top of page

BlackBay Insights

  • Anastasia Dimitriou

Understanding Australia's Online Safety Act: A Guide to Dealing with Cyber Abuse

Online Safety Act 2021

Australia’s online safety laws were strengthened with the introduction of the Online Safety Act 2021 (Online Safety Act) which commenced on 23 January 2022. The legislation addressed gaps in the online regulatory framework established by the Enhancing Online Safety Act 2015 (Cth) and significantly enhanced the eSafety Commissioner’s investigative and enforcement powers.


The Online Safety Act provides important safeguards against, and responses to, cyber abuse of adults; cyber-bullying of children; and image-based abuse (sometimes called ‘revenge porn’).


Under the laws, online platforms must respond to a takedown notice within 24 hours. Civil penalties can be imposed on both the person who posted the material and the provider of the service on which it was posted, including fines up to $111,000 for individuals and $555,000 for companies. The Online Safety Act applies to providers of the following services (amongst others):

  • Social media platforms (eg Facebook, Instagram, Twitter, TikTok)

  • Email and instant messaging (eg Outlook, WhatsApp)

  • Search engines (eg Google)

  • Online games

  • Online dating

  • App distribution

  • Data hosting

  • ISPs

Online service providers are now also subject to industry standards known as the “Basic Online Safety Expectations” (BOSE) which require them to take reasonable steps to minimise the risk of harm to users of their services. For example, online service providers are now required to create a safer online environment through:

  • Ensuring technological or other measures are in place to prevent access by children;

  • Guaranteeing mechanisms are available that enable users to report and make complaints about cyber bullying material and breaches of the service’s terms of use; and

  • Reporting complaints and removal notices to the Commissioner within 30 days when required.

  • As well as granting the Commissioner powers to issue formal warnings, infringement notices, enforceable undertakings, injunctions and civil penalties, the Online Safety Act also gives the Commissioner powers to “unmask” users of anonymous accounts used by cyber-bullies or abusers by obtaining information from service providers about those users.


What is the difference between cyber abuse and defamation?

In order for the eSafety Commissioner to act on a report of cyber-abuse of an adult, the abuse must be “seriously harmful”. This is a higher threshold than the one in eSafety’s cyber-bullying scheme for under 18s, because it is presumed that adults are more resilient than children.


For the eSafety Commissioner to investigate a report of harmful content, it must target a specific Australian adult and be both:

  1. Intended to cause serious harm; and

  2. Menacing, harassing or offensive in all the circumstances.

Serious harm includes physical or psychological harm which endangers, or could endanger, a person’s life; or which could have some form of lasting effect on an individual, e.g. where the abuse repeatedly targets the same person. It may also involve hate speech. It does not include content which is merely offensive, if it is not also intended to cause serious harm to the person targeted.


The objective of the Online Safety Act is to minimise physical and psychological harm to targets of cyber abuse by removing harmful content. Defamation laws on the other hand are designed to compensate individuals for damage to their reputations.


Since July 2021, defamation laws in most Australian jurisdictions have included their own “serious harm” test. Unlike the Online Safety Act, a defamation plaintiff is required to provide evidence of serious harm to his or her reputation, in order to meet the threshold for commencing defamation proceedings.


There will be some circumstances where material posted online is both defamatory AND meets the threshold of adult cyber abuse. In those circumstances, the victim of the abuse could both seek the assistance of the eSafety Commissioner to have the content removed and/or take action under Australia’s defamation legislation.


BlackBay Lawyers has acted for clients who have reported material to the eSafety Commissioner, which the Commissioner has declined to act on, but for whom we were nonetheless able to issue Concerns Notices under the Defamation Act 2005 (NSW). BlackBay Lawyers can also assist in reporting material to the eSafety Commissioner with a view to encouraging the eSafety Commissioner to take action.


There may also be circumstances where publications have been taken down (either with the assistance of the e-safety Commissioner or otherwise) which may still be the subject of defamation action.


Victims of “revenge porn” may also be able to pursue an action for breach of confidence.


If you have been a victim of cyber-abuse and need legal advice, feel welcome to get in touch.


The content in this Article is intended only to provide a summary and general overview on matters of interest. It is not intended to be comprehensive nor does it constitute legal advice. It should not be relied upon as such. You should seek legal or other professional advice before acting or relying on any of the content.


Comments


bottom of page