Some of you may be aware of the UK Online Safety Act 2023 (OSA) which starts to be enforced this month (March 2025). The act places an obligation on providers of online services with significant numbers of UK users to:
- Protect their users from illegal and harmful content, including child sexual exploitation and abuse
- Protect their users from online abuse
- Protect their users from online fraud
- Protect their users from unintended access to pornography
Fortunately none of those things are usually seen on this forum. However, I still need to comply with the terms of the act. The act actually applies to any online services anywhere in the world that have UK users, so I donāt have to comply just because Iām a Brit and my servers being based in Finland donāt change anything. The Act, nor Ofcom who will be enforcing it, donāt state how many āa significant number of UK usersā is, or whether itās absolute numbers or a percentage, so Iām just assuming that I have to comply.
Like cyber-security, compliance with OSA is based around risk management and mitigation. From a risk management perspective, I donāt consider this forum has major risks, i.e.
- Itās primary focus isnāt in any areas likely to generate content that is covered by the act.
- The vast majority of users are adults who are more able to protect themselves than chidren
- In the 23+year history of the forum there havenāt been any significant issues with the areas covered by the act. Sure a few people have said stuff they probably regretted later and there have been some spammers who have posted dodgy stuff, but those incidents are few and far between.
For risk mitigation there are a number of features of the Discourse forum software and the way I have implemented it that help protect us all from the things that OSA covers. I wonāt go into the mechanisms in place but they seem to stop the majority of spammers.
Iām also online quite regularly, so I will likely spot anything particularly dodgy and deal with it fairly quickly (which I understand is OK within the terms of OSA).
There is a way that you can help with mitigation too. If you see anything that you donāt think should be on the forum, i.e. things that would fall foul of the list of things to protect against above, please flag the message. Hereās how to do it:
At the bottom of all messages you should see some options that can be applied to the message:
If you click on the ellipsis (ā¦) it expands to show:
Click on the flag icon to display the page for reporting the message. This may look slightly different for you because Iāve captured this from my admin account.
Select one of the options. You may be prompted for more information about why youāve flagged it for some of the options.
Then click āFlag Postā.
This adds the message to a review queue that admins/mods get notified about. We can then take action, e.g. delete the message, delete the message and block the user, etc.
Itās important that everyone who sees a ādodgyā message flags it up. Each time a message is flagged a counter increases and if the counter passes a threshold the message is automatically hidden from view until it can be dealt with by the admins/mods.
So, on the rare occasion you see something that shouldnāt be here, please flag it for review and weāll deal with it ASAP.