Submission: Online Safety Draft Industry Standards

Under the Online Safety Act, the eSafety Commissioner can require industry bodies to draft industry codes to deal with Class 1 and Class 2 material. In 2022, a group of industry bodies commenced drafting industry codes to handle Class 1A and 1B material – this includes Child Sexual Abuse Material (CSAM) and/or Child Sexual Exploitation Material (CSEM), “pro-terror” material, as well as material that deals with crime and violence, and drug-related content.

In June 2023, the eSafety Commissioner registered 5 out of the 8 proposed industry codes. Of the remaining 3 codes, a sixth was registered after amendments to reflect the developments in generative AI. The eSafety Commissioner declined to register the final two codes – for ‘Designated Internet Services’ and ‘Relevant Electronic Services’, based on the decision they did not go far enough to safeguard users in Australia. Given the proposed codes did not meet the expectations of the eSafety Commissioner, they then drafted industry standards. In November 2023, the eSafety Commissioner opened public consultation on the draft industry standards for 31 days.

  • For more detail on the Online Safety Act, head to our 2021 explainer here. Digital Rights Watch also made a submission on the original set of draft industry codes in October 2022 developed by industry here.
  • For more details on the Industry Codes process and consultation from the industry associations, head here.
  • For detail from the eSafety Commissioner on the Industry Codes and Standards, head here.

The standards would apply to a broad range of services including email, messaging, and personal file storage, and include a range of proactive detection obligations to detect, remove, disrupt and deter illegal content. However, as there are no safeguards for encryption, the standards would require end-to-end encrypted services to undermine the security and privacy of their users in order to comply. 

Within our submission below, Digital Rights Watch calls for improved protections for privacy and digital security, which are essential components to upholding the online safety of everyone – including children.

In response to the proposed standards, Digital Rights Watch also teamed up with Access Now and the Global Encryption Coalition Steering Committee to pen a joint letter to the eSafety Commissioner urging them to not require end-to-end encrypted services to undermine the privacy and security offered to their users by requiring proactive detection, or, ‘client-side scanning’. The letter was signed by 40 local and international organisations, as well as over 560 individuals in support. Read the letter here.

Read our full submission below, or download a PDF here.