Ofcom's approach to implementing the Online Safety Act

Ofcom has provided an update on our progress since the Online Safety Act became law.

The Act makes companies that operate a wide range of online services legally responsible for keeping people, especially children, safe online. These companies have new duties to protect UK users by assessing risks of harm, and taking steps to address them. All in-scope services with a significant number of UK users, or targeting the UK market, are covered by the new rules, regardless of where they are based.

Services need to act to comply with their duties

We have published Codes of Practice and guidance on how in scope companies can comply with their duties. If you provide an online service, there are actions you must take when duties come into force. The ‘important dates for online safety compliance’ page explains the important milestones.

Phase one: illegal harms

In December 2024, we published our illegal harms statement which set out illegal content duties that services must comply with.

All providers of services in scope of the Act must complete an illegal content risk assessment by 16 March 2025. Our quick guide to illegal content risk assessments has more information about how to complete a risk assessment. Our quick guide to the illegal content codes of practice has more information about the final Codes.

We also plan to launch a further consultation which builds on the foundations established in the first Codes in spring 2025.

Phase two: child safety, pornography and the protection of women and girls

In January 2025 we issued our final age assurance guidance for publishers of pornographic content. These duties relevant to part 5 providers became enforceable around the same time and we are monitoring compliance.

Our final children’s access assessments guidance was published in January 2025. Service providers have three months to complete the children’s access assessment process. Services likely to be accessed by children must then carry out a children’s risk assessment within three months of us publishing our Protection of Children Codes and risk assessment guidance in April 2025. Those services should prepare to complete their children’s risk assessments by July 2025. We expect that the child protection safety duties will become enforceable around July 2025.

In February 2025, we published our draft guidance on protecting women and girls, containing advice on content and activity which disproportionately affects women and girls, and on assessing and reducing the risk of harm to them. We expect the final guidance to be published at the end of the year. 

Phase three: categorisation and additional duties for categorised services

A small proportion of regulated services will be designated Category 1, 2A or 2B services if they meet certain thresholds set out in secondary legislation. Our final stage of implementation focuses on additional requirements that fall only on these categorised services.

These categorised services will be required to comply with a range of additional requirements, depending which category they are in, largely focused on bringing an enhanced level of safety, transparency, and accountability to the online world. 

The next stage is for Government to confirm the thresholds for categorisation in secondary legislation, which we expect to take place by the end of 2024. We have reprioritised our work on the duties on categorised services to ensure we deliver most quickly in the areas that we expect to be particularly beneficial in protecting users once the thresholds are confirmed. We expect to:

• publish the register of categorised services in summer 2025,
• issue draft transparency notices within a few weeks of publication of the register, and to issue final transparency notices soon after,
• publish draft proposals regarding the additional duties on categorised services no later than early 2026.

Progress update on implementing the Online Safety Act  

Ofcom's approach to implementing the Online Safety Act (PDF, 565 KB)

Dull Ofcom o roi’r Ddeddf Diogelwch Ar-lein ar waith (PDF, 540 KB)