LONDON — A new report released today offers guidance on various key elements of the U.K.’s new age-verification regulatory regime under the Digital Economy Act.
The U.K.’s Department for Digital, Culture, Media and Sport released the 16-page report, which spells out the regulator's approach to exercising its authority over offending adult websites.
The paper, revised from a March 2017 report with input from key stakeholders, was delivered today to Parliament.
The British Board of Film Classification (BBFC), which last year signed on to assume the role of regulator, will be tasked to police the web for sites that don’t comply with mandatory age-verification checks for hardcore fare.
The regulator can levy fines of up to £250,000, or five percent of a company’s revenue, when appropriate, to offending adult sites.
The report offers understanding how the regulation of online adult content is intended to operate, specifically relative to age-verification arrangements, the appeals process and responsibilities of payment-service providers and ancillary service providers, such as traffic companies and hosting companies. It also offers guidance on ISP blocking and reporting.
“The process of verifying age for adults should be concerned only with the need to establish that the user is aged 18 or above,” the paper said. “The privacy of adult users of pornographic sites should be maintained and the potential for fraud or misuse of personal data should be safeguarded.”
The report noted that the regulator is not required to approve individual age-verification companies. As a result, a small cottage industry has sprouted up offering such services.
So far, XBIZ has identified a half-dozen companies that have launched age-verification products and services. Age checks will be mandatory in the U.K. by May.
“There are various ways to age verify online and the industry is developing at pace,” the report said. “Providers are innovating and providing choice to consumers.
“The key focus of many age-verification providers is on privacy and specifically providing verification, rather than identification of the individual.”
The regulator, according to the paper, “should take a proportionate approach” against violators, particularly against sites that generate a “large amount” of revenue.
When an offending site has been identified, the regulator will issue notifications to ISPs on a scheduled basis in the expectation that ISPs will implement a blocking order within three working days.
The report also noted that the regulator should assist with an ongoing review of the effectiveness of the new regime and its functions.
“The secretary of state considers that it would be good practice for the regulator to submit to the secretary of state an annual report on the exercise of its functions and their effectiveness,” the report said.