Online safety tsar rejects two industry codes

Australia’s eSafety Commissioner Julie Inman Grant has rejected two of the eight online safety codes developed by local tech industry associations for failing to provide “appropriate community safeguards” and will now develop binding standards.

Ms Inman Grant has also reserved her decision on a third code relating to search engines like Google and Bing so that concerns related to the recent rise of generative artificial intelligence can be addressed.

A week after raising the prospect of a two-speed system, the Commissioner on Thursday said the designated internet services (DIS) and relevant electronic services (RES) codes would not be registered as they failed to deal with illegal and harmful content online.

The DIS code covers apps, websites, and file and photo storage services like Apple iCloud and Google Drive, while the RES code covers dating sites, online games and instant messaging.

Julie Inman-Grant
Julie Inman Grant: Australia’s eSafety Commissioner

“While I commend industry for their significant amendments following our final feedback on these world-first codes in February, these two codes still don’t meet our minimum expectations,” Ms Inman Grant said in a statement.

“For example, the DES code still doesn’t require file and photo storage services like iCloud, Google Drive, or OneDrive to detect and flag known child sexual abuse material. We know that online storage services like these are used to store and share child sexual abuse material and pro-terror material between offenders.

“And the Relevant Electronic Services code also doesn’t require email services and some partially encrypted messaging services to detect and flag this material either, even though we know there are proactive steps they can take to stem the already rampant sharing of illegal content.

“For eSafety, these and other basic requirements are non-negotiable, and while we don’t take this decision lightly, we feel that moving to industry standards is the right one to protect the Australian community.

The Office of the eSafety Commissioner will now develop mandatory and enforceable industry standards for those services in consultation with impacted providers, as well as other stakeholders and the public.

Ms Inman Grant had previously raised concerns relating to class 1B materials – content that provides instruction on matters of crime, drugs and violence – with both services, before the codes were sent back to industry in March.

The Commissioner also reserved her decision on the search engines services code over “concerns it is no longer fit for purpose following recently announced developments in the field of generative AI and its integration into search engine functions”.

Her office has requested the Communications Alliance and the Digital Industry Group Inc, the industry group representing Facebook, Apple, Twitter and Google, to submit a revised code within four weeks.

“The current search engines code is not fit for purpose given the increased functionality of search engines and the integration of powerful generative AI tools, which will revolutionise the way that search is conducted,” she said.

“These tools require adequate safeguards to protect against potential risks posed by AI generated deepfake child sexual abuse and terror and extremist propaganda material. I want to give providers of search engines the opportunity to update the draft code in order to address the risks provided by generative AI.”

The remaining five codes covering social media services (SMS), app distribution services, hosting services and internet carriage services (ISP) and equipment will be registered and will come into effect six months from that date.

All five codes were redrafted in response to concerns raised by Ms Inman Grant in February. At the time, she said they were “unlikely to provide the appropriate community safeguards” to be registered, as per the Online Safety Act.

Despite subsequent improvements to the redrafted codes, the Commissioner met with the industry groups in the days before they were submitted to discuss “red line” issues, including the expectation that digital platforms proactively seek out child sexual abuse material and terrorist content.

The industry associations involved in the drafting are the Communications Alliance, Interactive Games and Entertainment Association, Software Alliance, Consumer Electronics Suppliers Association and Australian Mobile Telecommunications Association, and DIGI.

Once in place, the Commissioner will have powers to ensure online industries comply with the codes, including through injunctions, enforceable undertakings, and financial penalties of almost $700,000 per day for continuing breaches.

Reset Australia, who was part of a coalition that opposed the industry-led process, have welcomed the eSafety Commissioner’s decision to reject two of the codes which “left major gaps regarding children’s and community safety”.

“This demonstrates a commitment to putting the rights and safety of Australian children first, and hopefully signals Australia’s intent to stand up for children,” Reset.Tech policy director Dr Rys Farthing said.

Do you know more? Contact James Riley via Email.

Leave a Comment