Relevant video:
We must remain vigilant and continue fighting. This is not over yet. This is a mild win but a win nonetheless. Like the EU with chat control, this will come back with some changes and perhaps with another name. We must continue advocating against it.
Good riddance for that particular requirement. We are absolutely not done yet - we need more organized opposition to two relatively recent amendments to the âChildrenâs Wellbeing and Schools Billâ https://bills.parliament.uk/bills/3909/.
Amendments 92 & 93 on pages 40-42 of the list of amendments: âHL Bill 135-I Marshalled list for Reportâ https://bills.parliament.uk/publications/64188/documents/7585 Introduce age verification for VPNs and mandate so called âclient side scanningâ for CSAM be pre-installed in a tamper-proof fashion on essentially all mobile computational devices - a far worse overreach than the worst EU chat control proposals.
Write to your MPs and let them know this is absurd, for 93 all the chat control arguments apply so we can re-use the same open letter from hundreds of experts saying why this is a bad idea: csa-scientist-open-letter[dot]org/Sep2025 only more-so as this is the whole OS not just messages. Support the open rights groupâs work on these issues: openrightsgroup[dot]org
92
After Clause 27, insert the following new Clauseâ
âAction to prohibit the provision of VPN services to children in the United Kingdom
- Within 12 months of the day on which this Act is passed the Secretary of State must, for the purpose of furthering the protection and wellbeing of children, make regulations which prohibit the provision to UK children of a relevant VPN service (the âchild VPN prohibitionâ).
- Regulations under subsection (1)â
(a) may make provision for the provider of a relevant VPN service to apply to any person seeking to access its service in or from the UK age assurance which is highly effective at correctly determining whether or not that person is a child;
(b) must apply the child VPN prohibition to the provider of any relevant VPN
service which is, or is likely to beâ
(i) offered or marketed to persons in the United Kingdom;
(ii) provided to a significant number of persons; must make provision for the monitoring and effective enforcement of the child VPN prohibition. - OFCOM may produce guidance for providers of relevant VPN services to assist
them in complying with the child VPN prohibition. - A statutory instrument containing regulations under subsection (1) may not be made unless a draft of the instrument has been laid before and approved by a resolution of each House of Parliament.
- For the purposes of this sectionâ
âchildâ means a person under the age of 18;
âconsumerâ means a person acting otherwise than in the course of a business;
ârelevant VPN serviceâ means a service of providing, in the course of a business, to a consumer, a virtual private network for accessing the internet;
âUK childâ means any child who is in the United Kingdom.â
Memberâs explanatory statement
This new clause would require the Secretary of State to take action to promote and protect childrenâs wellbeing, and to further support child protective measures in the Online Safety Act, by prohibiting the provision to children in the United Kingdom of VPN services which can facilitate evasion of OSA age-gating processes.
LORD NASH
BARONESS CASS
BARONESS BENJAMIN
BARONESS BARRAN
93
After Clause 27, insert the following new Clauseâ
âAction to promote the wellbeing of children by combating child sexual abuse material (CSAM)
-
Within 12 months of the passing of this Act the Secretary of State must, for the purpose of promoting the wellbeing of children, make and bring into force regulations which require manufacturers, importers and distributors of relevant devices to satisfy the CSAM requirement specified in subsection (2).
-
The âCSAM requirementâ is that any relevant device supplied for use in the UK must have installed tamper-proof system software which is highly effective at preventing the recording, transmitting (by any means, including livestreaming) and viewing of CSAM using that device.
-
The duties of manufacturers, importers and distributors to comply with the CSAM requirement specified by regulations under subsection (1) must be subject to enforcement as if the CSAM requirement was a security requirement for the purposes of Part 1 of the Product Security and Telecommunications Infrastructure Act 2022.
-
Regulations under subsection (1) must enable the Secretary of State, by further
regulations, to expand the definition of ârelevant devicesâ to include other
categories of device which may be used to record, transmit or view CSAM. -
A statutory instrument containing regulations under subsection (1) may not be
made unless a draft of the instrument has been laid before and approved by a
resolution of each House of Parliament. -
For the purposes of this sectionâ
âchild sexual abuse materialâ means images, video recordings or live videos involving child sexual abuse, includingâ
(a) any indecent photograph or pseudo-photograph of a child within the meaning of the Protection of Children Act 1978, and
(b) any prohibited image of a child, within the meaning of section 62 of the Coroners and Justice Act 2009, that is not an excluded image within the meaning of section 63 of that Act;ârelevant devicesâ are smartphones or tablet computers which are either internet-connectable products or network-connectable products for the purposes of section 5 of the Product Security and Telecommunications Infrastructure Act 2022; and
âmanufacturerâ, âimporterâ, âdistributorâ, and âsupplyâ is each as defined in the Product Security and Telecommunications Infrastructure Act 2022.â
Memberâs explanatory statement
This new clause would require the Secretary of State to take action to promote and protect childrenâs wellbeing by mandating the installation of software which prevents the creation, viewing and sharing of child sexual abuse material on smartphones and tablets which are supplied for use in the UK.
LORD NASH
BARONESS CASS
BARONESS BENJAMIN
BARONESS BERGER
Digital ID is still being introduced, just not compulsory for now. It will effectively become âmandatoryâ in a decade or so when people have adopted it and became used to it, in the same sense LinkedIn is âmandatoryâ for your career prospects.
The reality is that recruiters use LinkedIn as a quick way to validate your CV and not using it is treated as a red flag. In the same vein, employers wonât wait for candidates to bring in physical copies of documents when Digital ID will be instant.