Digital regulation | UK Regulatory Outlook June 2026

Online safety and age assurance 

UK government announces age restrictions for online services including social media ban for under-16s 

Following the closure of its consultation on "Growing up in the online world", which received over 100,000 responses, the UK government has announced a package of measures that it says will better protect children online, including an Australian-style ban on social media for under-16s.  

Although the announcement refers to a "social media" ban, the proposal is in fact much wider and will affect other product features and businesses. The government says that it will "go further than a blanket ban on social media with world-leading blocks on harmful functions such as livestreaming and stranger communication with children for under-16s. These restrictions, which together with the ban go further than any other country, will apply to a wider range of online services".  

See more information in this Insight. 

EU and G7 agree that more needs to be done to strengthen online protections for children 

The UK government's announcement to ban social media for under-16s (see above) is just part of a growing consensus internationally that extra restrictions on children's access to social media and other potentially harmful internet services are needed. Various countries around the world have already introduced, or are considering, such measures, including the EU and other G7 members. 

In a keynote address by the President of the European Commission at the European Summit on AI and children in May, Ursula von der Leyen proposed a "social media delay" for children in Europe and indicated that draft legislation could be brought forward as soon as the summer. 

Meanwhile, during its recent meeting in Paris, G7 partners, Canada, France, Germany, Italy, Japan, the UK, the US and the EU, agreed on a set of common principles to protect children and young people from online harms. The agreed principles, based on holding platforms accountable and digital literacy, include an expectation that children's safety should be built into digital services from the outset and underpinned by effective age assurance. They call for high privacy and safety standards for minors' accounts, with safeguards built in to recommendation systems to minimise excessive engagement, as well as tools giving children greater control online. The principles also address preventing the generation and distribution of child sexual abuse material and non-consensual intimate images, including through AI. Finally, they call for digital literacy programmes for parents, teachers and minors, access to simple, effective and interoperable parental tools to help supervise minors' activities online, and enhanced data-sharing cooperation between digital services and researchers to understand the risks better and improve safety measures. 

The intention is for G7 members to take the principles forward in partnership with international organisations, industry and academia. According to the Commission, the principles will be implemented through "an action plan featuring concrete initiatives to foster a safer and more secure digital environment for minors". 

UK government urges smartphone manufacturers to activate measures on devices to prevent children sharing or viewing nude images 

The government has announced plans requiring producers of smartphone devices to activate existing measures by September to prevent children from using their devices to take and share naked images. These measures should, the government says, be activated by default.  

The government has stated that, should manufacturers fail to act voluntarily, it will introduce legislation to compel compliance, including powers to impose fines. As a last resort, it is exploring the possibility of criminal liability for technology executives who fail to comply. Legislation could extend to operating system providers and others in the supply chain, such as retailers, and would not affect the use of devices owned and used by adults who verify their age. 

The announcement came just a week before the government revealed its plans to ban social media for children and introduce other restrictions on certain functionalities that are potentially harmful to children (see above), demonstrating a drive by the government to do more to protect children online following the closure of its consultation on "Growing up in the online world" at the end of May. 

UK Online Safety Act updates  

Ofcom to introduce crisis response measures to codes of practice 

Ofcom first proposed adding crisis response measures to the recommended safety measures in its codes of practice last year in its "additional safety measures consultation". Its response to the consultation is not due until the autumn, but the regulator has accelerated its response on this aspect of the consultation, as it did with the recommendation that "hash matching" technology should be used to detect non-consensual intimate images online (see this Regulatory Outlook), deciding that these crisis response measures should be added to its codes. According to Ofcom, the acceleration is due to the speed at which online harms can escalate during a crisis, leading not only to an increase in illegal content or content harmful to children appearing online (such as threats or incitement of violence, and religious or racial hatred), but also to violence offline, raising public safety concerns.  

Ofcom has defined "crisis" as an "extraordinary situation in which there is a serious threat to public safety in the United Kingdom" that is "highly likely to have resulted from a significant increase in relevant content or to have caused or cause a significant increase in relevant content". 

The recommendation is that regulated service providers should prepare and apply an internal protocol to mitigate and manage the risks arising from a spike in illegal content or content harmful to children appearing on their platforms. They should also conduct and record post-crisis analysis and ensure that, during a crisis, there is a dedicated communication channel through which law enforcement can contact them. 

The amendments to the codes of practice will come into effect once the usual parliamentary process is completed.  

Ofcom reminds service providers of duties under OSA in wake of civil unrest in Belfast 

Following the recent public disturbances in Belfast, Ofcom has written to online service providers operating in the UK, reminding them of their duties under the OSA to protect people from illegal content, which can include content amounting to the offences of stirring up hatred or provoking violence. 

In its letter, Ofcom refers to the crisis response measures it announced the day before (see above), saying that although they need to be brought into effect by Parliament, providers do not need to wait until then to implement them. Given the urgency of the current situation, Ofcom says that it "expects" providers to "act now" and if they already have crisis response protocols in place, they should follow them. 

The European Commission has launched a consultation on draft guidelines on trusted flaggers and how the associated regime works under the Digital Services Act (DSA). Trusted flaggers are entities designated by national Digital Services Coordinators (DSCs) with expertise in detecting certain types of illegal content online, with the aim of alerting online platforms to that content. Over 70 trusted flaggers have already been designated. Under the DSA, platforms must prioritise notifications from trusted flaggers.  

The draft guidelines clarify the eligibility criteria for trusted flaggers and the process by which DSCs award trusted flagger status. They also set out the technical requirements that trusted flaggers and providers should follow when processing notices of illegal content. In addition, the guidelines cover measures to ensure that trusted flaggers remain independent, objective and accountable, and advice on safeguarding their integrity. The guidelines also cover DSCs' obligations and procedures to suspend or revoke trusted flagger status where requirements are no longer being met, and recommend that trusted flaggers publish annual transparency reports on their websites by 28 February each year to align with the transparency reporting obligations of providers under the DSA. 

The consultation closes on 10 July 2026.