techUK news and views
24 Apr 2025

Ofcom publishes Protection of Children Codes of Practice and guidance

Ofcom has published its landmark Protection of Children Codes of Practice and guidance, in a policy statement outlining new protections for children online.  The regulator's policy statement is accompanied by six volumes detailing decisions, regulatory documents, and guidance. 

Providers of services likely to be accessed by children must now complete children’s risk assessments by 24 July 2025.  

From 25 July 2025, providers will need to take the steps laid down in the Codes or use other effective measures to protect children. 

Key Documents: 

Outline of Volumes:  

  • Volume 1: Overview, scope and regulatory approach - sets out the scope of the statement, including an introduction to Ofcom’s duties and online safety functions and the children’s safety duties, and regulatory approach. 
  • Volume 2: The causes and impacts of online harm to children - presents Ofcom’s approach to three regulatory products: Ofcom’s Children’s Register of Risks, Children’s Risk profiles, and Ofcom Guidance on Content Harmful to Children. 
  • Volume 3: Assessing the risks of harms to children online - sets out Ofcom approach to governance and risk management across this statement and as well as the approach to the guidance Ofcom are required to produce for service providers completing children’s risk assessments. Ofcom’s Children’s Risk Assessment Guidance is published separately. 
  • Volume 4: What should services do to mitigate the risk of online harms to children? - outlines the regulatory framework and practical measures that online services must implement to protect children under the UK's Online Safety Act. This comprehensive document builds upon previous consultations and emphasises a higher standard of protection for children compared to adults.​These measures form Ofcom’s Codes, which are published separately for user-to-user services and for search services.
  • Volume 5: Annexes - includes details of the assumptions used in Ofcom’s economic assessment, legal framework, equality, summary of additional measures proposed by stakeholders, and glossary.
  • Volume 6: Illegal harms further consultation: User Controls - sets out Ofcom’s proposal to amend Measures ICU J1 (blocking and muting) and ICU J2 (disabling comments) in the Illegal Content Codes of Practice, bringing providers of certain smaller user-to-user services that are likely to be accessed by children into scope of these measures where they have relevant risks and functionalities. Ofcom are proposing that providers should either use highly effective age assurance to offer child users the option to block and mute other users and disable comments on their content or should offer these controls to all users on the parts of the service that are accessible by children. 

Summary of the Child Safety Codes (Volume 4)  

In Volume 4 Ofcom have provided an outline of key decisions on their approach to the Codes and the measures. These include: 

  • updating Recommender Systems measures to provide stronger protections for children and more clarity for providers; 
  • establishing a strong baseline level of protection for children of all ages, while encouraging providers to consider appropriate action for children in different age groups; 
  • providers of user-to-user services that allow harmful content should use highly effective age assurance to determine which of their users are adults;
  • confirming proposals that certain measures should apply to content categories beyond those specifically identified in the Act (i.e. to non-designated content or NDC); 
  • providers of large general search services should protect users determined to be children by applying a ‘safe search’ setting which filters primary priority content (PPC) out of their search results; and;
  • confirming which services measures should apply to (with some adjustments) so that in most cases, Ofcom recommend measures for all services with relevant risks and functionalities, regardless of size. 
  • Ofcom’s approach focuses on services which pose the highest risks for children. This is in line with the requirement to take a proportionate approach. 

Next Steps: 

  • Risk assessments: All in-scope services likely to be accessed by children in the UK will be required to complete their children’s risk assessment by 24 July 2025. The steps that providers should take to conduct children’s risk assessments are set out in Ofcom's Children’s Risk Assessment Guidance.  Ofcom have also updated existing record-keeping and review guidance to include specific guidance on record-keeping for children’s risk assessments. 
  • Codes of Practice: From 25 July, as long as the Codes complete the UK Parliamentary process, service providers will need to take the steps laid down in the Codes or use other effective measures to protect children. By the same date, all services which allow pornography must have highly effective age assurance in place to prevent UK children from accessing it.    
  • Consultation: Illegal harms: user controls: Ofcom are consulting on proposals that seek to expand the application of blocking and muting user accounts and disabling comments measures in the Illegal Content Codes (Volume 6) to a wider range of services. This decision is due to Ofcom now considering it proportionate for these measures to apply to certain smaller services that are likely to be accessed by children. The deadline for stakeholder comments on these proposals by 5 PM on 22 July 2025.  

How Ofcom is supporting industry   

Ofcom will be expanding their digital toolkit to provide support to service providers completing the children’s risk assessments and complying with the children’s safety duties. This toolkit for children’s safety duties will be available on the Guide for Services section of the Ofcom website. The are also producing the upcoming events: 

Ofcom Presentation at techUK Digital Regulation Group Meeting | 30th April 

techUK members are invited to attend the next Digital Regulation Group Meeting on Wednesday 30 April, 09:30-11:00 - where Ofcom's Protection of Children team will deliver a presentation on the Children’s Safety Codes followed by Q&A. To register for this session either online or in person, please do so here.   

Ofcom Webinar - The Online Safety Act Explained: How to comply with the rules to protect children’ | 4th June  

Ofcom will be actively engaging with service providers through their supervisory and promoting compliance activities. Ofcom are also arranging an online conference on 4 June 2025 – ‘The Online Safety Act Explained: How to comply with the rules to protect children’. This conference will include a mix of short practical sessions and topical deep dives to support providers on their path to compliance.   

  • Register your interest for the OSA Explained conference using this link and Ofcom will contact you with more details and information on how to secure your place.  

Please contact Samiah Anderson ([email protected]) if you have any questions about techUK’s online safety work.  

Samiah Anderson

Samiah Anderson

Head of Digital Regulation, techUK

Samiah Anderson is the Head of Digital Regulation at techUK.

With over six years of Government Affairs expertise, Samiah has built a solid reputation as a tech policy specialist, engaging regularly with UK Government Ministers, senior civil servants and UK Parliamentarians.

Before joining techUK, Samiah led several public affairs functions for international tech firms and coalitions at Burson Global (formerly Hill & Knowlton), delivering CEO-level strategic counsel on political, legislative, and regulatory issues in the UK, EU, US, China, India, and Japan. She is adept at mobilising multinational companies and industry associations, focusing on cross-cutting digital regulatory issues such as competition, artificial intelligence, and more.

She holds a BA (Hons) in Politics, Philosophy, and Economics from the University of London, where she founded the New School Economics Society, the Goldsmiths University chapter of Rethinking Economics.

Email:
[email protected]
Website:
www.techuk.org
LinkedIn:
https://www.linkedin.com/in/samiahnanderson/

Read lessmore

techUK's Policy and Public Affairs Programme activities

techUK helps our members understand, engage and influence the development of digital and tech policy in the UK and beyond. We support our members to understand some of the most complex and thorny policy questions that confront our sector. Visit the programme page here.

 

 

Upcoming events

16 May 2025

techUK member briefing with HMRC on R&D tax credits

Online
21 May 2025

Pro-Growth Regulation Report Launch

London
10 June 2025

Meet the Scalers: Growing a tech business in 2025

London Forum

Latest news and insights 

President's Awards 2025 - Nominations Open!

Do you have a trailblazer in your team? Do you work with an innovator or a problem solver? Do you have an inspirational colleague who deserves the spotlight for their work? The President’s Awards are back for 2025 and open for nominations. All techUK members are encouraged to nominate one colleague.

Learn more and nominate

Learn more and get involved

 

Policy Pulse Newsletter

Sign-up to get the latest tech policy news and how you can get involved in techUK's policy work.

 

 

Here are the five reasons to join the Policy and Public Affairs programme

Download

Join techUK groups

techUK members can get involved in our work by joining our groups, and stay up to date with the latest meetings and opportunities in the programme.

Learn more

Become a techUK member

Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.

Learn more

Meet the team 

Antony Walker

Antony Walker

Deputy CEO, techUK

Alice Campbell

Alice Campbell

Head of Public Affairs, techUK

Edward Emerson

Edward Emerson

Head of Digital Economy, techUK

Samiah Anderson

Samiah Anderson

Head of Digital Regulation, techUK

Audre Verseckaite

Audre Verseckaite

Senior Policy Manager, Data & AI, techUK

Mia Haffety

Mia Haffety

Policy Manager - Digital Economy, techUK

Archie Breare

Archie Breare

Policy Manager - Skills & Digital Economy, techUK

Daniella Bennett Remington

Daniella Bennett Remington

Policy Manager - Digital Regulation, techUK

Oliver Alderson

Oliver Alderson

Junior Policy Manager, techUK

Tess Newton

Team Assistant, Policy and Public Affairs, techUK

 

 

 

Related topics

Policy
Return to listing