[HN Gopher] Lobsters blocking UK users because of the Online Saf...
___________________________________________________________________
Lobsters blocking UK users because of the Online Safety Act
Author : ColinWright
Score : 86 points
Date : 2025-02-23 19:15 UTC (3 hours ago)
(HTM) web link (lobste.rs)
(TXT) w3m dump (lobste.rs)
| Symbiote wrote:
| URL should be
| https://lobste.rs/s/ukosa1/uk_users_lobsters_needs_your_help...
| ss64 wrote:
| Im guessing they linked the archive so that when Lobsters is
| geoblocked UK users will still be able to read it.
| dang wrote:
| That's a good point, but the thing to do in that case is post
| the original URL and add an archive link in the thread. I've
| done that now
| (https://news.ycombinator.com/item?id=43152546).
| ddtaylor wrote:
| Block and route around failures.
| soulofmischief wrote:
| The simple answer is to not recognize the authority of the UK
| government when you don't have a physical presence there, as long
| as they are failing to protect their citizens with sane, ethical
| digital policy.
|
| Tough pill to swallow for some, but there is no difference
| between irrational demands made from the government of the UK,
| and say, North Korea. It's everyone's choice which side of
| history they'd like to be on.
| sepositus wrote:
| Just to play devil's advocate, the relationship between the EU
| and the US compared to North Korea is not at all similar. I
| think that's why this is listed as an option:
|
| > A statement from the US Department of State that it does not
| believe the law applies to American entities and a commitment
| to defend them against it.
| soulofmischief wrote:
| The UK is not a part of the EU.
|
| I also recognize the potential for legal action or criminal
| charges. Those are great opportunities to fight these tyrants
| in one of the few battlefields available to us.
|
| As Martin Luther King, Jr. said:
|
| "I submit that an individual who breaks a law that conscience
| tells him is unjust, and willingly accepts the penalty by
| staying in jail to arouse the conscience of the community
| over its injustice, is in reality expressing the very highest
| respect for law."
|
| Now, it may be that Lobsters simply doesn't have the highest
| respect for the law, or perhaps they value their community's
| survival over leading by principle and securing a bright
| future for posterity. Short-sighted thinking, but I
| understand the motivation.
|
| My comment is a call for people to consider their priorities
| with respect to the world we leave behind us. Taking the easy
| way out and avoiding conflict with an encroaching global
| authoritarian movement is not going to fix anything, and
| contributes toward an ever-darker future.
|
| This is not a jab at Lobster, and I am glad to see them at
| least trying something before simply geoblocking the UK. But
| what if geoblocking isn't enough? What if knowing a VPN-
| enabled user is from the UK but not banning them is still
| grounds for a lawsuit or criminal charges?[0] What if more
| countries join in?
|
| [0] This leads to the ironic outcome that the UK becomes less
| represented in the next generation of online discourse and
| slides further into backwater obscurity, despite being home
| to such rich culture and academia.
| sepositus wrote:
| > The UK is not a part of the EU.
|
| Ah, yes, my American brain made the association too easily.
| Regardless, it doesn't alter my point much, in that the
| US/UK relationship is still more friendly than North Korea.
| Of course, it may not stay that way.
|
| > Now, it may be that Lobsters simply doesn't have the
| highest respect for the law, or perhaps they value their
| community's survival over leading by principle and securing
| a bright future for posterity. Short-sighted thinking, but
| I understand the motivation.
|
| This argument seems to dismiss the fact that the original
| thread started with a statement that they do not have the
| financial stability to challenge such a law. Sure, they
| could go principally bankrupt, but what effect would such a
| small fry really have in the global geopolitical
| environment? I just don't think they have a stage that's
| anything close to the size of MLK's.
| soulofmischief wrote:
| Yeah, regarding small forums, it only works if everyone
| participates at once. This situation is a classic
| prisoner's dilemma.
| randunel wrote:
| Haven't you heard of FATCA and other similar local US laws
| which impact institutions everywhere in the world?
| soulofmischief wrote:
| I have very complex and mixed feelings about US tax law in
| general as it stands, and I certainly do not condone the
| current state of US foreign diplomacy in general, nor how our
| economic situation after Europe was shattered by war led to
| increased international economic control and influence, and
| economic consolidation under the dollar.
| do_not_redeem wrote:
| ELI5: Why should a US-based site, hosted on US soil and run by a
| US citizen, care about laws in all the hundreds of other random
| countries located thousands of miles away?
| AdrianB1 wrote:
| Because they can be arrested and extradited to UK. Not a high
| chance, but not zero. And a realistic one is to be arrested
| while traveling in Europe and extradited to UK.
| do_not_redeem wrote:
| Are there any previous cases of the UK intercepting and
| arresting a US citizen traveling through Europe for something
| that isn't a crime in the US?
| regularjack wrote:
| Would you take the risk if it were you hosting the site?
| do_not_redeem wrote:
| 100%. I'm very confident that, even if the UK wanted to
| upset this decades-long geopolitical equilibrium, they
| would not choose a small niche tech forum with a
| primarily non-UK userbase as the way they make their big
| splash on the global stage.
| sshine wrote:
| There are no documented cases of the UK intercepting and
| arresting a US citizen traveling through Europe for an act
| that is not a crime in the United States.
|
| Extradition treaties, such as the UK-US Extradition Treaty
| of 2003, allow for extradition requests between the two
| countries.
|
| They generally require that the alleged offense be a crime
| in both jurisdictions ("dual criminality") which ensures
| that individuals are not extradited for actions that are
| not considered crimes in their home country.
| randunel wrote:
| Because he can face legal consequences for breaking the (local
| elsewhere) law. The US do the exact same, look up FATCA.
| jsheard wrote:
| Related, a list of other sites which are blocking the UK or
| shutting down altogether rather than deal with OSA:
|
| https://onlinesafetyact.co.uk/in_memoriam/
| Red_Comet_88 wrote:
| They also block Brave browsers entirely. I tried reading into it,
| but it appears to be one of those "programmer personality
| quirks". The fellow that runs the site appears to think Brave is
| a scam of some sort, and just decided to block the entire
| browser.
|
| Oh well, I'll stick to HN.
| bb88 wrote:
| Is it me, or is brave more of a cryptocurrency platform that
| pretends to be a browser?
|
| A lot of people don't really like the toxic discussions that
| crypto usually tends to devolve in. So it makes sense to block
| the browser if you don't want those people on your server.
| ykonstant wrote:
| I am no fan of Brave, but where is the logic here? Just
| because someone uses Brave, they will engage in toxic
| discussions on crypto? Am I missing something?
| bb88 wrote:
| The crypto world is full of toxic.
| tonfreed wrote:
| It's probably more of a "I don't like Brendan Eich" thing,
| but the maintainer can't really say that without sounding
| unhinged.
|
| Then again, I actively go out of my way to be toxic on the
| internet, so maybe they have a point
| sshine wrote:
| It's my impression that it's mostly a browser. But I don't
| use it, because who needs another WebKit clone.
| secondcoming wrote:
| I use Brave for YouTube and other streaming, and I've never
| encountered any crypto stuff. They have/had their own BAT
| token that dealt with paid advertising but I've not seen it
| mentioned in quite some time.
|
| As far as I can tell it's just another browser that blocks a
| lot of internet crap.
| TiredOfLife wrote:
| It's you.
| blueflow wrote:
| You can scroll through the lobste.rs moderation log to get in
| impression of how moderation on lobste.rs works:
|
| https://lobste.rs/moderations
|
| Also incidents like this:
|
| https://lobste.rs/s/zp4ofg/lobster_burntsushi_has_left_site
|
| This kind of stuff gives me hugbox vibes, i would not feel safe
| there. I'm somewhat sure some of the moderators use the website
| as personal political leverage.
| hagbard_c wrote:
| I used to have an account on that site as well and left for
| the same reason: repeated messages telling me I had been
| flagged and I needed to reconsider when I dared to venture
| too far outside the desired narrative. There will be many
| others who have made or will make the same decision which
| leaves sites like this with a population which is mostly
| ideologically cohesive. Maybe that is a good thing for those
| sites and maybe the participants feel 'safe' in such an
| environment but it surely is lacking in stimulating curiosity
| and widening one's intellectual horizon.
| 420_14_88_69 wrote:
| Sounds familiar, except here there's no notification when
| you get flagged/deaded/shadowbanned.
| hagbard_c wrote:
| At least HN allows you to come back under another name
| and with that is less at risk of totally succumbing to
| the echo chamber mentality. It also does not tie new
| users to existing ones nor are existing users who happen
| to invite new users who are deemed to be 'problematic'
| punished for those invitations.
| 420_14_88_69 wrote:
| This site is just as much of a hugbox. At least they have
| transparent moderation. Here you just get deaded and
| shadowbanned and don't know why. (Well, you can guess:
| because you posted a right-wing opinion)
| gaganyaan wrote:
| What does 14 88 refer to in your username?
| FreakLegion wrote:
| I'm sure you already know and are asking as a way to
| point it out, but for anyone who doesn't:
| https://en.wikipedia.org/wiki/Fourteen_Words.
|
| Does this person actually buy into the nonsense, though,
| or are they just being provocative? Both are reasons to
| mute someone, but only one is ideological.
| dang wrote:
| https://web.archive.org/web/20250108091906/https://lobste.rs...
| sepositus wrote:
| Is a decentralized approach to communication an effective bulwark
| against this type of legislation? As is mentioned in the linked
| thread, the act itself is extremely hard to parse, so maybe it's
| not even possible to know the answer. Just curious if anyone has
| done research from that angle.
| zimpenfish wrote:
| Neil Brown[0] has been attending the Ofcom online sessions and
| asking them about Fediverse servers but they've been
| unhelpfully vague as to how/if/why/when they fall under OSA.
|
| [0] https://onlinesafetyact.co.uk
| dang wrote:
| [stub for offtopicness]
| basisword wrote:
| As much as I hate this legislation, this is really just a small
| forum deciding they don't have the time to understand the
| legislation and therefore it's easier to block IP's from the UK
| (while it's not even clear if that will exempt them from
| liability). Fair enough but hardly earth shattering. I remember
| several US based websites geo-blocking all of Europe after GDPR
| came in (I think the LA Times was one of the biggest) and that
| went on for years.
|
| We need legislation that tackles the various issues this
| legislation aims to tackle but in much more targeted ways. It
| needs to specifically target the biggest social media companies
| (Meta, X, Reddit, etc). Smaller forums are irrelevant. If your
| algorithm recommends self-harm content to kids who then go on to
| kill themselves it is right that you should be held responsible.
| "We're so big we can't be expected to police the content we host"
| should not be an acceptable argument.
| Analemma_ wrote:
| Small forums run as hobby projects need to require little-to-no
| investment of time and money, or the ROI quickly goes negative
| and they just shut down instead.
|
| A little while back there was the story [0] of a Mastodon admin
| who hated CloudFlare and its centralized protection, but found
| that he had no choice but to sign up for it anyway because a
| disgruntled user kept launching DDoS attacks and he had no
| other way to keep his instance online. A bunch of people here
| and elsewhere kept unhelpfully replying that, "you don't need
| CloudFlare, you could just do [incredibly convoluted and time-
| consuming solution] instead", and all of those people were
| missing the point: CloudFlare is "set it and forget it", which
| is a non-negotiable requirement for anything which is run as a
| hobby instead of a full-time job.
|
| It's the same with this UK law: yes, you _could_ spend weeks of
| your life learning the intricacies of laws in some other
| country, or you could just block them and be done with it.
| Businesses which might need revenue from UK users will do the
| former, but if I'm running a site out of my own time and money,
| I'll do the latter. And I don't want hobby sites to have to
| disappear: the Internet is commercialized enough as it is, and
| regulating passion projects out of existence would kill the
| last remaining independent scraps.
|
| [0]: https://news.ycombinator.com/item?id=21719793
| basisword wrote:
| It would be much easier for me to run a small business if I
| didn't have to worry about the intricacies of tax law or how
| the various company structures affect my liability - but
| that's life. If you want to do various things in life, you
| may have certain responsibilities. Again - I don't like this
| particular legislation, but if your hobby is a website where
| others can post content you have a responsibility that the
| content shouldn't be illegal or harmful to others. If you
| can't deal with those responsibilities you can't run the
| website. It's no different than being required to follow
| health & safety regulations in an IRL business, even if it's
| just my 'hobby'.
| Analemma_ wrote:
| Yes, I could do that, or I could block the only country
| which is imposing these burdens on me, keep my website
| running as it always has been, and call it a day. It's a
| pretty easy choice.
| ss64 wrote:
| You can still be fined for 'failing to comply' with the
| legislation even if no objectionable content has been
| posted. To be in compliance there is a whole list of things
| you need to do, some of which are expensive.
| tzs wrote:
| Which things are expensive?
| mattlondon wrote:
| I think the legislation does not name specifically companies
| (that would be quite shortsighted since new apps etc appear all
| the time and they don't want to be updating legislation every
| time something gets popular), but simply says if you have more
| than 7 million 30-day active UK users of the user-to-user part
| of your site, then you're in-scope. That's quite a big
| audience.
| LAC-Tech wrote:
| Question: why pro-active block some authoritarian countries like
| the UK, but not others like China? Is it because only the UK
| passes legislation that threaten people outside of its borders?
| Or does China do it too and we ignore it?
| ok_dad wrote:
| China probably can't get the USA to extradite an American
| citizen for breaking a Chinese law. The UK can.
| do_not_redeem wrote:
| Are there any examples in history of the US extraditing
| someone with no UK ties to the UK?
| mattlondon wrote:
| If you commit a crime in the UK then I would expect
| extradition to be a genuine risk.
|
| It's a connected world, so online activities are probably
| pretty grey-areas. If you defraud someone (for example) but
| they're in another country, where did the crime happen?
| ChocolateGod wrote:
| The UK can't even get the USA to extradite an American woman
| who was driving on the wrong side of the road and killed a
| child.
|
| The US-USA extradition treaties have always been one way.
| kmeisthax wrote:
| As someone who self-hosts Mastodon, should I be geoblocking the
| UK as well?
|
| For the record, I only host it for myself, so I'm pretty sure I
| wouldn't have received any of the legal protections that the OSA
| is now stripping away, and thus geoblocking the UK wouldn't
| matter. But if there's something else I'm missing, please let me
| know.
| jjcm wrote:
| I definitely get the proactive response here, as I've considered
| the same for my small platform. The biggest issue is the
| definitions of who the majority of the requirements apply to is
| quite hard to find. It's buried on page 65 of this pdf:
|
| https://www.ofcom.org.uk/siteassets/resources/documents/onli...
|
| It defines "large service" as "a service that has more than 7
| million monthly active United Kingdom users". This is 25% of the
| UK population. If your service isn't a household name, it mainly
| doesn't apply to you, but the language they use makes it seem
| like this applies to more.
| johneth wrote:
| 7 million is about 10% of the UK population, not 25%.
| jackjeff wrote:
| As a person living in the UK, I really hope the rest of the world
| gives the middle finger to this pathetic extra territorial law by
| totally ignoring it.
|
| They can ask ISPs to do the censorship if they really want to
| keep us "safe".
| tzs wrote:
| I don't know anything about lobste.rs, but they mention lfgss and
| when that was discussed on HN a couple months ago the person that
| runs lfgss mentioned these as things they would have to do to
| comply:
|
| > 1. Individual accountable for illegal content safety duties and
| reporting and complaints duties
|
| > 2. Written statements of responsibilities
|
| > 3. Internal monitoring and assurance
|
| > 4. Tracking evidence of new and increasing illegal harm
|
| > 5. Code of conduct regarding protection of users from illegal
| harm
|
| > 6. Compliance training
|
| > 7. Having a content moderation function to review and assess
| suspected illegal content
|
| > 8. Having a content moderation function that allows for the
| swift take down of illegal content
|
| > 9. Setting internal content policies
|
| > 10. Provision of materials to volunteers
|
| > 11. (Probably this because of file attachments) Using hash
| matching to detect and remove CSAM
|
| > 12. (Probably this, but could implement Google Safe Browser)
| Detecting and removing content matching listed CSAM URLs
|
| A lot of those sound scary to deal with but upon closer look
| don't actually seem like much of a burden. Here's what I
| concluded when I looked into this back then.
|
| First, #2, #4, #5, #6, #9, and #10 only apply to sites that have
| more than 7 000 000 monthly active UK users or are "multi-risk".
| Multi-risk means being at medium to high risk in at least two
| different categories of illegal/harmful content. The categories
| of illegal/harmful content are terrorism, child sexual
| exploitation or abuse, child sex abuse images, child sex abuse
| URLs, grooming, encouraging or assisting suicide, and hate.
|
| Most smaller forums that are targeting particular subjects or
| interests probably won't be multi-risk. But for the sake of
| argument let's assume a smaller forum that _is_ multi-risk and
| consider what is required of them.
|
| #1 means having someone who has to explain and justify to top
| management what the site is doing to comply.
|
| #2 means written statements saying which senior managers are
| responsible for the various things needed for compliance.
|
| #3 is not applicable. It only applies to services that are large
| (more than 7 000 000 active monthly UK users) _and_ are multi-
| risk.
|
| #4 means keeping track of evidence of new or increasing illegal
| content and informing top management. Evidence can come from your
| normal processing, like dealing with complaints, moderation, and
| referrals from law enforcement.
|
| Basically, keep some logs and stats and look for trends, and if
| any are spotted bring it up with top management. This doesn't
| sound hard.
|
| #5 You have to have something that sets the standards and
| expectations for the people who will dealing with all this. This
| shouldn't be difficult to produce.
|
| #6 When you hire people to work on or run your service you need
| to train them to do it in accord with your approach to complying
| with the law. This does not apply to people who are volunteers.
|
| #7 and #8 These cover what you should do when you become aware of
| suspected illegal content. For the most part I'd expect sites
| could handle it like the handle legal content that violates the
| site's rules (e.g., spam or off-topic posts).
|
| #9 You need a policy that states what is allowed on the service
| and what is not. This does not seem to be a difficult
| requirement.
|
| #10 You have to give volunteer moderators access to materials
| that let them actually do the job.
|
| #11 This only applies to (1) services with more than 7 000 000
| monthly active UK users that have at least a medium risk of
| image-based CSAM, or (2) services with a high risk of image-based
| CSAM that either have at least 700 000 monthly active UK users or
| are a "file-storage and file-sharing service".
|
| A "file-storage and file-sharing service" is:
|
| > A service whose primary functionalities involve enabling users
| to:
|
| > a) store digital content, including images and videos, on the
| cloud or dedicated server(s); and
|
| > b) share access to that content through the provision of links
| (such as unique URLs or hyperlinks) that lead directly to the
| content for the purpose of enabling other users to encounter or
| interact with the content.
|
| #12 Similar to #11, but without the "file-storage and file-
| sharing service" part, so only applicable if you have at least
| 700 000 monthly active UK users and are at a high risk of CSAM
| URLs or have at least 7 000 000 monthly active UK users and at
| least a medium risk of CSAM URLs.
| dang wrote:
| Related ongoing thread: _In memoriam_ -
| https://news.ycombinator.com/item?id=43152154
___________________________________________________________________
(page generated 2025-02-23 23:01 UTC)