane? The target is non big-tech. Do you think Facebook cares they have to hire a couple of people to do compliance?

yup, and thank you for the kind words

Or just use a news server and create a tilde with gopher/irc and so on, then federate it with the tildeverse.

I can understand them not wanting the due diligence burden (even if only self-imposed rather than required for any official reason) of picking a successor in this way, or the admin burden of setting up “some non-profit trust format”.

Also depending on the terms agreed to when people signed on and started posting, it might be legally or morally difficult because transferring the data to the control of another party could be against the letter or the spirit of the terms users agreed to. Probably not, but I wouldn't want to wave such potential concerns off as “nah, it'll be fine” and hoping for the best.

Even leaving a read-only version up, so a new home could develop with the old content remaining for reference, isn't risk free: the virtual-swatting risk that people are concerned about with this regulation would be an issue for archived content as much as live stuff.

At least people have a full three months notice. Maybe in that time someone can come up with a transfer and continuation plan the current maintainer is happy with, if not the users at least have some time to try to move any social connectivity based around the site elsewhere.

It's a de facto ban on small forums.

Have you seen how difficult US immigration is to navigate? It's impossible for most people, and about to get even harder soon.

Even if US immigration were more liberal, moving is very costly (financially, emotionally, psychologically). Injustice anywhere is a threat to justice everywhere.

> In addition to the cookie privacy pop-over when viewing that site

I don't know where you're seeing that as the site does not have such things. The only cookies present are essential and so nothing further was needed.

The site does not track you, sell your data, or otherwise test you as a source of monetisation. Without such things conforming with cookie laws is trivial... You are conformant by just connecting nothing that isn't essential to providing the service.

For most of the sites only a single cookie is set for the session, and for the few via cloudflare those cookies get set too.

Why we would want it any other way than what? It's not clear to me whether you see the added European regulation as positive or negative.

Because then they're responsible, at least socially, for the things the new admin does.

This way, people have been given plenty of advanced notice and can start their own forums somewhere instead. I'm sure each of the 300 subforums already has some people running them, and they could do the above if they actually cared.

I find it hard to believe someone will take over 300 forums out of the goodness of their hearts and not start making it worse eventually, if not immediately.

the real risk I see is that as it's written, and as Ofcom are communicating, there is now a digital version of a SWATing for disgruntled individuals.

the liability is very high, and whilst I would perceive the risk to be low if it were based on how we moderate... the real risk is what happens when one moderates another person.

as I outlined, whether it's attempts to revoke the domain names with ICANN, or fake DMCA reports to hosting companies, or stalkers, or pizzas being ordered to your door, or being signed up to porn sites, or being DOX'd, or being bombarded with emails... all of this stuff has happened, and happens.

but the new risk is that there is nothing about the Online Safety Act or Ofcom's communication that gives me confidence that this cannot be weaponised against myself, as the person who ultimately does the moderation and runs the site.

and that risk changes even more in the current culture war climate, given that I've come out, and that those attacks now take a personal aspect too.

the risk feels too high for me personally. it's, a lot.

I used to frequent the forum about 15 or so years ago. This guy is very level headed and has been around the block a lot. Therefore I don't believe this is purely performative.

A fair number of sites hosted and operated outside the European Union reacted to GDPR by instituting blocks of EU users, many returning HTTP 451. Regardless of whether you believe GDPR is a good idea or not (that's beyond the scope of this comment), the disparity in statutory and regulatory approaches plus widely varying (often poor) levels of 'plain language' clarity in obligations, and inconsistent enforcement, it all leads to entirely understandable decisions like this and more of a divided internet.

Thank you to those who have tirelessly run these online communities for decades, I'm sorry we can't collectively elect lawmakers who are more educated about the real challenges online, and thoughtful on real ways to solve them.

What are the simple and cheap mitigations you have in mind?

Ah, yes, “just” run every comment from 275k users through an error prone system, while paying for every API call, to host something they already do at a loss.

> Block UK users

The site is primarily focused on London/UK biking enthusiasts.

> Make a forum that is only for UK users

That is the forum for UK users.

> Just ignore the law and fight it

The linked post mentions that the fines for failure to comply start at £18 million. I'd understand not wanting to take that risk.

> Setup the forums on bulletproof hosting which ignore such silly laws.

I think this is the most viable strategy, but even then the site owner incurs risks through ie. ownership of the domain or considerable participation.

Welcome to British humour, and - it's spelled correctly.