Navigating the UK's Online Safety Act: Essential Guidance for Game Developers

Andrew Wailes, founder and CEO of PlaySafe ID, a platform dedicated to secure digital identity verification for fair play and child protection online, shares insights on the impending UK Online Safety Act. Scheduled to take full effect on July 25, this act requires game companies, regardless of their location, to comply if their games are likely to be played by UK youngsters. With over 1,000 pages of documentation and additional guidance from Ofcom, the independent regulator, compliance might seem daunting, but it's essential for protecting users and avoiding significant fines. The act aims to ensure services are safe by design, with heightened protection for children, and demands transparency and accountability. While the legislation's intentions are admirable, its practical implementation for game studios and publishers can be complex. Lawmakers, in drafting the legislation, engaged with the gaming industry, which expressed concerns about the blanket approach to the diverse gaming platforms and the potential burden of regulating violent, bullying, and abusive content. Despite these concerns, the decision to include all video games and gaming-adjacent services was made, emphasizing the need for compliance to protect children, adult players, and the business itself. Failure to comply can result in fines of up to 10% of global turnover or £18 million, whichever is greater. Given the global trend towards similar legislation, with Australia and EU member states moving to implement their own regulatory frameworks, acting now to meet UK deadlines could provide a head start on future global compliance. Key deadlines have passed, with the most significant being July 25. Essential steps for compliance include conducting Children's Access Assessments, Illegal Content Safety Duties, Children's Risk Assessment, and complying with Children's Safety Duties by July 24. For practical compliance, ensuring highly effective age verification and limiting access to inappropriate content based on age are crucial. The legislation considers photo-ID matching, facial age estimation, and digital identity services as potentially highly effective for age verification. It's essential to assess the likelihood of illegal content and harms, and to precisely meet the act's definition of 'harmful content'. Given the complexity, focusing on completing and recording 'children's risk assessments' by July 24 is recommended, using Ofcom's guidance. Having a data protection officer, legal department, or a designated child safety officer review and complete these steps is advised. The Online Safety Act, though complex, is well-intended legislation that protects children and allows the gaming industry to thrive by providing appropriate content to appropriate audiences. Compliance might seem overwhelming, but it's crucial for protecting young users and ensuring the industry's reputation. Implementing highly effective age assurance and robust systems for limiting access to certain functions and content can make games safer for young users while protecting adults' rights to access mature content. Making players aware of their accountability for their actions can also greatly improve safety in connected worlds. As the act becomes enshrined in law, ensuring game safety is not just morally admirable and business-critical but legally required, presenting an opportunity for the gaming industry to achieve even more.