https://ico.org.uk/for-the-public/the-children-s-code-what-i...
How many might there be in this case, one wonders? https://www.ycombinator.com/legal/
The most obvious example of this is websites from the UK or Europe which operate any kind of gambling. [1] This may well be legal (based on licensing) in their jurisdiction, but they still need to restrict access to prevent US people from accessing the service or they will be breaching the US's gambling laws.
Likewise many US firm geofence access for EU residents out of fear of GDPR.
People hosting news sites have often had to geofence to prevent UK residents from accessing their site if they are hosting any kind of reporting of UK court cases that are under embargo or matters that are subject to one of the UK's famous "Super injunctions" [2]
[1] eg this guy was on the board of a listed UK company operating as far as they were concerned entirely legally who was arrested in NYC https://www.theguardian.com/business/2006/sep/14/gambling.mo...
[2] eg In the "Ryan Giggs" super injunction case https://en.wikipedia.org/wiki/2011_British_privacy_injunctio...
The article is from a month ago, but the gears of "justice" rotate slowly: https://www.bbc.com/news/articles/clyjq40vjl7o
One thing to note is that UK government officials also seem to be masquerading and submitting reports to try to ToS these websites.
There is an ongoing ICO investigation about privacy and handling of children's data under data protection laws, rather than this being related to the Online Safety Act:
https://ico.org.uk/about-the-ico/media-centre/news-and-blogs...
The ICO has indicated it is planning to give a fine to the owner of Imgur due to breaches of data protection laws.
1. Driver's licenses are becoming a web standard soon. https://github.com/w3c-fedid/digital-credentials
Support was added just last week in Safari 26. https://digitalcredentials.dev
2. The UK is keeping a very close eye on VPNs. https://www.techradar.com/vpn/vpn-privacy-security/could-vpn...
It's likely simpler to just block access to the country's IP ranges (or ignore!) and move on.
I mean its not. Because this is data protection laws, the company is liable, not its employees. (https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...)
Even in cases where a company causes death, or destruction and the company is found liable, employees are not allowed to be used as standins, employees need to be convicted as well. a conviction isn't fungible, that kinda the point of common law.
https://torrentfreak.com/uk-police-launch-campaign-to-shut-d...
And with that, they have at the least gotten registrars not located in their jurisdicrion to transfer domains
https://easydns.com/blog/2013/10/08/whatever-happened-to-due...
sigh
There is a difference between guidance and regulation.
GDPR isn't that hard to comply with, I know because I helped take a very large Financial News company from 0 compliance to full compliance. the guidance is quite easy to understand: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
but, why are the regulations 100 pages of legalese? because rich companies, and unscrupulous shits pay money to to lawyers to avoid having to pay fines for breaking the law. You also have to carve out exceptions for things like charities, small organisations, have specific rules for things like health care, and define exceptions based on what are reasonable exceptions when detecting criminality
Say you take "the right to be forgotten", ie, I as someone who banks with Natwest want to close my account, withdraw my money, and get them to forget everything about me (ie stop sending me fucking emails you shits)
Thats simple right? the law says I have the right to have my details deleted.
But what if I committed fraud in that time? what if I am opening and closing, asking for deletion to get round money laundering laws?
And thats why the regulations for data protections are long.
Also GDPR regulations aren't that unreadable. You're most likely a programmer, legal texts are highly structured instructions (ie just like any high level programming language)
However, do not take this as endorsement of the unrelated law that is the online saftey act, which is badly drafted, gives too much power to an under resourced semi independent body, and is too loosely defined to be practically managed in any meaningful way by OFCOM.
I will however stick up for GDPR, because it stops the fucking nasty trade in in personal data that is so rife in the USA.
That's decades of the public internet that would be permanently erased; billions of dead links pointing nowhere. HN alone would lose ~32,000 images from its archives,
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
Is it not hubris to call it "no loss" if, say, 3 hours ago, "Design of a LISP-based microprocessor / Page 22 has a map of the processor layout:" was forever lost to humanity, as collateral damage to some techbros' dispute?
Decentralization can't arrive soon enough.
https://web.archive.org/web/20230427181813/https://i.imgur.c... (link is already dead at Imgur)
Wayback will have them, as is tradition. A crawl (non IA) has been kicked off to reconcile to ensure maximum coverage of Imgur links on HN.
https://ico.org.uk/about-the-ico/media-centre/news-and-blogs...
https://ico.org.uk/about-the-ico/media-centre/news-and-blogs...
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
No full detail though. Having said that, the second link is particularly interesting as it goes though various companies with comments about each.
I think that's largely down to people not taking EU elections as seriously as national elections.
The ones elected by my country are always largely the most doldrum people from the main parties that aren't charismatic enough to win in national elections (The b-squad basically)
... and a handful of the kind of people that think windfarms generate wind and that we need to leave NATO.. even though we haven't joined NATO. The kind of people you vote to send to the EU so that you don't have to see them.
There was an election in 2024 https://en.wikipedia.org/wiki/2024_European_Parliament_elect...
For people unfamiliar with it https://elections.europa.eu/en/
The parliament is elected by people in each country, those elected them elect the commission. So a form of indirect elections.
(ip.src.country eq "GB")
Or to give you another example in backpage the founders where aquitted since the judge could not trace that the money came from a "criminal source" https://www.courthousenews.com/backpage-executives-acquitted...
You can get any result you want by asking leading questions on polling. This was of course satirised by Yes Minister.
https://www.youtube.com/watch?v=G0ZZJXw4MTA
I can counter any of the iffy polls by simple point to the official online petitions service. There were a huge number of signatures to revoke OSA and two million signatures to abolish the plans for the Digital ID. While the Digital ID is technically a separate issue, many of the same privacy concerns are present.
https://petition.parliament.uk/petitions/722903?pubDate=2025...
https://petition.parliament.uk/petitions/730194
The number of people that signed these petitions is far more representative than any polling.
On top of that, recently I've seen reportrs of both the Liberal Democrats and Reform (the two largest parties after the main two) recongising the OSA as unpopular and are likely to suggest reforming/removing it.
On top of that. The labour government and the conservative government that proceeded it which created the OSA were/are both deeply unpopular.
So any notion that there is a popular mandate for this is nonsense.
They already can.
> Smart thinking Batman.
“Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.”
Have them all registered to the Principality of Sealand, just to be safe: https://en.wikipedia.org/wiki/Sealand
https://ico.org.uk/for-organisations/data-protection-and-the...
My guess is that the common factor is News Corporation pushing an agenda on behalf of the very, very wealthy.
[1] https://www.reddit.com/r/AustralianPolitics/comments/1nu68je...
[1]https://au.yougov.com/politics/articles/51000-support-for-un...
[2]https://www.independent.co.uk/news/uk/home-news/gen-z-social...
In reality, the technical implementation will undoubtedly be a privacy and surveillance disaster.
In a vacuum, people thought "social media" meant "Instagram and TicToc and Facebook etc."
In reality, the eSafety commissioner thinks "social media" includes platforms like GitHub. Yes, really.
https://www.abc.net.au/news/2025-09-24/digital-dilemna-socia...
It's just another layer in the stupidity of this all that GitHub would be blocked but steam, discord and Roblox are exempt because they're for gaming despite being infamous environments.
---[1]
(1) For the purposes of this Act, age‑restricted social media platform means:
(a) an electronic service that satisfies the following conditions:
(i) the sole purpose, or a significant purpose, of the service is to enable online social interaction between 2 or more end‑users;
(ii) the service allows end‑users to link to, or interact with, some or all of the other end‑users;
(iii) the service allows end‑users to post material on the service;
(iv) such other conditions (if any) as are set out in the legislative rules; or
(b) an electronic service specified in the legislative rules;
----[2]
For the purposes of paragraph 63C(6)(b) of the Act, electronic services in each of the following classes are specified:
(a) services that have the sole or primary purpose of enabling end‑users to communicate by means of messaging, email, voice calling or video calling;
(b) services that have the sole or primary purpose of enabling end‑users to play online games with other end‑users;
(c) services that have the sole or primary purpose of enabling end‑users to share information (such as reviews, technical support or advice) about products or services;
(d) services that have the sole or primary purpose of enabling end‑users to engage in professional networking or professional development;
(e) services that have the sole or primary purpose of supporting the education of end‑users;
(f) services that have the sole or primary purpose of supporting the health of end‑users;
(g) services that have a significant purpose of facilitating communication between educational institutions and students or students’ families;
(h) services that have a significant purpose of facilitating communication between providers of health care and people using those providers’ services.
mullvad basically allows me to go around all the censorship in my country: https://mullvad.net/en
Best I can find
$ 132,466.01 Africa
$ 4,902,373.13 Asia
$ 49,423,340.29 Europe
$106,546,895.77 N.America
$ 2,509,299.46 Other
$ 6,082,217.76 Oceania
$ 944,844.22 S.AmericaI think the Greens are opposed to it, and maybe Reform in one of their populist speeches, but the majority of UK representatives seem to support this law.
Based on this poll, most Britons also support the OSA: https://www.ipsos.com/en-uk/britons-back-online-safety-acts-...
https://en.wikipedia.org/wiki/Wikipedia:Fundraising_statisti...
https://www.privateinternetaccess.com/blog/internet-archive-...
It’s what the UK government has shown time and again when they ask for more data: they use it for previously denied-aims to expand their surveillance state.
https://en.m.wikipedia.org/wiki/History_of_mass_surveillance...
The often cited YouGov polling, I think sampled a few thousand people. There are almost 2.5 million signatures on petitions between the OSA and Digital ID.
[1] - https://www.rtalabel.org/index.php?content=howtofaq#single
[1] - https://en.wikipedia.org/wiki/Age_of_consent_in_North_Americ...
The only actual internet caused disaster I can think of - https://en.wikipedia.org/wiki/Rohingya_genocide - was caused by a lack of regulation and "let's kill them all" stuff on facebook. 25k+ dead.
1) https://en.wikipedia.org/wiki/Cambridge_Analytica#Elections
https://www.politico.eu/article/european-parliament-meps-sus... https://www.europarl.europa.eu/news/en/press-room/20250331IP...
Specifically, our system [1] is available as open source [2] and work is underway to implement it in the EU age verification app [3]. I understand that this thread is about the UK and not the EU, and I make no claims about the UK. The system is not theory, but it is already shipping in Google Wallet [4] and in the Open Wallet Foundation multipaz system [5].
[1] https://eprint.iacr.org/2024/2010
[2] https://github.com/google/longfellow-zk
[3] https://ageverification.dev/av-doc-technical-specification/d...
[4] https://blog.google/products/google-pay/google-wallet-age-id...
That may be true, but it doesn't seem to prevent stuff like this from happening.
https://www.eff.org/deeplinks/2024/06/hack-age-verification-...
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...