Comment by zimpenfish
4 months ago
IANAL
> any websites that let users interact with other users has to police illegal content on its site and must implement strong age verification checks.
But I believe you only need age verification if pornography is posted. There's also a bunch of caveats about the size of user base - Ofcom have strongly hinted that this is primarily aimed at services with millions of users but haven't (yet) actually clarified whether it applies to / will be policed for, e.g., single-user self-hosted Fediverse instances or small forums.
I don't blame people for not wanting to take the risk. Personally I'm just putting up a page with answers to their self-assessment risk questionnaire for each of my hosted services (I have a surprising number that could technically come under OSA) and hoping that is good enough.
I believe you only need age verification if pornography is posted
But if you let users interact with other users, you're not in control of whether pornographic material is posted, so it's safer to comply beforehand.
I commend you for keeping your site up and hoping for the best. I don't envy your position.
> Ofcom have strongly hinted that this is primarily aimed at services with millions of users but haven't (yet) actually clarified [...]
This has echoes of the Snooper's Charter and Apple's decision to withdraw ADP from all of UK.
It is not enough for regulators to say they won't anticipate to enforce the law against smaller operators. As long as the law is on the books, it can (and will) be applied to a suitable target regardless of their size.
I saw this this same bullshit play out in Finland. "No, you are all wrong, we will never apply this to anything outside of this narrow band" -- only to come down with the large hammer less than two years later because the target was politically inconvenient.
I geo-block UK visitors on all of my websites. It's sad but the safest solution.
why? if you're located elsewhere you can literally just ignore UK/EU law. they don't have jurisdiction over you; worst-case scenario is probably them ordering ISPs to block your site.
While the actual risk is minimal, countries do have reach beyond their borders.
For example, if you ever leave your home country to visit a third country, that country could arrest you and extradite you to the country that doesn't like you.
Or they could force any financial institution (or even any company) that wants to do business within their territory to stop doing business with you. The EU probably wouldn't do that, because it's difficult and expensive to get the member states agree on sanctions. The US does it regularly. The UK could probably try, but they have less leverage.
5 replies →
I like London and want to visit the city again some day.
What if a large number of brits access your websites from a different country? :-/