Ofcom cracks down on adult content sites over child protection failures

Communications regulator Ofcom has launched investigations into two adult content providers, Itai Tech Ltd and Score Internet Group LLC for failing to put into place sufficient age assurance measures, as required by the Online Safety Act (OSA). The investigations aim to determine whether these platforms are in breach of their legal obligations to prevent children from accessing pornographic material.

Obligations under Part 5 of the OSA require pornography providers to implement “highly effective” age verification or estimation methods in order to prevent under 18s from accessing adult content. In its guidance on age assurance, Ofcom provides examples of age assurance solutions that are ‘capable’ of being highly effective at correctly determining whether or not a particular user is a child, including requiring UK users to provide photo ID, facial age estimation or running credit card checks. It also sets out a number of criteria that must be met in order for such solutions to meet the “highly effective” standard under the OSA.

Ofcom’s guidance explicitly states that age checks must be implemented at the “point of entry” to a service, so that no pornographic content may be viewed before the checks have been cleared. Beyond technical implementation, the guidance further recommends that platforms take proactive measures to limit workarounds that might allow children to bypass age checks. This includes addressing the use of virtual private networks (VPNs) or other circumvention tools that could compromise the effectiveness of the safeguards.

In January, Ofcom kicked off its first enforcement programme under the OSA, by writing to online service providers displaying or publishing their own pornographic content, informing them that the highly effective age assurance requirements had entered into force. The regulator further requested that these companies submit detailed information outlining their plans to meet their obligations in this regard, including implementation timelines and designated points of contact.

While the majority of adult content platform providers responded by confirming their intention to comply, with many having taken steps to introduce appropriate measures already, a small number opted to block access for UK users entirely (taking them out of scope of the OSA). More concerning, however, is that certain providers failed to respond to Ofcom’s request altogether and have seemingly taken no discernible steps to ensure age restrictions are in place. Itai Tech Ltd and Score Internet Group LLC have both been identified by Ofcom as falling into this category.

Both companies failed to provide any information in response to Ofcom’s request and have not demonstrated that they are taking any action to implement age assurance tools on their platforms. This lack of engagement has prompted an investigation to determine whether they are in breach of Part 5 of the OSA.

The investigations into Itai Tech Ltd and Score Internet Group LLC will assess whether there are reasonable grounds to believe that the companies have failed to meet their statutory obligations under the OSA. If breaches are confirmed, Ofcom has the power to take significant enforcement action, including potentially imposing substantial financial penalties. These investigations once again underline that the regulator is prepared to take decisive action where companies fail to meet their obligations to protect children from harmful online content.

For more information on Part 5 of the OSA (and all things online safety), please check out our dedicated online safety hub, The Safety Net.