British Government continues legislate for online safety and security - including new digital ID plans
A slew of announcements in recent days highlight how the British Government is thinking about online safety and security, both from a citizen and a platform point of view.
The British Government is continuing to put forward legislation that aims to improve security and safety for citizens online. diginomica has previously outlined how plans to tighten up the proposed Online Safety Bill were put forward recently, following claims that it didn’t go far enough to protect people, and now new legislation has been proposed to make digital identities more secure.
The Online Safety Bill and digital identities are two separate pieces of legislation, but they point to a broader theme of how the British Government is thinking about safety, security and privacy online. One of the key objectives of this administration is to make Britain ‘the safest place in the world to be online’.
However, that’s not to say the government has not faced any backlash. Its attempts to campaign for limiting the use of end-to-end encryption have received huge criticism from privacy campaigners (rightly so) and a parliamentary committee recently said that the Online Safety Bill wasn’t robust enough to tackle illegal content, nor was it sufficient enough to protect freedom of speech (in essence, worst of both worlds).
But it’s clear that legislating for how people interact online - which has huge consequences for the tech giants that operate digital platforms - is a key priority in Brexit Britain.
With this in mind, let’s take a look at the latest priorities that have been outlined over the past few days.
Scam adverts and cyber-flashing
First up, the government has launched a consultation on broader reforms to online advertising, which will include more powers for regulators to tackle ‘harmful, offensive and misleading adverts’. Influencers are also being put under the spotlight, with penalties set to be introduced if they don’t declare payment for promoting products.
This will see social media sites and search engines forced to “stamp out fraudsters and scammers” on their platforms, with the Online Safety Bill requiring the platforms to prevent paid-for fraudulent adverts appearing on their services.
The online platforms will need to put in place proportionate systems and processes to prevent (or minimise) the publication and/or hosting of fraudulent advertising on their service and remove it when they are made aware of it.
Separately, the government is launching a consultation on proposals to tighten the rules for the online advertising industry - with the aim being to bring more of the major players involved under regulation and to create a “more transparent, accountable and safer ad market”.
Commenting on the plans, Digital Secretary Nadine Dorries said:
We want to protect people from online scams and have heard the calls to strengthen our new internet safety laws. These changes to the upcoming Online Safety bill will help stop fraudsters conning people out of their hard-earned cash using fake online adverts.
As technology revolutionises more and more of our lives the law must keep up. Today we are also announcing a review of the wider rules around online advertising to make sure industry practices are accountable, transparent and ethical - so people can trust what they see advertised and know fact from fiction.
In addition, the government has also confirmed that ‘cyber-flashing’ - a practice that involves offenders sending unsolicited sexual images to people via social media or dating apps - will become a new criminal offence. Perpetrators are facing up to two years in prison under the new laws being drawn up.
Ministers confirmed that the new laws banning this behaviour will be included in the Online Safety Bill, following a recommendation by the Law Commission as part of its ‘Modernising Communications Offences’ review.
This follows recent commitments to tackle ‘harmful private and public online communication’, which includes sending abusive emails, social media posts and WhatsApp messages, as well as ‘pile-on’ harassment where many people target abuse at an individual.
Nadine Dorries said:
The forthcoming Online Safety Bill will force tech companies to stop their platforms being used to commit vile acts of cyberflashing. We are bringing the full weight on individuals who perpetrate this awful behaviour.
Separate from the Online Safety Bill, but closely related in nature, the government has also outlined plans to create a new Office for Digital Identities and Attributes (ODIA), which will oversee security and privacy standards for digital IDs.
Under new plans being drawn up, the aim is to allow people to easily and quickly prove their identity using digital methods instead of having to rely on traditional physical documents.
The government has said that its plans will make digital identities as trusted and secure as official documents, such as passports and driving licences. However, as we saw with the problem ridden GOV.UK Verify programme, establishing a wide-scale programme around securing digital identities online isn’t easy.
The announcement states that digital identity solutions allow citizens to access their ID in a number of ways, such as via a phone app or website, which can then be used in-person or online. It will be up to people and businesses to decide what digital identity technology works for them, the announcement said - but there will be no obligation to use a digital tool.
But, for example, a person needing to prove that they are 18 years old to buy an age-restricted product could create a digital identity with a “trusted organization” by sharing personal information, such as their name and date of birth. This digital ID could then be used to prove they are over-18, without the need to reveal any of the personal information that was used to create the digital ID in the first place.
The ODIA will have the power to issue a recognized trust mark to certified digital identity organizations, to prove they meet the security and privacy standards needed to handle people’s data in a safe and consistent way.
The government intends to bring forward the necessary legislation when parliamentary time allows to:
Establish a robust and secure accreditation and certification process and trustmark so organizations can clearly prove they are meeting the highest security and privacy standards needed to use digital identities.
Create a legal gateway to allow trusted organizations to carry out verification checks against official data held by public bodies to help validate a person’s identity.
Confirm the legal validity of digital forms of identification are equal to physical forms of identification, such as physical passports
Data Minister Julia Lopez said:
This government is committed to unlocking the power of data to benefit people across the UK.
The legislation we’re proposing will ensure that there are trusted and secure ways for people and organisations to use digital identities, should they choose to.
There’s a delicate balancing act here between providing people with secure environments to engage and transact online and the government overreaching with legislation (e.g. limiting end-to-end encryption). It’s still early days and it’s not yet clear how the government will use these powers or how they will play out - there are still huge concerns around allowing ministers to decide what is ‘harmful’ content online. We will be watching this closely.