The Online Safety Act (OSA) introduces a number of transparency and information obligations which may require in-scope services to make changes to their terms of service. What needs to be included will depend on the type of service (user-to-user, search, and/or or Category 1, 2A and 2B), and the type of content on the service (for example, illegal content, content harmful to children, journalistic content, content of democratic importance). One of the safety objectives which Ofcom is required to work towards is that all UK users of user-to-user services including children are made aware of and can understand the relevant terms of service, so this is a key compliance issue.
For the purposes of the OSA:
"Terms of service" in relation to user-to-user services is defined in s236 as meaning: "all documents (whatever they are called) comprising the contract for use of the service (or of part of it) by United Kingdom users". Note that there are additional duties which may require changes to internal policies which are outside the scope of this article.
Most additions to terms of service are required to be "clear and accessible". In Volume 4 of its illegal harms consultation, Ofcom (the OSA's regulator) proposes that this should mean terms are:
Note that there are similar (but not identical) requirements on search services to bring information to users' attention. These obligations tend to require inclusion of certain information in a "publicly available statement". Some of these duties may (but do not have to be) satisfied by inclusion of the required information in terms of service. Search services are, however, outside the scope of this article.
On 11 January 2024, Ofcom published an information note on New rules for online services: what you need to know which suggests that in addition to responding to Ofcom consultations and to Ofcom information requests (where received), the only immediate compliance point is for providers of user-to-user services under s72(1) as set out below. Ofcom says other changes to terms of service maybe needed when more of the new rules to protect users from illegal harms online come into force in late 2024, however, in-scope service providers should begin preparing to make changes now and, at the least, start working out an audit process for reviewing and, where necessary, changing relevant terms of service.
Here we summarise OSA requirements relating to what in-scope user-to-user services must include in their terms of service.
You can access Part 1 of our Interface content on the OSA here, Part 2 here, and our full range of content on the OSA and the DSA here.
Louise Popple provides a table comparing obligations under the UK's Online Safety Act and the EU's Digital Services Act.
2 of 7 Insights
Debbie Heywood looks at how to make sense of Ofcom's provisional views on ways user-to-user services can comply with their OSA safety duties relating to illegal harms.
3 of 7 Insights
Xuyang Zhu looks at Ofcom's draft guidance on carrying out illegal content risk assessments.
4 of 7 Insights
Laura Craig looks at Ofcom's draft guidance on how services can comply with record keeping and review requirements under the OSA.
5 of 7 Insights
Margarita Taliadoros looks at the implications of Ofcom's draft guidance on identifying illegal content regulated under the OSA.
6 of 7 Insights
Debbie Heywood looks at what the ICO's Children's Code and the Online Safety Act mean by the term "likely to be accessed by children" and at overlaps and differences in requirements.
7 of 7 Insights
Return to