Ofcom has fined US-based 4chan for failing to engage with its UK Online Safety Act investigation, raising questions about whether political deadlock over the legislation will ultimately lead to a more divided online landscape.
Shutterstock.com/metamorworks
Online forum 4chan has not responded to a request for a copy of its illegal content risk assessment nor to a second request relating to its worldwide revenue, Ofcom said today. In addition to a fixed £20,000 penalty, Ofcom handed it a daily fine of £100 for either 60 days or until 4chan provides the required information.
4chan’s counsel and Byrne & Storm partner Preston Byrne told Lexology PRO: “The fine decision is risible; Ofcom might as well order that the moon be made of cheese or that pigs should fly.”
“It's settled law in the United States that Americans don't obey British censors,” Byrne added. “We'll see Ofcom in court.”
The Online Safety Act statutory information requests are a part of an ongoing investigation Ofcom launched in June to examine whether 4chan complied with the requirement to implement appropriate safety measures to protect UK users from illegal content, among other duties. Ofcom handed the online message board a provisional notice of contravention three months later.
4chan has since formally resisted Ofcom’s actions in a scathing legal action it filed alongside Kiwi Farms in the Washington, DC federal court alleging that the UK’s Online Safety Act enforcement violates free speech.
It asked that the court find the demands unenforceable under US law and sought a court order that blocks Ofcom’s action. The companies claimed that Ofcom’s letters would violate the First Amendment, other US constitutional rights and the Communications Decency Act 1996.
The case is anticipated to be the first to test the extraterritorial reach of the Online Safety Act, which provides that its powers can legally extend to services that are based outside the UK if they have links to the jurisdiction.
The UK government has dealt with the challenge of enforcing against companies with no presence in the UK by granting Ofcom significant business disruption powers, say Ben Packer and Ria Moody at Linklaters in London. Under these measures, the regulator can apply for a court order requiring third-party service providers to disrupt the content providers’ ability to conduct business or to block UK access altogether.
Packer and Moody add that such powers are “brand new and untested” in the context of online safety. “However, given the global nature of the internet and the real risk that many services with no UK presence will simply ignore Ofcom, it seems inevitable that Ofcom will need to ask the Courts to grant these kinds of orders in future,” they note.
If platforms that serve UK users are unwilling to comply with the act, they may also choose to geoblock users, Packer and Moody say. “Ultimately, these are tricky legal and political issues, and this is an area where there will likely be significant friction in the coming months and years,” they add.
Ofcom today also closed its investigation into four file-sharing services – Krakenfiles, Nippydrive, Nippyshare and Nippyspace – which have blocked access to UK users instead of implementing additional safety measures. It added that an online suicide forum, which had been the subject of its first investigation under the act, implemented a geoblock to restrict access by people with UK IP addresses but remains on its “watchlist” to ensure the block is maintained and the forum does not encourage UK users to get around it.
Bubbling tensions
The US has made its concerns over the Online Safety Act clear since its first provisions came into force in March 2025. Officials have pressured the UK to soften its online safety laws over concerns that they could affect innovation and freedom of speech; a draft transatlantic trade agreement that emerged in April reportedly contained commitments by the UK government to review enforcement of the Online Safety Act in a bid to avoid tariffs.
But the UK parliamentary under-secretary of state for online safety Baroness Maggie Jones soon after stated that the rules are not up for negotiation in US trade deal discussions. “The fact is that the Online Safety Act is a piece of legislation, it can’t just be negotiated away,” she told a Science, Innovation and Technology Committee oral evidence session on 29 April.
The US government continued to resist the implementation of the act through numerous tools, including by revealing a visa ban on 28 May targeting “foreign nationals who censor Americans”. The US Department of State said in its statement that it is “unacceptable for foreign officials to demand that American tech platforms adopt global content moderation policies or engage in censorship activity that reaches beyond their authority”, adding that such “encroachments” undermine freedom of speech.
Other official actions followed, including a UK visit in August from a “free speech” delegation led by House Judiciary Committee Chairman Jim Jordan. “Nothing we heard in Europe eased our concerns about the Digital Services Act, Digital Markets Act, or Online Safety Act,” Jordan said after the trip. The US Department of State report on UK human rights practices, published on 12 August, further criticised the act’s inclusion of American tech firms in its scope and warned of potential effects on platform encryption.
Tech companies have also hit back, with Elon Musk-owned X issuing a statement arguing that the act’s broad regulatory reach overshadows its “laudable” intentions, adding that a more balanced and collaborative approach is needed to safeguard free speech. It noted that although it has worked hard to be in compliance, the timeline for meeting mandatory measures “has been unnecessarily tight”.
Davis Wright Tremaine partner Adam Seiff in Los Angeles tells Lexology PRO that the Online Safety Act imposes “a raft of content monitoring, filtering and age verification requirements” that would almost certainly violate First Amendment rules if enacted by the US government. He notes that federal courts in several US states such as California, Texas and Utah have already blocked similar laws over free speech concerns.
“Although the First Amendment does not directly restrain the acts of foreign governments, any attempts to enforce [Online Safety Act] penalty judgments against American companies in American courts may be hampered to the extent those judgments punish First Amendment protected activity,” Seiff notes.
The tensions were ultimately translated into concrete action, with US Federal Trade Commission chair Andrew Ferguson issuing formal letters on 21 August warning companies of “competing pressures from global regulators”.
Ferguson said in the letters, addressed to companies including Alphabet, Apple, Meta, Microsoft, Snap and X, that compliance with foreign governments’ demands to censor or decrypt data may “erode Americans’ freedoms.” He specifically cited the Online Safety Act as an example of a foreign law that incentivises tech companies to censor worldwide speech.
The chair reminded the companies of the FTC Act’s prohibition of unfair and deceptive practices, adding that they may breach the legislation if they censor Americans’ speech to comply with foreign government agencies without providing prominent notice.
A divided internet?
The situation is unlikely to de-escalate anytime soon. A political solution is improbable, given the tone that has already been set by both sides; the US government and industry are publicly resisting enforcement, while the UK has firmly maintained its support for the regulation, and even proposed stricter rules on self-harm content last month.
Herbert Smith Freehills Kramer partner Hayley Brady in London says the UK government is not expected to take significant legal action in response to these developments, noting that it has committed to implementing the Online Safety Act and that Ofcom has proceeded with the delivery of required guidance as well as its enforcement programme.
“Whilst other political parties have announced plans to repeal or amend the Online Safety Act, these changes may be more difficult for the next government to bring about in 3 – 4 years' time, as the Online Safety Act, and a body of enforcement action in relation to it, becomes more established,” Brady notes.
Digital players may instead resort to technological solutions in order to balance the competing requirements of multiple jurisdictions – which could ultimately create a more fragmented online world.
In particular, industry players with a presence in both the US and UK could geofence UK users away from parts of their sites, or implement different content moderation policies and procedures for UK users which do not apply for users outside the country Brady adds.
Meanwhile, lawmakers and regulators in the US “will likely be watching closely” to determine if platforms’ compliance with the UK act’s rules results in significant restrictions on content for US users, says Orrick partner Emily Tabatabai in Washington DC. “Under the Online Safety Act, many companies will be forced to choose between burdensome age assurance mechanisms or restricting certain types of content on their platforms.”
Platforms have already begun to roll out region-specific measures to comply with Online Safety Act age-verification provisions that came into force 25 July.
For example, Microsoft has said that age verification will be required for UK-based Xbox players to retain full access to social features, such as voice or text communication and game invites starting early next year. The company expects to set up age verification elsewhere in the future.
Tabatabai says the threat of significant UK fines could understandably compel companies “to err on the side of censoring legitimate content”, adding that some companies may try to take a "universal approach” to implementing restrictions, given the volume of online content.
“However, companies would be well-served to implement restrictions jurisdictionally, rather than globally, to avoid running afoul of free speech traditions in the US”, she notes.