UK plans big fines for online companies over harmful content

harmful content

Social media and other internet companies face big fines in Britain if they don’t remove and limit the spread of harmful material such as child sexual abuse or terrorist content and protect users on their platforms, officials said Tuesday.

Separately, Irish regulators fined Twitter for a data breach, in the first penalty for a U.S. tech company since Europe introduced strict privacy rules.

Under legislative proposals that the U.K. government plans to launch next year, tech companies that let people post their own material or talk to others online could be fined up to 18 million pounds ($24 million) or 10% of their annual global revenue, whichever is higher, for not complying with the rules.

The proposals, contained in the U.K. government’s Online Safety Bill, will have extra provisions for the biggest social media companies with “high-risk features,” expected to include Facebook, TikTok, Instagram and Twitter.

These companies will face special requirements to assess whether there’s a “reasonably foreseeable risk” that content or activity that they host will cause “significant physical or psychological harm to adults,” such as false information about coronavirus vaccines. They’ll have to clarify what is allowed and how they will handle it.

All companies will have to take extra measures to protect children using their platforms. The new regulations will apply to any company whose online services are accessible in the U.K and those that don’t comply could be blocked.

The U.K. government is also reserving the right to impose criminal sanctions on senior executives, with powers it could bring into force through additional legislation if companies don’t take the new rules seriously – for example by not responding swiftly to information requests from regulators.

The European Union is also expected later Tuesday to unveil its own long-awaited sweeping overhaul of digital regulations. The EU proposals will include measures aimed at reining in the tech giants. They will also update the bloc’s 20-year-old rules on e-commerce by making online platforms take more responsibility for their goods and services, such as weeding out shady traders and taking down illegal content such as hate speech.

Meanwhile, the Irish Data Privacy Commission issued Twitter with a 450,000-euro ($540,000) fine for a security breach. The company triggered an investigation after reporting the breach in January 2019, which affected users of the social media company’s Android app.

But it didn’t report it quickly enough, because of “an unanticipated consequence of staffing between Christmas Day 2018 and New Years’ Day,” the company said.

“We take responsibility for this mistake and remain fully committed to protecting the privacy and data of our customers,” Twitter said.

It’s the first punishment for a big U.S. tech company since the EU’s strict privacy rules, known as General Data Protection Regulation, took effect in 2018.

Under GDPR, a single regulator takes the lead role in cross-border data privacy cases as part of a “one-stop shop” system. But the system has come under question, with Ireland’s watching facing criticism for taking too long to decide on cases. The Twitter decision was also delayed after regulators in other EU member states objected to Ireland’s draft penalty.

LONDON (AP) — By KELVIN CHAN AP Business Writer