Safety or Surveillance – The Debate Around the Online Safety Act

The Online Safety Act (OSA) was introduced on 25^th of July 2025. Its main aim is to protect children from harmful online content by using stringent age verification processes. The OSA has been highly divisive amongst UK citizens, with many heralding the Act as necessary to combat highly dangerous content that children can easily find online, but with others speaking out about privacy concerns regarding data collection.

Figures from OFCOM show that 8% of children aged 8 to 14 have visited a pornography site over a month-long period, and 16% of teenagers have seen material that promotes an unhealthy relationship with food through body shaming and unrealistic, edited or faked content in the last 4 weeks. With such high percentages of young people viewing this corrosive content, it is no surprise that 69% of British people agree with the new legislation.

The OSA aims to protect under 18s from pornography, self-harm, suicide, eating disorder content and anything else deemed inappropriate for consumption by children. The OSA will require platforms to use secure methods of age verification, which will make it challenging for under 18s to access harmful content, either on purpose or by accident. Several means are available for websites containing this harmful content to verify the age of their users including facial age estimation, credit card ages checks, and photo-id matching, among other methods.

This rigorous age verification will not only cut down on under-age users, preventing them from entering the site at all, but will also dissuade adult users from viewing harmful content as they do not want the hassle or are concerned about linking their online and offline personas. Overall, it promises an improvement to society at large through a net reduction in consumption of dangerous online content.

The OSA’s aim to protect under 18s and maintain a net social gain includes stipulation that the measures put in place to verify age must not collect or store personal data, unless it is necessary. The Information Commissioner’s Office (ICO) will be working alongside OFCOM to ensure the data protection principle will be upheld, even as personal data is collected for the purposes of the verification.

This is significant because it aims to protect every UK user on the internet from the threat of a nationwide data breach, as all users accessing illicit content for young people under the Act are subject to age verification. Resultantly, a data breach would affect many UK citizens. This assurance empowers UK internet users with their retained security and freedom, whilst also helping curb children’s access to dangerous content.

On top of this, companies are likely to comply with the Act due to OFCOM having a few actions they can take if a breach is made to the Act. They can fine 10% of global turnover or £18 million, whichever is larger, and, for more serious offenses, they can ask a court to prevent the website from being available in the UK.

With these harsh punishments and the consequential likelihood of obedience by tech firms, it seems that this Act could be successful in protecting under-age people in the UK from harmful online content.

Opponents of the Online Safety Act believe it a risk to the public as fear of a data breach, despite government assurance, that could merge their online and offline life threatens many people’s relationships and careers. This would also provide a ripe spot for hackers to exploit and commit blackmail on an unprecedented scale. Therefore, if these concerns are even somewhat valid, then the Online Safety Act categorically fails at its task. Indeed, many people, aiming to dodge verification and so this perceived risk, may be pushed to darker and less regulated corners of the internet to access viewing material. This would also include young people, meaning that the Act forced them from a safer area of the internet to a more dangerous area that exposes them to even more harmful content.

This fear of an internet migration by young people to access prohibited content is reflected in public opinion, as the Guardian reports that only 24% of Britons believe this legislation will prevent under 18s from accessing pornographic sites.

Another concern of opponents is that this legislation is being heralded by some as a step towards censorship. The Financial Times reported that a post on X (one of the sites required to comply under the Act) was blocked due to containing the word ‘pornography’ in the title, despite the fact it was YouGov’s own polling on the matter. There have also been reports of users being blocked from ‘Spongebob Squarepants’ GIFS and Spotify playlists, as well as information about Joe Biden’s police funding plan and a post about a new, upcoming political party being restricted.

This is concerning because censorship, whether purposeful or not, vies against UK democracy as it prevents users, especially young people, from having access to information which is critical to the development of political and general knowledge that is so important in a democratic society.

Additionally, The Act also lacks specificity around what is considered an infringement, which has led to a high degree of subjectivity on what constitutes a breach. This, paired with the tough punishments for those who break the rules, has led to tech companies purging information indiscriminately from their sites as they do not want to breach the law and do not want to waste time and resources sifting through large amounts of data.

As a result, a degree of mass censorship is taking place, as tech companies dodge governmental regulation.

The OSA specifies on the use of VPNs, which mask the location of a user and could be used to get around the OSA, not being prohibited, but platforms which promote their usage, especially to children, could face enforcement action, including major financial penalties. Since the Act was enforced on 25^th of July 2025, downloads of popular VPNs have skyrocketed despite no companies facing punishment under the Act.

This demonstrates how the Act is futile without international support or stricter rules around VPNs, as VPNs are common amongst users and easy to access which makes bypassing the Act legally child’s play for young people.

The UK Government is already under scrutiny regarding improper personal data usage, with police officers using passport images to identify people in mass facial recognition searches without following regulation, so they must tread carefully around this matter. It is evident that something should be done about dangerous content online being so easily accessible by children, with such high exposure rates to damaging material. Yet, the fears of those who oppose the Online Safety Act may call for a redrafting of the Act to cool down debate, or at least for a highly transparent system that settles concerns.