The Online Safety Act received Royal Assent last week (Thursday 26 October) and with that Ofcom picked up the reins from the Department for Science, Innovation and Technology and this new network was born. The aims of the Online Safety Act Network are simple: building on the work of Carnegie UK, we hope to help coordinate and support civil society engagement to secure the effective implementation of the Act. There is much to do on that score. To coincide with Royal Assent, Ofcom last week published a revised roadmap setting out the phases of work they will undertake as the regulatory framework takes shape: the headlines are here and the first swathe of consultations, focusing on the illegal harms duties, are due to be published on 9 November. 

The online safety regime splits in-scope regulated services into categories: Category 1, Category 2A and Category 2A. Category 1 services, the largest user-to-user services with certain ‘functionality’ (defined in cl. 234), receive the toughest risk mitigation duties: having to provide ‘user empowerment tools’ (cls 15-16) and effective terms and conditions in relation to content that would have formerly been referred to as content ‘harmful to adults’. Category 1 services are also under obligations regarding fraudulent advertising (as are Category 2A search services), and more detailed obligations generally. For an overview of the different requirements on services in each category, you can refer to this comparison table.

A Bill becomes an Act when it receives Royal Assent and that assent is notified to both Houses of Parliament. It becomes part of the law at this point. This does not mean, however, that the Act comes into force at that point. While an Act can come into force on Royal Assent, increasingly an Act will state when it comes into force, or – more usually – state that the Secretary of State will bring provisions into force through secondary legislation. This delay is usually to allow those affected by the law to prepare for it. In this sort of situation, the provisions giving the Secretary of State power will come into force on Royal Assent, often together with provisions that provide for definitions, the name of the Act. This process is known as commencement.

Codes and guidance, even if made under legislation, are not legislation; the question then arises as to their status. To what extent must addressees of any such code or guidance comply with them, and is there a difference in status between codes and guidance? Quasi-legislation is either statutory or non-statutory. While statutory and non-statutory quasi-legislation may have a similar effect, the fact that the code/guidance is a statutory requirement means the issuing of it in the first place would lie beyond challenge. So, the fact that Ofcom introduces guidance about women and girls cannot be challenged.