Illegal content risk assessment for the Online Safety Act
2025/03/18Document history
| Version | Date | Author | Comment |
|---|---|---|---|
| 1.0 | 2025-02-12 | Peter Molnar | Contact: mail@petermolnar.net |
Background
This is a personal website that exists for fun and to have a home online.
Key facts
- I – Nora Hamucska – am a resident of the United Kingdom
- The server is located in the United Kingdom
- Me and my spouse are the only administrators, editors, and content providers of the service
- Me and my spouse are the only people who can create or approve new content on the service
- Anyone in the world can view the service
- Someone who accesses the web interface of the service can see the content.
Online Safety Act illegal content risk assessment
Key information
| Information | Answer |
|---|---|
| The service to which the risk assessment relates | self-hosted website at: norahamucska.com and any subdomain service under the same domain |
| The named person responsible for the risk assessment | Nora Hamucska |
| The findings of this risk assessment have been reported and recorded through appropriate governance channels | Yes: logged in this document |
| Next scheduled review date | 2026-02-01 |
Document history
| Date | Version | Nature of change (created / reviewed / updated) | Who completed the risk assessment | Who approved the risk assessment |
|---|---|---|---|---|
| 2025-02-12 | 0.1 | Created | NB | NB |
Ofcom’s suggested steps
- Step 1: Understand the kinds of illegal content that need to be assessed
- Step 2: Assess the risk of harm
- Step 3: Decide measures, implement, and record
- Step 4: Report, review, and update
Ofcom’s risk factors
Me and my spouse are the only administrators, editors, and content providers of the service, and we are the only people who can create or approve new content on the service.
According to Ofcom’s risk factors guidance:
- 2 (child access): there is no access control, so a child could view my instance. Nothing on my instance is particularly attractive to children
- 4a (user connections): people can follow me via feeds or other means
- 5e (posting images or videos): I can post images/videos
- 7b (hyperlinks): I can post hyperlinks
Priority legal content
| Type of content | Risk factors (from Ofcom’s risk profiles) | Conclusion | Rationale | Measures |
|---|---|---|---|---|
| Terrorism | 1a, 4a, 5,b, 5e, 7b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Child Sexual Exploitation and Abuse (CSEA): Grooming | 1a, 2, 3a, 4a, 5b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Child Sexual Exploitation and Abuse (CSEA): Images | 1a, 2, 5b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Child Sexual Exploitation and Abuse (CSEA): URLs | 7b | Negligible risk | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Encouraging or assisting suicide | 1a, 5e, 5g, 7b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Hate | 1a, 3a, 5e | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Harassment, stalking, threats and abuse | 1a, 3a, 4a, 5b, 5e, 5g | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Controlling or coercive behaviour | 1a, 4a, 5b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Drugs and psychoactive substances | 1a, 3a, 4a, 5b, 5e, 7b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Firearms, knives or other weapons | 1a | Low | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Human trafficking | 1a, 3a, 5e | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Unlawful immigration | 1a, 3a, 5e | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Sexual exploitation of adults | 1a, 3a | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Extreme pornography | 1a, 5e | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Intimate image abuse | 1a, 5b, 5g | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Proceeds of crime | 1a, 3a | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Fraud and financial offences | 1a, 3a, 4a, 5b, 7b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Foreign interference | 1a, 3a, 4a, 5e, 5g, 7b | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
| Animal cruelty | 1a, 5e | Negligible | There is no content like this is, or will ever be posted, therefore likelihood of a visitor encountering this content is nonexistent. | None |
Other illegal content
| Illegal content/offence | Risk of encountering this content/offence | Rationale | Measures that you will implement using Ofcom’s Codes of Practice or alternative measures |
|---|---|---|---|
| All other content / offences | Negligible | The likelihood of a visitor encountering other illegal content, or the service being used to facilitate or commit other offences, is incredibly low, due to the manual, always present moderation of any incoming links or content. | None |
Safety duties about illegal content
The following sets out my approach to compliance with the various safety duties in s10 OSA.
See also Ofcom’s recommended measures (table on page 8).
Proportionality
Some of the duties require me to take “proportionate measures”.
In determining what is proportionate, the OSA says that “the size and capacity of the provider of the service” are particularly relevant.
To that end, I am quite large, with a significant capacity for being caring and understanding.
Duties and approach
| Duty | My approach |
|---|---|
| To prevent individuals from encountering priority illegal content by means of the service | We will not post illegal content. |
| To effectively mitigate and manage the risk of the service being used for the commission or facilitation of a priority offence | We will not post illegal content. |
| To effectively mitigate and manage the risks of harm to individuals | No additional actions planned. |
| To minimise the length of time for which any priority illegal content is present | We will take down any illegal content. |
| Where the provider is alerted by a person to the presence of any illegal content, or becomes aware of it in any other way, swiftly take down such content | We will take down any illegal content. |
| To have in place regulatory compliance and risk management arrangements | We do not consider that these are proportionate to the risk. |
| design of functionalities, algorithms and other features | There are no algorithms on the site. |
| policies on terms of use | There is no terms of use. |
| policies on user access to the service or to particular content present on the service, including blocking users from accessing the service or particular content | There is no access control on the site. |
| content moderation, including taking down content | |
| functionalities allowing users to control the content they encounter | This is not relevant to my website. |
| user support measures | This is not relevant to my website. |
| staff policies and practices | This is not relevant to my website. |
| to include provisions in the terms of service specifying how individuals are to be protected from illegal content | There are no terms of service. |
| A duty to apply the provisions of the terms of service consistently | There are no terms of service. |
| A duty to include provisions in the terms of service giving information about any proactive technology used by a service for the purpose of compliance with a duty set out in s10(2) or 10(3) (including the kind of technology, when it is used, and how it works). | There are no terms of service. |
| A duty to ensure that the provisions of the terms of service are clear and accessible | There are no terms of service. |
In accordance with s66, if I were to become aware of unreported CSEA, I will report it to the NCA.
| Ofcom reference | Measure | Comment |
|---|---|---|
| ICU A2 | Accountable individual | Nora Hamucska |
| ICU C1 | Content moderation function | I will review and assess suspected illegal content |
| ICU C2 | Take down | I will remove reported illegal content |
| ICU D1 | Enabling complaints | Anyone can complain via mail@norahamucska.com |
| ICU D2 | Easy to find complaints information | Use mail@norahamucska.com |
| ICU D7 | Appropriate action for complaints | I will handle any complaints |
| ICU D10 | Appeals | I will handle appeals |
| ICU D11 | Proactive technology | I am not using proactive technology |
| ICU D12 | Appropriate action for complaints | As per ICU D7, I will handle any complaints |
| ICU D13 | Manifestly unfounded complaints | I will handle complaints |
| ICU G1 | Terms of service | Not applicable |
| ICU G3 | Clarity of terms | See ICU G1 |
| ICU H1 | Proscribed organisations | I will block anyone I become aware that they are a member of a proscribed organisation. |
Actions
| Action | Date | Status |
|---|---|---|
| None | n/a | n/a |
This document is based on Neil Brown‘s work and is licensed under Creative Commons CC BY-SA 4.0.