Should the Online Safety Act survive?

Boy with phone, cybersecurity hologram and padlock circuit

The Online Safety Act aims to protect children

(Image credit: Getty Images)

published 27 September 2025

The Online Safety Act was passed by the previous Conservative government in 2023 – with very broad cross-party support – that aims to protect users, especially children, online.

The main provisions of the act came into force in July this year. It requires social-media platforms and large search engines to prevent children (aged under 18) from accessing pornography online, and obliges relevant websites to have “highly effective” age-verification checks for UK users.

MoneyWeek

Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE

Get 6 issues free

https://cdn.mos.cms.futurecdn.net/flexiimages/mw70aro6gl1676370748.jpg

Sign up to Money Morning

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

How does the Online Safety Act work in practice?

Websites offering a “user-to-user service” – including social networks, dating apps and pornography sites – must check users’ ages if they carry unsafe content. That typically involves checking a person’s age via their credit card provider, bank or mobile phone network operator; or requiring a selfie, which is analysed by an AI tool.

This will assess the likely age based on a bank of millions of images, or compare it with a government-issued ID, such as a driving licence, that must also be uploaded. Specialist software firms, including Yoti and Persona, take care of the age-verification process, a growing niche, on behalf of the likes of Reddit, Instagram and OnlyFans.

Ofcom, the regulator responsible for policing the act, has imposed extra measures, including the requirement that algorithms recommending content to users must filter out harmful material; that all sites and apps must have procedures for taking down dangerous content quickly; and children must have a “straightforward” way to report concerns.

How has the law been received?

It has rapidly become the focus of intense controversy. Tech company billionaires, as well as voices on both the left and right of UK politics – from journalist Owen Jones to Reform UK’s Nigel Farage – regard it as an illiberal act of censorship that won’t work and will have damaging unintended consequences.

Conservative leader Kemi Badenoch (unlike the previous Tory government) shares this view. If elected, both Tories and Reform have pledged to undo it, and more than 530,000 people have signed a petition demanding a parliamentary debate on its repeal.

The Labour government is committed to implementing the act in full. But the technology minister Peter Kyle unwisely inflamed the debate by accusing Farage and other sceptics as being “on the side” of paedophiles and “extreme pornographers”.

What’s the case in favour?

Left to self-regulate, tech companies have simply “shirked their moral responsibilities” to prevent children from accessing toxic content, says The Times. In the case of pornography, especially, the new age-verification regime is both necessary and welcome as a means of mitigating genuine harms.

According to Ofcom, about 8% of children between the ages of eight and 14 accessed online porn over the period of a month. Half of 13-year-olds have been exposed to it, and a quarter of child suicides have been linked to material they found online. It’s understandable that a large majority of British adults (69%) support age-verification, according to YouGov.

Is the law working?

The biggest pornography sites are complying. According to Ofcom, all of the top ten and most of the top 100 adult sites have either introduced age checks or blocked UK access. No business has yet been fined under the Online Safety Act, but Ofcom says it has opened 12 investigations into pornographic services, covering more than 60 sites and apps.

There were 7.5 million visits to the top five age-verification sites in August, up from a million in June, before the act took effect. Meanwhile, viewing of pornography online has fallen overall. Data from Similarweb showed that between 19 July and 15 August, there was a 45% drop in the number of UK users to Pornhub, by far the country’s most viewed pornography site, as users baulk at supplying personal information. Across the top 100 sites, there was a 33% drop.

At the same time, the number of people downloading VPNs (virtual private networks) has surged, allowing them to bypass age restrictions. That is bad news for Big Tech outfits that rely on advertising, as VPNs “obscure much of the personal information that makes them lucrative targets for advertisers”, says Jennifer Johnson on Breakingviews.

What’s the case against?

First, that it’s likely to be ineffective. As already seen, many people – presumably including tech-savvy teenagers – are able to get round it using a VPN.

Second, the new rules have had the unintended consequence of limiting access to unharmful sites, including news and journalistic content. The legislation is simply a gross intrusion of privacy by the state – a reckless interference in the freedom of the internet that is the thin end of the wedge, leading to censorship and state control.

To prove they are not a child, all users of some popular and legal sites are now “forced to turn over vast troves of valuable biometric data and forever link their offline identity to their online behaviour”, says Taylor Lorenz in The Guardian. That data could easily be “weaponised by the government or bad actors and put internet users at… higher risk of crimes such as identity theft and fraud”.

What about the effect on business?

Many critics also argue that the legislation is unfair to smaller businesses. Rather than curbing the power of Big Tech, the new rules risk entrenching their power by making it harder for others to comply. The aim might be noble, but the execution has been “botched”, says Juliet Samuel in The Times.

The most sensible way to protect children from the “excesses of the adult world” would be via the devices we permit them to use, rather than by tasking Ofcom regulators with trying to “remodel the internet”. “Regulating the operating system and hardware of a phone or tablet sold for use by a child could protect them in ways that are far harder to bypass and have far less impact on the freedoms of adults.”

This article was first published in MoneyWeek's magazine. Enjoy exclusive early access to news, opinion and analysis from our team of financial experts with a MoneyWeek subscription.

Simon Wilson’s first career was in book publishing, as an economics editor at Routledge, and as a publisher of non-fiction at Random House, specialising in popular business and management books. While there, he published Customers.com, a bestselling classic of the early days of e-commerce, and The Money or Your Life: Reuniting Work and Joy, an inspirational book that helped inspire its publisher towards a post-corporate, portfolio life.

Since 2001, he has been a writer for MoneyWeek, a financial copywriter, and a long-time contributing editor at The Week. Simon also works as an actor and corporate trainer; current and past clients include investment banks, the Bank of England, the UK government, several Magic Circle law firms and all of the Big Four accountancy firms. He has a degree in languages (German and Spanish) and social and political sciences from the University of Cambridge.