My Lords, this is only part of a patchwork of regulation and legislation around online harms—very sadly, we do not have the online harms Bill yet. This regulation highlights the whole problem of the UK having jurisdiction over foreign-domiciled—housed or homed overseas—companies. Companies outside the EU can completely dodge it: it does not cover them at all. The noble Lord, Lord Clement-Jones, mentioned the Digital Economy Act. We put a lot of thought, in Part 3 of that Act, into how we could still exert some degree of serious influence over such foreign companies. There was some stuff in there to allow us to ask payment providers, who all rely on getting money, to refuse payments on behalf of things that have breached UK law. I think that is quite a good mechanism, because we have to hit people in the pocket, otherwise they will just get around it.
A lot of this will come down to age-checking; we need a robust, Government-approved age-checking methodology. It is essential to doing anything and moving forwards. That became apparent after the BBFC failed to do anything effectively, although there was British Standard guidance in place to do it. International regulators will need it too; I know the EU and others are very interested in what we are doing in this space. We also need it for other online harms such as purchasing knives, alcohol, corrosive substances and many other things.
It would cost the BSI about £90,000 to take PAS 1296 to a proper, full specification. That could then be used by certification bodies to certify companies’ websites and age-verification providers against a standard. It would also be written in such a way as to be a seed document for an ISO standard, and can then go straight on to becoming—without further cost—an international standard to be used by EU and international regulators in the same way. They could therefore co-operate more easily, particularly if they decided to act against organisations delivering online material to the UK and their own jurisdictions, because they would all have the same concerns about the young.
Four government bodies should take a serious interest in this. Though DCMS is responsible at the moment, and has offered a small amount towards this, the Home Office, the ICO and Ofcom should all contribute a reasonable amount as well, not just pittances. They should put some money into it and probably also have
representation on the BSI steering group, so that they back it properly and state so publicly for a change. The Age Verification Providers Association has already promised money, and we can draw in more industry people if the Government support it.
11.32 am