Summary: The UK has some Online Safety Act, any websites that let users interact with other users has to police illegal content on its site and must implement strong age verification checks. The law applies to any site that targets UK citizens or has a substantial number of UK users, where "substantial number" is not defined.
I'm going to guess this forum is UK-based just based on all the blimey's. Also the forum seems to have been locked from new users for some time, so it was already in its sunset era.
The admin could just make it read only except to users who manually reach out somehow to verify their age, but at the same time, what an oppressive law for small UK forums. Maybe that's the point.
> any websites that let users interact with other users has to police illegal content on its site and must implement strong age verification checks.
But I believe you only need age verification if pornography is posted. There's also a bunch of caveats about the size of user base - Ofcom have strongly hinted that this is primarily aimed at services with millions of users but haven't (yet) actually clarified whether it applies to / will be policed for, e.g., single-user self-hosted Fediverse instances or small forums.
I don't blame people for not wanting to take the risk. Personally I'm just putting up a page with answers to their self-assessment risk questionnaire for each of my hosted services (I have a surprising number that could technically come under OSA) and hoping that is good enough.
Because the UK refuses to elaborate on who qualifies under the act, and the only "safe" way to operate a website that might hypothetically be used by someone in the UK is to simply not.
The costs required to operate any website covered by this act (which is effectively all websites) is grossly excessive and there are either NO exceptions, or the UK has refused to explain who is excepted.
> The costs required to operate any website covered by this act (which is effectively all websites) is grossly excessive
That depends what you count as the costs. If you're a small site[0] and go through the risk assessment[1], that's the only costs you have (unless pornography is involved in which case yes, you'll need the age verification bits.)
[0] ie. you don't have millions of users
[1] Assuming Ofcom aren't being deliberately misleading here.
It's not necessarily a technological problem that software has to solve. There's a bunch of processes around reporting and age verification that have to be in place.
Ah I see. I guess that's where the current direction of law and I have parted ways. Had they focused on making laws requiring better parental controls support on all devices then server operators could add a single RTA header and be done with it. It's not a perfect technical solution but I believe it delegates the legal liability on the parents where it belongs. Parents could then simply consent for their kids to view whatever they want if they feel they are psychologically ready.
Summary: The UK has some Online Safety Act, any websites that let users interact with other users has to police illegal content on its site and must implement strong age verification checks. The law applies to any site that targets UK citizens or has a substantial number of UK users, where "substantial number" is not defined.
I'm going to guess this forum is UK-based just based on all the blimey's. Also the forum seems to have been locked from new users for some time, so it was already in its sunset era.
The admin could just make it read only except to users who manually reach out somehow to verify their age, but at the same time, what an oppressive law for small UK forums. Maybe that's the point.
IANAL
> any websites that let users interact with other users has to police illegal content on its site and must implement strong age verification checks.
But I believe you only need age verification if pornography is posted. There's also a bunch of caveats about the size of user base - Ofcom have strongly hinted that this is primarily aimed at services with millions of users but haven't (yet) actually clarified whether it applies to / will be policed for, e.g., single-user self-hosted Fediverse instances or small forums.
I don't blame people for not wanting to take the risk. Personally I'm just putting up a page with answers to their self-assessment risk questionnaire for each of my hosted services (I have a surprising number that could technically come under OSA) and hoping that is good enough.
So, what makes the UK Online Safety Act close the forum?
This list of requirements is excessive and nobody wants to read through endless documents and do endless risk assessments. https://www.ofcom.org.uk/online-safety/illegal-and-harmful-c...
Children's access assessments - 32 pages
Guidance on highly effective age assurance and other Part 5 duties - 50 pages
Protecting people from illegal harms online - 84 pages
Illegal content Codes of Practice for user-to-user services - 84 pages
What happens with cross nation access? Will international sites start to refuse accounts to brits?
Because the UK refuses to elaborate on who qualifies under the act, and the only "safe" way to operate a website that might hypothetically be used by someone in the UK is to simply not.
The costs required to operate any website covered by this act (which is effectively all websites) is grossly excessive and there are either NO exceptions, or the UK has refused to explain who is excepted.
> The costs required to operate any website covered by this act (which is effectively all websites) is grossly excessive
That depends what you count as the costs. If you're a small site[0] and go through the risk assessment[1], that's the only costs you have (unless pornography is involved in which case yes, you'll need the age verification bits.)
[0] ie. you don't have millions of users
[1] Assuming Ofcom aren't being deliberately misleading here.
they don't want to reengineer the forum...
These UK laws might boost Tor usage.. let's hope something good will come from the full censorship political tyranny in Europe.
What features are lacking from vBulletin that prevents being compliant? I suspect some details are missing.
It's not necessarily a technological problem that software has to solve. There's a bunch of processes around reporting and age verification that have to be in place.
Ah I see. I guess that's where the current direction of law and I have parted ways. Had they focused on making laws requiring better parental controls support on all devices then server operators could add a single RTA header and be done with it. It's not a perfect technical solution but I believe it delegates the legal liability on the parents where it belongs. Parents could then simply consent for their kids to view whatever they want if they feel they are psychologically ready.