Providers of a number of online services have been required by Ofcom to submit their record of their children’s risk assessment by 7 August, or face enforcement action.
Risk assessments are fundamental to keeping users safer online. In order to put in place appropriate safety measures to protect people, especially children, providers must first understand how harm could take place on their platforms, and what could increase those risks of harm.
On 24 April, Ofcom published its children’s safety codes of practice and guidance under the UK’s Online Safety Act. From that point, providers had three months to carry out a suitable and sufficient children’s risk assessment, in line with our guidance.
Providers must also make and keep a written record of their risk assessment, including details about how it was carried out, its findings and how it is kept under review.
Enforcing the Act
To assess and monitor industry compliance with these children’s risk assessment duties under the Act, Ofcom has today launched an enforcement programme.
We have issued formal information requests to providers of a number of services today, setting them a deadline of 7 August by which to submit records of their children’s risk assessments to us.
Providers are required, by law, to respond to any statutory request for information by Ofcom in an accurate, complete and timely way. If any platform does not provide a satisfactory response, we will not hesitate to open investigations.
This follows a similar enforcement programme we launched in March into providers’ compliance with duties to carry out and record illegal harms risk assessments, under which we have already opened several investigations.