#2: Five things you need if you run a small, low-risk user-to-user service
A summary of duties for small community Web sites and an update from Ofcom
Hello!
This newsletter is mostly an attempt to simplify some of the compliance guidance. It contains:
- What is a small, low-risk user-to-user service?
- February webinar agreed, date tbc
- Five things you need if you run a small, low-risk user-to-user service
Small, low-risk user-to-user services
This newsletter will contain regular use of the phrase “small low-risk user-to-user services”, which is probably not a term you use that often.
To paraphrase the Ofcom guidance, it’s:
an online service with fewer than 7 million users that allows users to interact with each other, generate, or share content on which there is a low or negligible likelihood that a user would encounter illegal content, and that - if illegal does content appears - its impact and severity would be low.
Obviously there is still a lot to unpick here, but it seems probable that if your stock in trade is, say, geolocating benches or sharing policy documents, then you definitely qualify as low risk.
Find out if you run a user-to-user service by using this assessment tool.
Pages 34-42 of this document contain a tick-box risk assessment guide where you can work out your risk levels. It’s reasonable to say that this gets more complex the more users and features your site has, so although it looks quite complex and overwhelming, if you run a straightforward service with a few thousand users it won’t take long to go through.
Things get more complex if you run what is defined as a single risk site, or one where the impact of a harm could be significant on the people who use the site. It also seems probable that it would be useful for someone to conduct a boilerplate risk assessment for Fediverse instances, as that could be re-used and repurposed by quite a few people who are signed up to this newsletter. (If you do this, and would like it to be shared here, email hello@promisingtrouble.net and we'll include it in the next newsletter.)
February Webinar, date tbc
I’ve had some useful conversations with folks at Ofcom, and for now can say:
- The Engagement Team have agreed to run a webinar in mid-February, specifically aimed at small low-risk user-to-user services. Am waiting for a definite date, but it’s probable there’ll be a Q&A component as well as some training.
- Ofcom have a useful tool that is forthcoming (possibly next week, tbc) that will help complete risk assessments
- There’ll be some recorded sessions from this conference that will offer useful guidance
Five things you need you run a small, low-risk user-to-user service
This is set out in more detail on pages 2-5 of this document and can be summarised as follows.
- have an individual accountable for illegal content safety duties and reporting and complaints duties
- a content moderation function to review and assess illegal and suspected illegal content, with swift takedown measures
- an easy-to-find and user complaints system and process, backed up by an appropriate process to deal with complaints and appeals, with the exception of manifestly unfounded claims
- easy-to-find, understandable terms and conditions
- the ability to remove accounts for proscribed organisations
Keeping track of who's affected
If you run a site that will be affected by these regulatory changes, it is really useful to have examples to share with Ofcom and other policy people, particularly if you're very worried or thinking of closing. We've also had a few media enquiries and it would be great to be able to point journalists directly to people running services. As such it would be great if you could add your details to this form please this form.
That's it for now - am hoping for further updates from Ofcom so we'll update as soon as there's anything to share.
Please do share with anyone you think may find this useful!
Rachel Coldicutt, Promising Trouble