Merits of self-regulatory approach
141. Protection from potentially harmful content,
contact and conduct on the Internet or using Internet-based services
has rested until now largely with the industry, which has responded
to varying degrees to the different types of threat. One of the
questions central to this inquiry has been: is self-regulation
by the industry succeeding?
142. Providers of Internet connectivity and of
search services and social networking services spoke up strongly
for what had been achieved so far through self-regulation. Mr
Lansman, the Secretary-General of the Internet Service Providers
Association, said that the industry was "leading the way",
and Mr Galvin, speaking on behalf of BT, said that self-regulation
had given "a shining example of best practice in the best
Internet service providers". Both Mr Lansman and Mr Galvin
accepted that risks remained and would continue to emerge from
new services.[257]
Mr Walker, General Counsel for Google, said that the self-regulatory
model for applying controls on access to Internet content had
been "relatively successful", and he argued that "the
risk of governmental or prescriptive rules being imposed on an
industry which is effectively less than three years old runs a
significant risk of unintended consequences".[258]
MySpace believed that self-regulation was working well and was
"the appropriate means to approach safety".[259]
Bebo, while it expressed confidence in self-regulatory approaches,
also accepted that the rapidly evolving nature of the market meant
that businesses needed to review and improve their response continually.[260]
143. Mr Galvin also contrasted the self-regulatory
approach with that of statutory regulation, saying that "I
do not think you would have seen the pace of our co-operation
with legislation, because inevitably it goes more slowly".[261]
He did not, however, discount the need for statutory regulation,
to determine where the line between illegal and harmful or unpleasant
content should be drawn.[262]
144. Some of the industry's efforts in self-regulation
have been much praised and admired. The Internet Watch Foundation
said that it was "consistently referenced as a national and
international model of effective self- and co-regulation"
and was recognised as an influential and relevant authority by
many sectors.[263]
Others also spoke highly of the Foundation's work.[264]
The Child Exploitation and Online Protection Centre applauded
the work of the Foundation and also described the Clean Feed[265]
system operated by BT as "an outstanding, world-leading initiative".[266]
145. We note that 95% of domestic broadband consumers
buy Internet access from about seven companies, all of which apply
the IWF list. The remaining 5% use a "tail" of perhaps
100 companies some of which do not block access, although some
of those may in fact be reselling internet connectivity from larger
companies who have already imposed the blocks. The Internet Watch
Foundation told us that it believed that there were "issues
in relation to cost and effectiveness" underlying
the reluctance of smaller ISPs to block access.[267]
146. The Internet Service Providers Association
said that it encouraged as many Internet service providers as
possible to apply the Foundation's list.[268]
The Home Office set a target
for all ISPs to agree by the end of 2007 to block access to sites
on the list: when we raised the issue in oral evidence in May
2008, it was plain that little progress had been made in persuading
the remaining 5% to act. Ministers appeared to be losing patience
and were considering their options, which include legislation.[269]
We expect the Government to apply continuing, and if necessary,
escalating pressure on Internet service providers who are showing
reluctance to block access to illegal content hosted abroad. In
a lucrative market, the cost to Internet service providers of
installing software to block access to child pornography sites
should not come second to child safety.
147. Although most witnesses were complimentary
about the efforts of the industry, we were struck by the considerable
anxiety expressed by the Chief Executive of Ofcom about the effectiveness
of self-regulation as presently operated. He believed that current
arrangements "cannot persist" and was particularly critical
of the lack of clarity about take-down procedures and the lack
of transparency about complaints. In his view, "we do not
have anything even approaching an effective self-regulatory model
for this". He set a timescale of 12 months for Internet-based
industries to "come closer to the broadcast world":
for him, the test was: would the industry "step up to the
plate"?[270] He
did not, however, believe that there was a clear case for Ofcom
to acquire more regulatory powers in relation to the Internet,
or at least not yet. He maintained that Ofcom's instinct "has
always been and remains to regulate in the least intrusive, least
bureaucratic way possible", and he was satisfied that there
was "a real opportunity for self-regulation to be effective".[271]
148. The Child Exploitation and Online Protection
Centre, in its submission to the Byron Review, proposed that there
should be "a critical examination of whether the voluntary,
self-regulation approach to protecting children and young people
works effectively as it stands and actually delivers real and
tangible change when it comes to the protection of children, whether
it is sustainable in the long-term as new providers come on stream
and actually delivers change, including the need to monitor the
implementation of good practice guidance by service providers".[272]
The Centre's Chief Executive Officer, Mr Gamble, claimed that
some elements in the Internet services industry were "difficult",
avoided engagement with CEOP, and were unwilling to co-operate
with CEOP in its efforts to protect young people from harm.[273]
149. Childnet International, a charity which
seeks to improve the safety of children using the Internet, told
us that it accepted the importance of self-regulation to the Internet
industry and said that it would be "hesitant" to propose
stringent regulation.[274]
It described the self-regulatory regime set out under the Communications
Act 2003 as being widely considered as successful; but it regretted
that compliance with that regime was not monitored. It spoke of
the "valuable guidance" drawn up in best practice guidelines
set out by the Home Office Taskforce and through best practice
guidance drawn up by industry bodies such as the Internet Service
Providers Association; but adherence was not mandatory and it
believed that there was no way to verify easily how far the industry
was conforming to its own guidelines.[275]
Professor Livingstone suggested that an independent body might
be established to oversee and report on the effectiveness and
the accountability of self-regulatory codes.[276]
Dr Byron took much the same view, suggesting that the industry
should set out "very clear safety codes and general good
practice principles" which could then be independently monitored
and evaluated.[277]
150. There are signs that the Government expects
the industry to take a stronger line. For instance, in an Adjournment
debate on cyberbullying on 20 February 2008, the Rt Hon Beverley
Hughes MP, Minister of State at the Department for Children, Schools
and Families, said that "we need business to raise its game"
in preventing cyber-bullying.[278]
We asked Ministers to offer their views on whether the time had
come to establish a body to oversee Internet standards, in the
manner of the Advertising Standards Authority or the Press Complaints
Commission. The Rt Hon Margaret Hodge MP, Minister of State at
the Department for Culture, Media and Sport, said that "we
always keep an open mind" but that, at present, the Government
did not want to over-regulate: rather, it would prefer to work
through voluntary mechanisms and existing structures. She said
that the Convergence Think Tank was considering the issue.[279]
151. There appear to be conflicting views within
the industry on the practicality of applying certain standards.
Divergences in practice are especially noticeable in the allocation
of resources by Internet-based services to pro-active screening
on sites hosting user-generated content and the provision of facilities
to report directly to law enforcement agencies. Many companies
publish their own codes and policies for child protection but
there are significant variations between these. We also note that,
if a company's practice is poor, there is no independent body
to which a user might submit a complaint and no body to enforce
minimum standards. We note with interest research conducted by
Ofcom suggesting considerable uncertainty among parents about
who to complain to if they discovered potentially harmful or inappropriate
content online. Approximately one-third of the sample said that
they would complain to the police; 14% would complain to their
Internet service provider; 11% would complain to the website itself;
and almost four out of ten did not know who they would complain
to.[280] Mr MacLeod,
Chair of the Mobile Broadband Group, listed various channels by
which complaints about content access through mobile devices were
received: through Ofcom, the Independent Mobile Classification
Body, the Mobile Broadband Group and the network operators themselves.[281]
152. This Committee has broadly been a supporter
of self-regulation in various fields, such as regulation of on-demand
broadcast services, the secondary ticketing market and press standards.
We recognise that self-regulation has a range of strengths: a
self-regulating industry is better placed to respond quickly to
new services; it is more likely to secure "buy in" to
principles;[282] and
it will bear the immediate cost. We accept that a great deal has
been achieved through self-regulation by the various industries
offering Internet-based services, but there appears to be too
great a disparity in practice between different firms and not
enough evidence that standards of good practice are being consistently
followed.
153. We believe that
leaving individual companies
in the Internet services sector to regulate themselves in the
protection of users from potential harm has resulted in a piecemeal
approach which we find unsatisfactory. Different practices are
being followed and there is a lack of consistency and transparency,
leading to confusion among users. Nor is there any external mechanism
for complaints about services provided by Internet-based industries
to be considered by an independent body. However, we do not believe
that statutory regulation should be the first resort. Instead,
we propose a tighter form of self-regulation, applied across the
industry and led by the industry. We therefore call on the industry
to establish a self-regulatory body which would agree minimum
standards based upon the recommendations of the UK Council for
Child Internet Safety, monitor their effectiveness, publish performance
statistics and adjudicate on complaints.
154. We recognise that a number
of companies may choose to set higher standards for their own
commercial reasons, but the public need the assurance that certain
basic standards will be met. This is particularly important in
the area of child protection and Internet safety. However, the
new body might also take on the task of setting rules governing
practice in other areas such as on-line piracy and peer to peer
file-sharing, and behavioural advertising, which although outside
the scope of this inquiry are also of public concern. Given the
global nature of the industry, it is impossible to make membership
compulsory for all service providers, but a widespread publicity
campaign should ensure that consumers are aware that they can
have confidence in the standards of protection and reputable practice
which membership of the body carries with it and that this cannot
be guaranteed by those companies that choose not to join.
155. We considered whether the UK Council for
Child Internet Safety should, in time, take on a wider role in
leading self-regulation of Internet service industries. Our conclusion
is that this would be inappropriate, as the Council has been established
as a forum in which Government departments, the industry and relevant
voluntary sector bodies can work together in developing a strategy
for child Internet safety. Its role should be to agree on recommendations
of minimum standards for the industry to meet. The implementation
and enforcement of these would be the responsibility of the self-regulatory
body. In this respect, the UK Council would have a similar role
to the Committee of Advertising Practice which draws up the Code
governing the non-broadcast advertising industry. The Code is
then enforced by the Advertising Standards Authority Council,
which has a mixed membership from the industry and from the voluntary
sector, with no presence from either the Government or from Ofcom.
Our preferred model for any
new body to maintain standards among providers of Internet-based
services is that of the Advertising Standards Authority, which
is generally successful at securing compliance with codes for
advertising standards but which, if necessary, may refer companies
which persistently breach those standards to statutory regulators
that can apply penalties.
The role of Government
156. Although we have identified a role for the
Government in bringing forward legislation to define certain types
of content on the Internet as illegal, we do not believe that,
in general, this is a field in which the Government should be
very closely involved. Its chief role should be to ensure that
bodies with a regulatory, advisory or law enforcement role in
protection from harmful content on the Internet and in video games
have priorities which are in line with Government policy and are
resourced to carry out their duties effectively.
157. The Government has performed a service by
bringing the issue of protection from harm on the Internet to
the fore. The creation of the Home Secretary's Taskforce on Child
Protection on the Internet and, more recently, the Child Exploitation
and Online Protection Centre, signalled how seriously the Government
took the protection of children from risks from the Internet.
Commissioning the Byron Review was another big step forward. We
commend the Government for the action it has taken to motivate
the Internet industry, the voluntary sector and others to work
together to improve the level of protection from risks from the
Internet, particularly for children. However, we regret that much
of this work remains unknown and has therefore done little to
increase public confidence. We look to the UK Council to build
on the existing agreements and to ensure a much greater public
awareness of what has already been achieved.
158. We note criticism that the Government has
not been "joined up" in its approach.[283]
This is an easy criticism to make but a difficult one to refute,
especially in an area where so many Departments have an interest.
For instance, the Department for Children, Schools and Families
has policy responsibility for schools, which have a role in educating
children in safe use of information technology and the Internet;
the Department for Culture, Media and Sport has an interest in
the Internet as a medium through which creative content is disseminated;
the Home Office has a role in the protection of the public and
in law enforcement; and the Department for Business and Enterprise
has responsibilities for the regulatory structure within which
Internet-based services operate, including regulation based upon
the E-Commerce Directive. The Ministry of Justice has taken the
lead in policy on possession of computer-generated images of under-aged
children in sexual activity.
159. Ministers sought to persuade us that the
Government was "very joined up" in its approach to the
matters considered by this inquiry.[284]
Certainly, there have been good examples of cross-Departmental
collaboration, for instance in the establishment of the Byron
Review. However, we recall Dr Byron's statement that the Internet
industry was "very fatigued" at dealing with different
Government departments which, individually, were having "several
sometimes contradictory conversations" with the industry.[285]
We also note that the Government
originally suggested that four different Ministers should give
evidence to our inquiry and it does seem that there is scope for
improved co-ordination of activity between different Government
departments. We recommend that a single Minister should have responsibility
for co-ordinating the Government's effort in improving levels
of protection from harm from the Internet, overseeing complementary
initiatives led by different Government departments, and monitoring
the resourcing of relevant Government-funded bodies.
90 See for instance Byron Review Executive Summary,
paragraph 12 Back
91
Ev 144 Back
92
Q 525 Back
93
Annex 3 to Ofcom memorandum [not printed] Back
94
Ev 253 Back
95
Managing Director, Global Customer Experience Programme Back
96
Q 252 Back
97
Q 432 Back
98
Ev 1 Back
99
Ev 1 Back
100
Q 347 Back
101
Ev 1 Back
102
Q 440 Back
103
Q 441 Back
104
Q 580 Back
105
Q 588 Back
106
Q 511 Back
107
Q 589 Back
108
Q 534 Back
109
Mr Brennan Q 591 Back
110
Mrs Hodge Q 579 Back
111
Q 379 and 380 Back
112
Q 597-598 Back
113
Byron Review Action Plan page 6 Back
114
Ev 87 Back
115
Ev 87 Back
116
Q 168 Back
117
Dr Byron Q 337 and Q 354 Back
118
Q 595 Back
119
Q 177 and 178 Back
120
Q 179 and Q 180 Back
121
Ev 402 Back
122
Q 615 and 620 Back
123
Ev 76, Ev 42 Back
124
Ev 42 Back
125
DCMS memorandum Ev 347 Back
126
Q 208 Back
127
Q 59 Back
128
Ofcom, Ev 262 Back
129
See Ev 44. Microsoft told us that the list of URLs on the Foundation's
list had been applied to its Live Search filters so that none
of them would ever appear within search results using Live Search:Ev
35 Back
130
Ev 42 Back
131
Q 53-4 Back
132
Home Office, April 2008 Back
133
Ev 66; see also www.europa.eu.int Back
134
O2 memorandum Ev 68 Back
135
Ev 61 Back
136
Ev 61 Back
137
Q 109 Back
138
Ev 62 Back
139
Q 32 Back
140
Q 505 Back
141
Q 19 Back
142
Q 59 Back
143
Section 160 of the Criminal Justice Act 1988 Back
144
Section 63 of the Criminal Justice and Immigration Act 2008, expected
to be in force from January 2009: HL Deb 25 June 2008 col. 250
(WA); Back
145
Section 2 of the Terrorism Act 2006 Back
146
Ev 43 Back
147
Ev 76 Back
148
Ev 346 Back
149
Q 53 Back
150
Ev 43 Back
151
Ev 44 Back
152
Ev 346 Back
153
Such as Community Guidelines, or Acceptable Use Policies, or taste
and decency criteria Back
154
See Q 223 Back
155
Q 228 Back
156
Q 65 Back
157
Ev 100 Back
158
Q 107 Back
159
Q 276 to 278 Back
160
Q 296 Back
161
Ev 117 Back
162
Q 316 to 321 Back
163
Q 317 Back
164
Ev 254 Back
165
Ev 255 Back
166
Mobile Broadband Group Q 123 Back
167
Q 313 Back
168
Ev 119 Back
169
Ev 119 Back
170
Ofcom, Ev 273 Back
171
Q 279 Back
172
Q 298. See also Q 305 and 306 Back
173
Ev 119 Back
174
Q 375 Back
175
Q 608 Back
176
Ev 150 Back
177
Information supplied to the Committee by MySpace in the US. Back
178
Ev 147 Back
179
SI 2002 no. 2013 Back
180
See Ofcom, Ev 249 Back
181
Byron Review paragraphs 4.16 to 4.18 Back
182
Q 315 Back
183
Q 224 and 225 Back
184
Q 224 Back
185
Byron Review paragraph 4.20 Back
186
Q 512 Back
187
Ofcom Ev 259 Back
188
Ev 35 and 36 Back
189
Ev 118 Back
190
Ev 380 Back
191
Ev 259 Back
192
Ev 43-44 Back
193
Ev 104 Back
194
Ofcom Ev 259 Back
195
Ev 231 Back
196
See for instance T-Mobile Ev 61, O2 Ev 67, Orange Ev 71 Back
197
Q 602 Back
198
Ev 261 Back
199
Ev 150; also CHIS Ev 4 Back
200
Ev 255 Back
201
Ev 235 Back
202
Ev 377 Back
203
Byron Review paragraph 4.89 Back
204
Ev 115 Back
205
Q 376 Back
206
Q 101 to 107 Back
207
Q 203 Back
208
Q 376 Back
209
Q 79 to 81 Back
210
Ev 69 Back
211
Ev 262-3 Back
212
Q 33 Back
213
Speech available at www.culture.gov.uk Back
214
HC Deb 7 February 2008 col. 1220 Back
215
Ev 399 Back
216
Section 1 of the Act defines the offences to which these provisions
apply Back
217
Inchoate Liability for Assisting and Encouraging Crime, Law Commission
No. 300, Cm 6878 Back
218
Q 600 Back
219
Ev 368 to 370 Back
220
Ev 381 Back
221
Ev 370 Back
222
Q 174 Back
223
Q 201 Back
224
Q 600 Back
225
Ministry of Justice news release 28 May 2008 Back
226
See European Commission proposal, 29 February 2008, COM(2008)
106 final Back
227
Q 392 and Ev 150 Back
228
Ev 150 and Q 394 Back
229
Ev 257 Back
230
Bebo Ev 147, MySpace Ev 150 Back
231
See for instance BT memorandum Ev 103,Microsoft Ev 36 Back
232
Professor Livingstone Q 8 Back
233
Q 422 to 425 Back
234
HC Deb 20 May 2008, col. 225W Back
235
Q 409 Back
236
See for instance Microsoft Windows Live Messenger Ev 36 Back
237
Q 169 Back
238
Q 167 Back
239
Q 263 Back
240
Q 422 Back
241
Q 592 Back
242
Q 368 Back
243
Q 233 Back
244
Bebo Ev 147 Back
245
O2 Ev 69; T-Mobile Ev 62, Orange Ev 70. Back
246
Ev 62 Back
247
Ev 64 Back
248
Ev 344 Back
249
Becta was formed in 1998 and describes itself as the Government's
lead agency for Information and Communications Technology (ICT)
in education in the United Kingdom. Back
250
Ev 344 Back
251
Mr Bartholomew Q 119 Back
252
T-Mobile Ev 63, O2 Ev 66, Orange Ev 71 Back
253
Ev 66 and Q 119 Back
254
Q 126 to 132 Back
255
Ev 34. See also BT Ev 103 Back
256
Mr Carr Q 3, Ev 2 Back
257
Q 252 Back
258
Q 269 Back
259
Q 431 Back
260
Ev 147 Back
261
Q 201 Back
262
Q 253 Back
263
Ev 46 Back
264
ISPA Ev 101; Dr Byron Q 337 Back
265
Filtering software used by British Telecom to block access to
child pornography websites Back
266
Q 168 Back
267
Q 55 to 57 Back
268
Q 202 Back
269
Q 612-3 Back
270
Q 512 Back
271
Q 517 Back
272
Ev 87 Back
273
Q 187 and 189 Back
274
Ev 12 Back
275
Ev 12 Back
276
Q 34-35 Back
277
Q 349 Back
278
HC Deb 20 February 2008 col.493 Back
279
Q 607. The Convergence Think Tank was set up jointly by the Department
for Culture, Media and Sport and the Department for Business,
Enterprise and Regulatory Reform to examine the implications of
technological development for the media and communications industries,
and the consequences for both markets and consumers. Back
280
Ev 211 Back
281
Q 145 Back
282
See T-Mobile Ev 61 Back
283
Byron Review paragraph 3.112 Back
284
Mrs Hodge Q 578 Back
285
Q 347 Back