Facebook Inc. managed to distance itself from the most damning document leak in its history by renaming itself as Meta Platforms Inc. last week, but that doesn’t mean it won’t face greater regulatory scrutiny around the world. Where will it get the most heat? My bet is the U.K.
After blundering on Brexit, the U.K. is moving much more effectively on a law aimed at tackling the same social- media harms that were outlined by whistleblower Frances Haugen. The Online Safety bill tackles a wider range of issues than the European Union’s similar proposals, and will likely come into force earlier, potentially next year.
The law cleverly threads the needle between human welfare and free speech by treating social-media companies as public environments (not publishers), and with the right final touches, it could be a template for other governments to follow.
In essence, social-media companies will be required to carry out regular risk assessments on the nature of harmful content on their platforms, and to take action on those harms as well as on any prevalent illegal content. Communications regulator Ofcom will assess the companies on those outcomes. If they don’t comply, the companies face multibillion-dollar fines, and potentially criminal charges for executives.
In other words, social-media companies will have to provide much of the kind of information that Haugen leaked: internal research. That could, for instance, be data showing that women in certain parts of the U.K. are more liable to read COVID-19 misinformation, or that certain teens are “hyper-exposed” to self-harming content. Ofcom would then tell the social-media firm to tweak its algorithms to change those statistics, or be punished.
In effect, social-media will become regulated like a hazard industry. Haugen praised the U.K.’s bill as a “world-leading” approach to regulating social platforms.
The bill has its critics, particularly on free speech. It risks forcing Facebook and other social-media platforms like Twitter Inc. and Alphabet’s YouTube to “over-remove” content, according to Big Brother Watch, a privacy campaign group in the U.K. But so do efforts to reform free speech laws in the U.S., an issue over which there is little consensus. The U.K. has the benefit of moving quickly and with an existing regulatory agency to test the new rules and suggest changes where necessary.
The real weak link in this promising law is the regulator and its capabilities. The bill, as it stands, allows social-media companies to set their own standards for defining a risk assessment, not Ofcom. That could make it easier to worm out of diligent reporting. As Haugen noted in her testimony, “Facebook is good at dancing with data.”
(Facebook’s organizational structure also looks woefully unprepared for being audited on harms. In separate testimony to the British MPs, the company’s head of safety, Antigone Davis, admitted that she reported to Joel Kaplan, Facebook’s top lobbyist, not the company’s audit and risk oversight committee.)
It will also be difficult for Ofcom, which was designed to regulate telephone companies and TV channels, to pivot to the vast, online world and its difficult-to-measure impacts on human rights.
But it helps that the regulator will be assessing reports provided by the tech companies, and might not necessarily have to hire an army of computer scientists to investigate their algorithms. Will Perrin, a former civil servant who helped set up Ofcom and whose research sparked the upcoming law, tells me that Ofcom has plenty of experience and ability to extract the information it needs from companies.
The current law is fueled by painful experience. British schoolgirl Molly Russell died by suicide in 2017 after viewing self-harm images on Facebook’s Instagram, and her father has become a powerful public advocate for regulation of these platforms. Last month, while questioning Haugen, politicians working on the new law also brought up the threats and abuse they’d received on social media, as well as the recent killing of another MP, Sir David Amess.
The bill is based on a storied and well-known “duty of care” principle at the heart of British health and safety law. This obligation to protect people stems back to 1928, when a woman named Mary Donoghue bought a bottle of ginger beer in Paisley, Scotland, and found a dead snail inside, later falling ill. She sued the manufacturer and won when her case went up to the House of Lords. Lord Atkin of Aberdovey, who presided over the case, said in his judgment, “The rule that you are to love your neighbor becomes in law ‘You must not injure your neighbor.’ “
An age-old principle is now set to be a cornerstone for regulating social media. The U.K. could pioneer this effort in the same way the EU pioneered wider privacy standards with its GDPR law. Let’s hope it is not a missed opportunity.