The Online Safety Act (OSA) is a British law purported to make the internet “safer,” particularly for children. But from the moment it was proposed, critics warned it would do little to protect children from real online dangers. Instead, they argued it would suppress legitimate political speech, require mass collection of personal data and force platforms to restrict access to useful and innocuous content in the name of compliance.
With key components of the OSA taking effect on July 25th, those warnings have proven alarmingly accurate.
British lawmakers are finding that their own past posts on current events are now blocked from view in their own country. Subreddits like r/periods and r/stopsmoking now require uploading a government ID to access—driving away users seeking health advice. Spotify now demands ID or biometric data for users to access basic podcast and music features—causing mass confusion and backlash.
In one particularly appalling case, testimony from a survivor of a gang rape submitted to a parliamentary inquiry was hidden behind an age verification wall.
The widespread backlash has united Britain’s ideological opposites. Right-wing Reform UK—currently leading the polls for the next general election—leftist commentator Owen Jones, and the centrist Liberal Reform caucus have all called for repeal. A government petition demanding repeal has already surpassed 440,000 signatures. Wikipedia, an online encyclopedia, is fighting against having to age verify their users, while a separate lawsuit is being prepared to protect non-UK websites from jurisdictional overreach by the British government.
Unfortunately, the UK isn’t alone in racing toward online speech regulation. Australia has passed a ban on social media for anyone under 16, taking effect in December 2025. The EU’s expansive Digital Services Act, full of vague mandates and compliance red tape, has already begun chilling speech across the continent.
And in the U.S., state legislatures have passed a flurry of age verification mandates and access restrictions that threaten both privacy and free expression.
Thanks to litigation by NetChoice, many of these laws are currently blocked. And at the federal level, sweeping proposals like the Kids Online Safety Act and the Kids Off Social Media Act have, so far, rightfully failed in Congress.
Unlucky for British internet users, the UK’s experiment in speech controls and ID demands is already failing and revealing the true costs of these policies. Minors and adults alike are turning to VPNs to bypass the law entirely, pushing VPN apps to the top of download charts and rendering the OSA’s controls meaningless. Meanwhile, minors have already figured out that uploading photos of their parents or video games are enough to fool many verification systems.
While tech-savvy teens evade the law with ease, ordinary users are left to surrender sensitive data to clunky, insecure verification systems. These systems are honeypots for hackers. Data breaches are increasingly common, and the fallout can be severe.
Just this week, a dating safety app for women called Tea was hacked, leaking 72,000 images and driver’s licenses. The breach exposed such detailed personal information that a website popped up matching faces to names and addresses across the U.S.—a terrifying privacy failure.
Trying to regulate speech in the name of protecting children may be well-intentioned—but it’s fundamentally authoritarian and doesn’t work. These laws fail to protect kids while exposing everyone to censorship and surveillance.
Instead of pressuring tech platforms into gatekeepers of speech or forcing adults to surrender personal data, we should empower families and hold bad actors accountable. NetChoice supports smarter policy solutions—ones that give parents the tools they need to keep their children safe without compromising our free speech rights. That means education, parental autonomy and empowering law enforcement—not giving the nanny state the power to child-proof the internet.