Why is the Online Child Safety Environment Changing in the UK?
The UK is strengthening online safety through the Online Safety Act 2023. This law aims to protect children from harmful content on the internet. It sets new rules for online businesses to ensure kids are safe when using their services. The government wants website/app operators to take responsibility for online child safety compliance, with strict deadlines and penalties for non-compliance. There is plethora of guidance and other official documentation out there – but here is brief overview to help you get started:
Which Businesses Are Affected?
The rules apply to user-to-user services and search services with a significant number of UK users or that target the UK market. User-to-user services are those where content generated, uploaded, or shared by one user can be encountered by other users of the same service. So that covers a vast part of the Internet including forums, social media-type services, message boards, dating apps etc etc.
Which Online Child Safety/Protection Compliance Steps Should You Have Completed by Now?
By 16 April 2025, all affected businesses should have complete a Children’s Access Assessment (CAA). A CAA is a check to see if children can access your service and whether your platform has, or is likely to attract, a significant number of child users. You can find a Quick Guide to Children’s Access Statements s on Ofcom’s website.
Key Points About CAAs:
- No exemption for small businesses: Every affected service, big or small, had to do a CAA.
- Rare exemption: If your service has highly effective age checks (like strict age verification systems) that stop children from accessing it, you might not need further steps. Most businesses don’t have these, so they had to complete a CAA.
- Focus on child users: You needed to assess two things:
- Can children normally access your service? (If there’s no strong age barrier, the answer is usually yes.)
- Does your service have, or is it likely to attract, a significant number of children? This depends on your platform. For example, a gaming app or a video platform with kid-friendly content is likely to attract many children. “Significant” isn’t a fixed number. This depends on your user base and content. If you’re unsure, Ofcom advises assuming children are accessing your service.
If your CAA showed that children can access your platform or that it attracts a significant number of kids, you have more steps to take.
What’s Next for Businesses with Child Users?
If your service is likely to be accessed by children, you face two key deadlines:
- By 24 July 2025: Complete a Children’s Risk Assessment (CRA). This means identifying risks to children on your platform (e.g., harmful content like bullying or inappropriate material) and planning how to reduce those risks.
- By 25 July 2025: Put child safety measures in place. These could include content moderation, reporting tools, or age-appropriate settings to protect kids.
Ofcom provides a Quick Guide to Children’s Risk Assessments to help you understand these steps. It’s simple and practical, with examples to follow.
Why Act Now?
Missing these deadlines can lead to hefty fines or other penalties from Ofcom. Even if you missed the CAA deadline, you should act quickly to complete it and move on to the next steps. Document everything you do to show you’re trying to comply.
Final Thoughts
The Online Safety Act is about making the internet safer for kids. If your business runs an online platform or search service in the UK, you need to check if children can access it and take steps to protect them. Start with Ofcom’s guides, complete your assessments, and put safety measures in place. Staying on top of these rules keeps your business compliant and helps keep children safe online.
Need Legal Help With Online Child Safety Compliance?
Please contact Adam Taylor now for an initial chat.
