My July blog post on the upcoming compliance obligations for everyone who is not big tech, under the Online Safety Bill, is exploding again. This is due to people sussing that any Mastodon instance which could conceivably be accessed by a precious British child will fall in scope of the OSB, which of course has no thresholds save for “big tech” and “everyone else on the planet”.
(I’ve only been warning about the OSB x OSS since the green paper phase, which was before the plague, folks.)
I’ll not go into a deep dive on the legals – I have already done that, a lot – so I’ll give it to you straight. What you need to realise is this:
And what you also need to realise is that the day this will hit you, hard, here in the sunlit uplands, is the day you find yourself a target for a bad faith attack.
Because on Mastodon, you’re no longer one small person on a big global platform. You’re a community of thirty, three hundred, maybe even three thousand people. In other words:
you are easy pickings and a soft target and fresh meat and for those who are coming for you, you are a good bit of fun.
So what you need to do is start thinking through the hypotheticals of how this is all going to work out for you, in the long term, not just technically, but socially and politically and legally. This isn’t about tick-box compliance. This is about you finding out who the real trolls in this world are.
So here’s an extremely likely hypothetical situation for you to start working through.
Call this a light starter.
Let’s say you’ve set up a thriving little Mastodon community which is a happy little bubble of you and your like-minded colleagues in tech, or policy, or software development, or your hobby, or what have you.
What are you going to do when an MP from the Common Sense Group demands to know what your Mastodon community’s policy is on “woke speech”, per Part 3 Chapter 2 Paragraph 19, the OSB’s requirements for freedom of expression?
And because you don’t do politics, you don’t know how this game is played, so you don’t realise that the Group has already had a client journalist publish an attack piece on you and your festering sore of wokeism in a national newspaper, before contacting you?
And that triggers a pile-on against you personally, and against your Mastodon server and its members, from both authentic and inauthentic accounts on a major social networking site that used to have a trust and safety team to stop that?
And you are dealing with a targeted attack on your little community and being dragged into an Ofcom regulatory inspection, which is being conducted in an officially impartial manner but in reality, is being conducted with that explicitly political pressure of the Group breathing down their necks?
Because while you’re trying to figure out which way is up or down, the MP’s lackeys will have already pulled the legislative levers in a Bill crafted just for this purpose, in other words, citing your intransigent lack of compliance with Part 3 Chapter 2 Paragraph 19 of the OSB, to “get” you.
After all, this law was created as a “getting” Bill. It’s not about fixing problems at a holistic level. It’s about creating means to “get” specific companies and organisations and individuals. It always has been.
In draft and discussions, the target for the “getting” was him and it was them.
In practice and in law, the target for the “getting” will be you.
That’s how this works, that’s how this was always meant to work, and that’s how it will work.
Unless you do something to stop it.
(Update) Four months later…
This morning's edition of "Heather warned about this months ago, so she did" is this excerpt from last night's Hansard, where we learn how Mastodon communities are likely to be (heavily) regulated under the Online Safety Bill. pic.twitter.com/lJee49LcoA
— Heather Burns (@WebDevLaw) May 3, 2023