Cyberflashing, fake news and the new crimes in the Online Safety Act

The UK's first conviction for cyberflashing, less than two weeks after it became a criminal offence, has renewed scrutiny of the scope of the Online Safety Act.

Nicholas Hawkes, a registered child sex offender from Basildon in Essex, sent "unsolicited photos of his genitals" to a woman and a girl aged 15 last Friday, said The Times. The 39-year-old was convicted on Monday at Southend Magistrates' Court, after admitting two counts of sending a photo of genitals to cause alarm, distress or humiliation, which is punishable by up to two years in jail. He will be sentenced at Basildon crown court in March. 

Cyberflashing and a raft of other offences became illegal in England and Wales on 31 January, when the controversial bill gained royal assent. 

The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

The conviction "shows the new law is working", said CPS East of England. But the legislation faces vigorous opposition from free-speech campaigners and tech companies, who described it last year as "an unprecedented threat to the privacy, safety and security of every UK citizen" that could embolden "hostile governments" to draft "copy-cat laws".   

What does the Online Safety Act cover?

The legislation was conceived in 2017, but spent years mired in government turmoil, with multiple amendments, before getting the all-clear in 2023. 

Much of the protections are designed to hold tech companies to account for content posted on social media, with bosses facing two years in jail if they consistently fail to protect children. 

Independent media regulator Ofcom has the power to fine platforms up to £18 million – or 10% of their annual revenue, whichever is higher – if they do not remove illegal content, including sexual abuse, terrorism or death threats. 

The amended act also includes several offences that "apply directly to the individuals sending threatening or menacing messages", the government said in a press release.

As well as cyberflashing, the act criminalises death threats; content that encourages self-harm; "revenge porn" (sharing intimate images without consent); and fake news that aims to cause "non-trivial physical or psychological harm". 

The UK is also the first country in the world to criminalise "epilepsy trolling", or sending flashing images with the intention of provoking seizures. 

What are the issues?

At its genesis, the act was necessary to "address online material that was blamed for persuading teenagers to take their own lives", said The Spectator. But it has now morphed into "a catch-all piece of legislation to suppress any material which someone, somewhere, may regard as 'legal but harmful'". 

Free-speech campaigners are also "broadly unhappy" with the act, said The New Statesman. 

Human rights organisation Article 19 called the act "extremely complex and incoherent", and said it would "undermine freedom of expression and information, [and] the right to privacy". It also offers "no credible plan" to tackle disinformation and misinformation online, said fact-checking organisation Full Fact.

Others believe it does not go far enough to protect children. The mother of murdered teenager Brianna Ghey rejected Rishi Sunak's "insistence" that the bill was adequate, said the BBC. Esther Ghey is campaigning for under-16s to be blocked from social media on smartphones, and told The Guardian that technology companies had a "moral responsibility" to restrict access to harmful content.