A lawyer representing the online message board 4chan says it won’t pay a proposed fine by the UK’s media regulator as it enforces the Online Safety Act.
According to Preston Byrne, managing partner of law firm Byrne & Storm, Ofcom has provisionally decided to impose a £20,000 fine “with daily penalties thereafter” for as long as the site fails to comply with its request.
“Ofcom’s notices create no legal obligations in the United States,” he told the BBC, adding he believed the regulator’s investigation was part of an “illegal campaign of harassment” against US tech firms.
Ofcom has declined to comment while its investigation continues.
“4chan has broken no laws in the United States - my client will not pay any penalty,” Mr Byrne said.
Ofcom began investigating 4chan over whether it was complying with its obligations under the UK’s Online Safety Act.
Then in August, it said it had issued 4chan with “a provisional notice of contravention” for failing to comply with two requests for information.
Ofcom said its investigation would examine whether the message board was complying with the act, including requirements to protect its users from illegal content.
4chan has often been at the heart of online controversies in its 22 years, including misogynistic campaigns and conspiracy theories.
Users are anonymous, which can often lead to extreme content being posted.
I’ve been thinking about the idea that it should be on the government to implement any restrictions it might want to place, so than it’s not an undue burden to the site owner. That way if the UK wants age verification, it should implement it and then it can add whatever site it deems without impacting someone in another jurisdiction.
The downside is it means inserting the government into the network with each country (and state in the US) having its own firewall, so I don’t know if that’s any better. But somewhere along the way the government said that they want to control it, so it should be their problem to solve.
https?
What about it? There are tons of ways to deal with that. If it’s an SNI based site, the host header lives outside of the encrypted payload and can be actioned on. They could couple it with IP based whitelists. Or they could push it down to an account level and require it to connect to the internet period. They can approach it almost any way a corporation could. Sadly digital access hasn’t been enshrined as a right anywhere, and it’d be a fine line between enforcement and great firewall of China approach.
if the government is intercepting https requests and redirecting them to their own age verification thing wouldn’t it have to be downgraded to http?
Again, it depends. If a site is using SNI, the host header is outside the encrypted payload. That can be scanned without breaking https. You can redirect like a proxy, verify the age and then let the original traffic through.
For old style SSL sites you could evaluate by IP and do the same though it would be a broader stroke.
The worst one would be if they forced a national proxy with their own trusted root certificate, but I don’t even want to get into that one.