Date

27 Mar 2025

Tech, media and telecoms

Online safety: the next wave of regulation

By

Author

First name

Conan

D'Arcy

Of all the issues that have driven the “techlash” over the past decade, online safety and content moderation have proven the most emotive and durable, but also contested. This is not surprising given that they raise fundamental questions for modern democracies – how news and opinion should be distributed, shared and consumed; how governments, political parties and candidates communicate with their electorates; what, if any, qualifications should be applied to freedom of expression online, and; how to protect children and young adults when content, experiences and activities are easily accessible and seemingly limitless.

Over the past decade the GC team has worked on the landmark reforms of the EU’s Digital Service’s Act (DSA) and the UK’s Online Safety Act (OSA) from their inception in the late 2010s to their implementation today. Our Washington DC team has tracked closely the legal challenges and policy debates around Section 230 and the growth of content moderation laws at the state level across the USA. We have had the privilege of working with the full spectrum of industries impacted by these changes from social media platforms and gaming companies to dating apps and app stores.

The objective of this report is to understand where we are likely to see future legislative reforms and the form they might take. Initially, we were struck by the fact that before laws like the OSA were even in place, there was already an emerging debate about legislating to go even further. And before a single DSA enforcement case had concluded, Commission President Ursula von der Leyen was committing to further reforms in areas like addictive design.

The advent of the second Trump administration has transformed the online safety policy agenda and this report’s focus. The strident views of the President and the Vice-President has elevated online safety and content moderation policy to the top of transatlantic relations. Online safety is no longer a domestic policy agenda - any decision in Europe for further legislation or enforcement will now be taken in the knowledge that it could prompt the ire and potential retaliation of the Trump administration.

This report aims to act as a guide to businesses, policymakers and the wider policy community to how these tensions could play out and where we can anticipate further legislative reform and enforcement action in the coming years.

Implications for businesses

Competing expectations on companies

Companies will need to navigate opposing expectations from policymakers in the US and Europe, especially in areas like the moderation of misinformation. While the risk initially will be a reputational one, there is a growing prospect in this political cycle that it could evolve into competing legal obligations, for example, in areas like the accuracy of answers given by generative AI chatbots and other applications on contentious political questions.

New rules for children online and AI content

Not all policy areas are equally exposed to transatlantic dynamics and there remains a high likelihood that there will be new legislation on both sides of the Atlantic on the protection of children online and transparency measures for AI-generated content. In contrast, new legislation on misinformation and encryption is unlikely and these policy areas will primarily play out via enforcement actions.

More unpredictable policymaking

In contrast to previous political cycles, which saw long policy formulation processes for the DSA and the OSA, the course of online safety policy will be less predictable. It will also be less self-contained - other sources of transatlantic tension, like tariffs, defence and Ukraine, will influence how Europe and the US pursue and prioritise online safety policy.

Executive summary

Protecting children

Legislative reform to protect children online is likely in the medium-term, driven by widespread public concern. There are three main areas where policy is likely to focus: age verification, restrictions on under 16s accessing online services, and measures to combat online addictiveness.

Misinformation

Transatlantic tensions will be most evident in misinformation policy, making the passage of new legislation unlikely in the near term. The focus of policy activity will therefore concentrate on enforcement of existing legislation, most notably the DSA.

AI generated content

There is a high likelihood of new rules coming into force in the next few years. The current policy consensus could, however, prove temporary should the strained debate on misinformation be transposed to AI chatbots and other generative AI tools.

Encryption

There is no consensus in favour of reform, meaning that new legislation is unlikely in the coming years with the potential exception of the EU’s Child Sexual Abuse Material (CSAM) regulation.

Read the full report here

Listen to the team discuss the findings of the report and what they may mean for the regulatory landscape on our tech policy podcast, Top in Tech.

The views expressed in this report can be attributed to the named author(s) only.

Recommended insights

Podcast

10 Apr 2025

How to build an "AI Continent": What the Commission's AI Continent Action Plan means for Europe

On this week's episode of Top in Tech, Adriana Capparelli, Director in our Tech, media and telecoms team is joined by Natasha Dixon, Senior Associate, to unpack the European Commission’s...