Public fury over online abuse must push big tech to act

 
Minister for Communications Denis Naughten’s statement of intent to appoint a Digital Safety Commissioner – a new statutory role which would involve monitoring and enforcing child online safety – would, in light of current events, appear timely.

Parents clearly already feel outpaced by their children’s ability to use the internet, and are worried by regular media reports of cyberbullying.

This week, parents had to endure hearing deeply disturbing evidence of predatory online exploitation as Matthew Horan (26) was sentenced on Friday after pleading guilty to using online platforms – Skype, Snapchat, Kik and Instagram – to approach and groom minors.

Appalling case

As the appalling case dominated news cycles, and politicians and pundits argued over whether Ireland’s formal digital age of consent (the age from which it is legal for data controllers to hold data gathered from minors) was too low at 13, many individuals and organisations, including Grainne Long, chief executive of the Irish Society for the Prevention of Cruelty to Children (ISPCC) came out in support of Naughten’s proposal.

The idea for the digital safety role was first floated in a 2016 report from the Law Reform Commission on Harmful Communications and Digital Safety. With revenge porn and online bullying much in the news, the report’s focus was broadly on harmful communications and internet safety for adults, as well as children.

"Australian position was vociferously opposed by internet companies, which expressed alarm that a single person effectively could act as an online content censor, judge and jury."

The proposed Irish role could be modelled on positions created in New Zealand and Australia, according to Naughten. Australia’s eSafety Commissioner was appointed in 2015, investigates complaints and can fine online operators up to AUS$17,000 (€11,000) per day for failing to comply with its demands.

At the time, the Australian position was vociferously opposed by internet companies, which expressed alarm that a single person effectively could act as an online content censor, judge and jury.

The Irish role, as sketched out in the Law Reform report, would have sweeping oversight, “broadly to cover intermediary service providers, internet service providers, internet intermediaries, online intermediaries, online service providers, search engines, social media platforms and websites and telecommunications undertakings”, notes Daniel Harrington, a lawyer with AL Goodbody, in a blog post this week.

ePrivacy legislation

With the ability to judge content, and issue and enforce content-takedown notices to internet and telecommunications companies, the commissioner could come into conflict with the EU eCommerce Directive, notes Harrington. Other legal experts said the position might also run afoul of incoming ePrivacy legislation, or overlap into the Irish Data Protection Commissioner’s (DPC) role.

However, a spokesperson for the office of the DPC said that insofar as the role has been discussed, the DPC would not see any conflict because each role would have a different focus.

But is such an office actually needed, or merely political manoeuvring on an issue likely to gain voter support?

Certainly, little has been done since the office was initially proposed 18 months ago. And some formal submissions to the Law Reform Commission argued at the time that a specialist body with statutory powers was not needed, because existing laws and the courts could and should handle such cases.

In a submission, Digital Rights Ireland (DRI) wrote that “cyber-harassment and other harmful cyber activity affecting personal safety, privacy and reputation do not require, for their resolution, any specialist technical expertise. These are offences against the safety, privacy and reputation of the individual, as capable of being carried out online as off. Accordingly, the only appropriate expert body to adjudicate such claims is a court of law.”

"Microsoft, which owns message and telephony service Skype, said the companies have worked towards better online safety for many years."

Both the DRI submission in 2016, and Harrington in his blog post this week, also question whether Ireland’s reputation as a good location for business might suffer, were a new layer of Irish internet and communications regulation to be imposed.

Close to meaningless

Yet internet and technology companies must certainly do better. A London School of Economics professor, working with a board member for the UK Council for Child Internet Safety, last year found Instagram’s age controls to be close to meaningless.

Still, companies are aware of growing public opprobrium, and many aim to improve services. Microsoft, which owns message and telephony service Skype, said the companies have worked towards better online safety for many years.

“Skype and Microsoft have a strong commitment to helping children stay safe online, and we continue to collaborate with advocates, industry partners and governments worldwide to develop solutions and promote effective public policy,” Microsoft said in a statement.

Would a Digital Safety Commissioner accelerate improvements and set a rigorous example of enforcement, though? If the Australian office serves as any indication of the need for such a role, the eSafety Commissioner there received nearly 12,000 complaints in its first 12 months of operation – but hadn’t fined anybody.