Opinion

Ofcom publishes article detailing its 2026 priorities for online safety, update on Online Safety Act implementation plans and guidance regarding technology notices

Ofcom publishes article detailing its 2026 priorities for online safety

From our blog

A&O Shearman on data
Published Date
May 26 2026
Related people
Image of Nigel Parker
Nigel ParkerPartner, London
On May 8 2026, Ofcom published (1) an article (the Article) setting out its priorities for the 2026-27 financial year under the Online Safety Act 2023 (OSA); (2) an update (the Update) on its approach to implementing the OSA; and (3) guidance on the exercise of its powers under section 121 OSA to issue Technology Notices to regulated services (the Technology Notices Guidance). 

(1) Article on Ofcom’s 2026-27 priorities

The Article follows the publication of Ofcom's Plan of Work for 2026-27 in March 2026 and provides further detail on the key trade-offs and judgements Ofcom has made in determining where to concentrate its enforcement and compliance efforts.

In the Article, Ofcom identifies three compliance priority areas for 2026-27: (i) protecting children; (ii) countering terrorism and illegal hate; and (iii) improving women's and girls' safety online. Ofcom explains that it will take the following actions to prioritise these areas: 

(i) Protecting children

  • continue enforcement programmes on child sexual abuse material and age assurance online; 
  • provide an update in May on whether major sites and apps, including Facebook, Instagram and TikTok, meet Ofcom’s expectations on effective age checks, protection against child sexual abuse material, and adequate risk assessments; and
  • provide an update in July on its analysis of how major online providers’ algorithms expose children to illegal and harmful content.

(ii) Countering terrorism and illegal hate: require online service providers to demonstrate that they are finding and removing content disseminating illegal hate speech and terrorist content and provide an update regarding its findings.

(iii) Improving women's and girls' safety online:

  • implement enforcement action regarding sexual deepfakes, nudification sites and image-based sexual abuse; 
  • set a new standard in May entitled ‘hash-matching’ to prevent the upload of known non-consensual intimate images, which will require online service providers to implement proactive protections, rather than relying on reactive image-takedown measures; and 
  • collate evidence for a report in 2027 addressing how technology firms have applied the practices set out in the 'Safer life online for women and girls’ guidance published in November 2025 (available here).

(2) Update on the implementation of the OSA

The Update sets out Ofcom’s approach to implementing the OSA, focusing on when Ofcom will deliver the codes, guidance, statutory reports, and advice to the Secretary of State that is required under the OSA. The Update also sets out the following key milestones:

  • June 2026: final decision on additional crisis response measures as well as publication of final media literacy statement of recommendations; 
  • July 2026: publication of categorisation register and consultation on additional duties for categorised services as well as publication of statutory report on age assurance; 
  • Autumn 2026: publication of statement on additional safety measures to improve Ofcom’s Codes of Practice (following consultation launched in June 2025);
  • October 2026: publication of statutory report on the incidence and severity of content harmful to children as well as publication of the Online Information Advisory Committee’s first statutory report;
  • January 2027: publication of statutory report assessing the role of app stores in children encountering harmful content (to support the Secretary of State in determining whether app stores should be brought in scope of the Act); and 
  • 2027: categorised services required to publish their first transparency reports (in accordance with Ofcom’s guidance on transparency reporting issued in July 2025).

(3) Technology Notices Guidance

The Technology Notices Guidance defines a Technology Notice as a notice issued by Ofcom requiring a provider of a regulated service to either: (i) use accredited technology to identify and prevent terrorism and/or child sexual exploitation and abuse (CSEA) content; or (ii) use best endeavours to develop or source technology meeting minimum standards of accuracy to deal with CSEA content.

The Technology Notices Guidance sets out the procedure Ofcom will follow where it intends to issue a Technology Notice requiring the deployment of technology that has been developed or sourced.

It also clarifies the following key points:

  • that service providers will receive a copy of the skilled person's final report at the same time as they receive a Warning Notice. A Warning Notice is a notice that must be given to a service provider before a Technology Notice can be given;
  • that Ofcom will, in every case, assess the technical feasibility of compliance for the service provider when determining whether it is necessary and proportionate to issue a Technology Notice
  • that the costs associated with accredited technology will form part of Ofcom's necessity and proportionality assessment; and
  • that service providers will not be compelled to make technology developed in response to a Technology Notice available to other providers.

 

Links to the Article, the Plan of Work, the Safer life online for women and girls guidance, the Update and the Technology Notices Guidance are available below:

Related capabilities

subscribe

Interested in this content?

Sign up to receive alerts from the A&O Shearman on data blog.

Sign up
Register or update your preferences