Hi All,
Some sad news, but it has become apparent in order to safeguard the longevity of this site, there are no options left other than to cease allowing people from the United Kingdom to access Lemmy.zip.
Just to reassure everyone else right at the start - this ONLY affects users from the UK accessing Lemmy.zip. There is no effect on everyone else, and nothing in your Lemmy experience will change.
Due to the implementation of the Online Safety Act, we will be restricting access to Lemmy.zip to UK users starting 15th February 2025 —one week from today.
Why is this happening?
Lemmy.zip is hosted in Finland, and we have always strived to operate with respect for privacy and in line with all applicable laws. However, the UK’s Online Safety Act presents significant legal and operational challenges for small, independent fediverse sites, just like this one. The Act’s vague and overbearing requirements, combined with the potential for disproportionate and extreme fines, force us to make this decision to protect both the site and its users.
This law impacts a wide range of content with vague or conflicting definitions, and as a volunteer-run site, we cannot ensure full compliance. We do not wish to compromise your privacy or force you to verify your identity through intrusive age checks, which is the only method allowed under the Act. Therefore, we have no choice but to block access from the UK.
This won’t impact on federation, nor accessing the communities from an instance that tries to comply with (or ignores) the Act. Obviously if you’re from any other country in the world that isn’t the UK, this won’t apply to you at all.
If this affects you, then you are able to export your data (subscriptions etc) from your profile settings, and import them on to another instance (Feddit.uk is a good shout for brits!)
Unfortunately this is also brought about by my personal circumstances as the site owner - I’m not in a position to just ignore the Act like many are. Complying with the act would mean we would either have to implement Age Verification for all users to access the site, or we would have to disable NSFW entirely, which means communities that use NSFW tags for spoilers or content warnings also wouldn’t be accessible.
For those curious, UK users will instead be directed to this page when they try access the site.
This has been a really hard decision to make, and I fear many more fediverse sites that are somehow linked to the UK will need to take this step in order to protect themselves.
If this is overturned by the courts in the UK, then the block will be removed as soon as possible. I have my fingers crossed.
Happy to answer any questions in the comments.
Demigodrick.
You must log in or register to comment.
Just a couple of quick answers to potential questions.
-
Will this affect federation? No - even sites in the UK will still be able to federate with Lemmy.zip both ways. This just affects users trying to access the lemmy.zip website
-
Does this affect apps? Possibly - the front ends will definitely be affected (i.e. m.lemmy.zip). Apps like voyager etc remains to be seen, as I haven’t done any testing on these yet.
-
Ah crap. Im from the uk. This sucks. But i get its not your fault.
I only access this from Boost For Lemmy app but i suspect it will still fail to load data regardless.
I wonder would a vpn work? In theory it should.
A vpn would work. Some people use one 24/7 these days if their router/device supports it.
I keep one on my devices at most times anyway so that is no problem. I have no intention of leaving. Not for a while anyway
In the same boat as you, I’ve just used this as an excuse to flip the roles of the regular and VPN connections.
Used to be VPN when needed. Now it’s full time with exceptions as required.
A sad day for this instance indeed.
While I am glad to hear that otherwise all federation goes on, only blocking the site directly for UK residents, the underlying issue still remains. I am not a UK citizen nor do I live in the UK, but it’s just disappointing nonetheless.
Tap for spoiler
(Fucking corrupt bastards.)
So … People in the UK can still access all the content at lemmy.zip … just not at the site lemmy.zip.
This is what happens when people who have no idea how technology works are in charge of making laws about technology.
Yes, that’s the beauty of federation and the stupidity of the law :)
Just to avoid potential issues because this is a common misconception, Ireland is not in the UK. 🇮🇪🇮🇪🇮🇪
Haha I wouldn’t dare get them confused 😅 how i wish I had an Irish passport
I missed out by one generation when the majority of my friends are eligible.
I’m from the UK, this is disappointing to hear. The Online Safety Act is absolute shit.
Make your voice heard
I don’t think anyone ever cared about online petitions tbh.
It really is 🫤
That’s unfortunate for our UK brethren. Hopefully that law gets fought, because it sounds incredibly stupid.
Jesus Christmas.
https://en.wikipedia.org/wiki/Online_Safety_Act_2023
despite warnings from experts that it is not possible to implement such a scanning mechanism without undermining users’ privacy.[6] The government has said that it does not intend to enforce this provision of the act until it becomes technically feasible to do so.[7]
Platforms failing this duty would be liable to fines of up to £18 million or 10% of their annual turnover, whichever is higher.
It obliges large social media platforms not to remove, and to preserve access to, journalistic or “democratically important” content such as user comments on political parties and issues.
What the FUCK
£18 million pounds is a huge amount. That is around $22.3 million USD. Do they seriously think some hobby website has that kind of cash? Does the UK not have laws about cruel and unusual punishment?
Yes - wtf indeed.
The whole thing is insane. If it was targeted just at platforms like Meta or X, I’d totally get it (and maybe even agree with parts of it).
The fact it is a blanket provision and affects even single user mastodon instances, or 93 year old Betty’s gardening tips forum, in the same way as Facebook and Instagram, tells you a lot about the idiots/morons at OFCOM/UK Gov who put this together.
If 93 year old Betty’s gardening forum doesn’t currently have all the paperwork in place right now, btw, she’s liable for that fine.
That’s how stupid this all is, and why I’m nope-ing out of it.
Does anyone know if this has ever been used as a base for litigation so far?
The OSA comes into effect late March.
Yeah. It’s like they went out of their way to make every part of it as backwards as they could manage.
The part about making it illegal to moderate political content makes me wonder if some aspects of this have roots in trying to disable efforts to combat foreign interference in the UK’s elections.
I think some of it is actually OK on a macro scale, and stuff like trying to stop interference might have been sensible if thought out well. But the scope is too large, the guidance too broad, and the language used by OFCOM too threatening to those trying to learn. The burden on one person to comply is insane - it takes a team of lawyers just to read and decipher the 1000+ pages of guidance.
If they’d just realised a little while ago that their scope was way off and redefined who this applies to, there might have been more of a chance of complying.
Well… maybe, I have no idea, I just heard of all of this today. But “£18 million or 10%, whichever is HIGHER” is hard for me to read as any way but malicious.
That fine is more than more money than most of us will make in our entire lifetime.
I absolutely understand why you are doing the geoblock
As someone completely unaffected, it sucks that you had to make this decision, but I respect the hell out of it and appreciate your openness.
Thanks for the clear post.
If anyone on here signs up at feddit.uk be sure to mention it in your reply.
For other OSA discussion, I’ve started a community to help everyone working through and figuring out how to comply with the legislation: !onlinesafetyact@feddit.uk
I’ve already subscribed to this, but thank you creating it. I don’t know all of the implications, I just know the OSA is a crap idea.
Compliance by non-service will be the best way for anyone who can afford to lose UK users for an undetermined amount of time.
It’s the easiest way and it pushes people to do something about it. Either by instigating change or working around it to make it publicly ineffective.
Complying the ‘proper’ way only normalises the draconian legislation. It is not normal, and frankly the folk need to be told as such.
I’m afraid we don’t have a choice about compliance with the rules. We are the largest UK Lemmy instance (so geoblocking isn’t an option) and, if we did ignore the laws, we’d be hit with ruinous fines.
Given the size of the feddit instance, the general geolocation of the users, and that most fedi users are at least somewhat technically switched on - your position is even less enviable than Demigodrick’s.
As a user, all the verification options suggested in legislation are unacceptable. Sites that implement such checks would also become unacceptable by association. I’d rather see a hard lesson taught, as this instance has chosen to do.
Comply and upset the users. Dont comply and upset the gov. The users don’t have a stick with which to beat you, so I suppose for you compliance it is. Do you know yet what compliance is going to look like for feddit?
A large portion of users tend to come in waves, fleeing what they see as overbearing bad behaviour from their previous homes. I am one of them. I expect a lot of users will migrate to less discerning instances if your compliance method doesn’t pass the sniff test, and I can’t forsee any method managing that and keeping in line with legislation.
If you see a significant enough level of migration, would you bite the bullet and just shut up shop for the UK anyway? What’s the point in investing in compliance methods if the core userbase decides to move away?
Sorry for the jaded speculative babble, I’m just really interested in seeing how this is all going to pan out.
Do you yet what compliance is going to look like for feddit?
Behind what we are currently doing (NSFW filter on, Lemmy’s own systems, ways to contact Admins directly and AutoMod), so far I think we need:
- More contact email addresses
- A contact form
- A policy document on abuse
- A policy documents outlining the risk assessment and mitigations
The law isn’t designed to be onerous for small website owners (and that is pretty much anyone whose membership isn’t in the upper 100s of thousands) and all of the above should exceed the requirements. If not, then it demonstrates we’ve done our homework and improved our processes and documentation (which it seems is the laws intent - it forces you to think about the issues and what you can do about it, when you may have been muddling on through until now), so we are opening a dialogue with The Powers That Be and if there is room for improvement they will let us know, rather than having to get threatening.
If you see a significant enough level of migration, would you bite the bullet and just shut up shop for the UK anyway? What’s the point in investing in compliance methods if the core userbase decides to move away?
I really don’t see it coming to that. It should make no difference to the users of the site. It’s a bit of a time sink for Admins at the moment but, once it is done, it should, hopefully, only require the odd tweak at most.
Thanks for taking the time, very informative :)
I suppose a lot of it comes down to how nsfw is handled. If there are no means to access it on the home instance, then what you’re doing is probably A-OK.
That’s assuming the filter is locked on and any communities that fall into (or are likely to) the target categories are prevented from forming or expunged where they already exist. No need for invasive methods to verify age if there’s nothing to verify for.
The only problem I can see would be other federated instances that may feed poorly filtered or flat out unfiltered/untagged nsfw into yours. I imagine that’s going to be a decent chunk of the risk assessment, given that federation with others is the main point of lemmy as a whole.
I suppose a lot of it comes down to how nsfw is handled. If there are no means to access it on the home instance, then what you’re doing is probably A-OK.
It was the decision of the original Admin but it has made life easier (as in the CSAM spam attacks - we don’t need to figure out if it’s real or not, if it’s porn, it’s gone) and will make complying with the OSA simpler. I suspect there’s a way to navigate those waters but I am focused on our own needs to get this boxed off and then I’ll have a ponder on that topic. We’ve been discussing this with DGR for a while now and that is the main hurdle we’ve struggled with.
The only problem I can see would be other federated instances that may feed poorly filtered or flat out unfiltered/untagged nsfw into yours.
It’s like porn spam - it gets flagged up quickly and dealt with. One bonus of federation is that if it is removed from the home instance it is gone for us too, so it often gets sorted before we even realise there’s a problem.
I imagine that’s going to be a decent chunk of the risk assessment, given that federation with others is the main point of lemmy as a whole.
The OSA document we’ll post is 50% risk assessment, 50% mitigation - the law accepts that, in spite of your best efforts, shit happens, the more important thing is what processes and systems are in place to deal with it quickly and efficiently when it does.
Solid.
Lots of thought clearly already gone into it and I hope you do well.
I like my home here, nsfw and all, but I’ll still likely end up making an alt over on feddit.uk as per the invite way up there. Linked by bio both ways as per your rules ofc.
That’s it, there’s no more question marks and you can have your peace now 😅
or we would have to disable NSFW entirely, which means communities that use NSFW tags for spoilers or content warnings also wouldn’t be accessible.
On this note, why is it that so few sites seem to have implemented spoilers tags and instead relies on everyone using the nsfw tag instead?
We live in a “interesting” time. While I’m sad that this is necessarily I am also glad Lemmy.zip isn’t getting shutdown entirely.
I’m hoping this is temporary and something changes and I can lift it in the near future. I’m hoping enough sites will shut down for someone with some power to take a second look at this
Does the UK not have some sort of bill if rights or equivalent? Surely this can’t be enforced in the courts.
We’re subjects, not citizens. We have whatever rights the ruling classes deign to gift us.
I would still contact government leaders if you haven’t already.
Oh definitely. I’ll be contacting my MP about it.
If anyone else in the UK wants to do something similar then:
We have the European Convention on Human Rights. I guess you could make the case that it impedes on freedom of speech or similar, although I have no clue if it would be successful.
Well that’s a shit.
I am a UK user and a recent supporter. I don’t want to leave - this instance is busy enough to be useful, quiet enough to not be overbearing and also aligns well with my own values.
As a hypothetical, how would you handle (or not handle…) users that work around such restrictions?
The way the OSA is going, I can see VPN usage happening at a network level at home, rather than just when required.
I would have no way of knowing if you found a common and easy workaround… :)
Sales of VPNs etc will go through to roof as more sites start to block the UK.
Brill.
No hard feelings. I think it’s the best thing to do too.
❤️
I have an always on VPN on my mobile and planning to do the same for my PCs soon. Highly recommended :)
Same - but it ties back to the home network where my self hosted stuff runs. Primarily for adblocking with the rest of the network accessible as a bonus.
I guess now I’ll just have to rejig it up so the home network exit point is the mullvad connection.
Out of curiosity, what are the risks of violating this law with a site hosted in Finland? I don’t believe the UK has the ability to effectively fine people in other countries. Seems like the worst they could do is block the site themselves.
The regulator claims this can be enforced anywhere in the world (doubtful at best). I imagine most global site admins will ignore this and carry on as normal, and if the UK ever comes knocking politely tell them where to shove their requests.
However there are personal reasons why this applies to me with the scope of the Act, even with the infrastructure in Finland, and I can’t risk being on the other end of that fine. It’s simpler all-round for me just to deny access to the UK.
If they removed the insane (and I suspect corrupt) age verification requirements, then I could do the work to make the site comply with the Act, but as it stands I can’t guarantee it so I won’t risk it.
the insane (and I suspect corrupt) age verification requirements
This absolutely honks of a Capita/Palantir gov handout contract.
Doesn’t it just!
Some of the wording in the guidance is the same phraseology that Age Verification companies use, word for word. Make of that what you will!
It’s a shot at an inverse firewall. You don’t have to block your people’s access if you make the rest of the world block their access.
