How Will the Online Safety Bill Affect GDPR Compliance?
The UK Online Safety Bill (OSB) is a proposed legislation that is progressing through the House of Lords before moving to the final stages of approval. Its primary objective is to regulate online platforms and search engines in the UK. It will also address the proliferation of illegal content on the internet, including that related to child sexual exploitation/abuse and terrorism.
The proposed legislation seeks to give internet users more control over the types of lawful content they are exposed to online. It aims to achieve this by imposing regulations on online platforms that provide user-generated content and search engines.
Although the UK government aims to protect user safety while maintaining its commitment to freedom of speech, the Bill has sparked concerns among stakeholders who believe it may infringe on individual rights to privacy and freedom of expression.
The concerns are that the Bill's broad definition of "harmful content" may be used to target legitimate speech and opinions that are not inherently harmful. For instance, the Bill requires online platforms to remove content that may cause "psychological harm" to individuals, which is a subjective criterion and may be difficult to enforce consistently.
Also, there are concerns that the Bill will grant the external regulator (Ofcom) extensive powers to access and examine data held by online platforms. This could potentially lead to violations of individuals' privacy rights. In addition, the Bill's requirements for online platforms to collect and store large amounts of user data for compliance purposes could also increase the risk of data breaches and cyberattacks as so much sensitive information will be held.
The Online Safety Bill and GDPR Policies
The Online Safety Bill includes provisions for transparency and accountability in data processing. This means that businesses would be required to publish clear and accessible information about their data processing activities, including personal data collection and use. The regulator would have the authority to investigate and take action against businesses that breach data protection laws and can impose fines and other sanctions for non-compliance with the OSB. Therefore, companies will need to update their data policies in line with this.
Whilst non-compliance can lead to fines, compliance with the new legislation could also significantly cost businesses. Estimates suggest that medium-sized companies could face annual costs of up to £250,000. Organisations would need to change their data processing practices by implementing more robust data protection measures and reviewing their privacy policies to ensure they align with the new requirements.
Tech companies will need to provide users with opportunities to decrease the visibility of certain disturbing content such as abusive material or hate references. For example, a company that publishes a lot of information on its website that receives a lot of comments from the public may need to change its policies to ensure they monitor comments so that they are not offensive to other users.
“Organisations will have to hold a lot of information about users’ individual preferences and beliefs such as those relating to race, religion, or sexual orientation. Subsequently, they will need to be careful about how they hold this in line with GDPR requirements and make sure that they implement robust cybersecurity measures to prevent any data breaches.
They may also need to invest in additional resources such as developing new technologies and systems like implementing software to monitor online content or hiring compliance professionals dedicated to ensuring user safety.” Charlotte Gerrish of Gerrish Legal
How Can Gerrish Legal Help?
Gerrish Legal is a dynamic digital law firm. We pride ourselves on giving high-quality and expert legal advice to our valued clients. We specialise in many aspects of digital law such as GDPR, data privacy, digital and technology law, commercial law, and intellectual property. We give companies the support they need to successfully and confidently run their businesses whilst complying with legal regulations without the burdens of keeping up with ever-changing digital requirements.
We are here to help you, get in contact with us today for more information.