Outgoing Email

Dear Mr. Dickson,

Re: The Online Safety Act: Overreach, Illegality, and the Real Risks to Child Protection

I am writing as your constituent in Dartford regarding the Online Safety Act (OSA). While presented as a law to protect children, it is already clear that the Act goes far beyond that purpose, contradicts existing UK law, endangers privacy, and risks silencing lawful expression. At the same time, it diverts attention and resources from the genuine child protection crisis in our communities.

A Record of Hypocrisy on Child Safety

Earlier this year you and your Labour colleagues voted against a proposed national inquiry into grooming gangs. An inquiry that would have addressed real, ongoing threats to children in this country. At the same time, Parliament has allowed the Online Safety Act to be presented as “the single biggest piece of child safeguarding legislation in a generation.” The contradiction is stark.

While you block investigations into organised child abuse and preside over a social care system in collapse: with early intervention funding cut by over £600 million since 2013, councils overspending £770 million simply to meet urgent statutory duties, and child protection cases rising 139% in a decade due to a lack of funding, the government chooses instead to fund censorship infrastructure. If child safety were truly the priority, resources would be directed to social workers, children’s centres, and safeguarding programmes. Forcing citizens to hand over identification to listen to music or access online forums is not safeguarding; it is censorship and authoritarian that ignores the real crisis facing children.

A Law That Goes Too Far

The OSA is not limited to restricting adult content. It is already affecting ordinary platforms and lawful expression:

  • Reddit forums on mental health, LGBTQ+ issues, and political debate have been flagged as “harmful.”

  • Discord hobby and gaming servers are being forced to implement age gates.

  • Spotify, a music service, is now introducing ID checks in the UK.

  • Most troubling of all, political rivals have had tweets “age restricted,” effectively silencing legitimate political speech behind verification walls.

Why should an adult in a childless household be asked to present ID to listen to music or Spotify, join a community forum, or read a political post? This is not protecting children; it is controlling the internet.

Conflicts with UK Law

The OSA is already at odds with existing British legislation:

  • Human Rights Act 1998 – Article 10 protects lawful political expression; Article 8 protects privacy in communication. Both are now undermined by OSA’s age-gating and surveillance powers.

  • Data Protection Act 2018 / UK GDPR – require proportionality and minimisation of data. OSA compels mass collection of IDs, photos, and biometrics, a clear contradiction of those principles.

  • Freedom of Information – political speech hidden behind ID checks is an obstruction to lawful access to information.

  • Equality Act 2010 – disproportionately affects vulnerable groups, including LGBTQ+ and disability support communities that depend on anonymous spaces.

Data Risks and Legal Liability

The Act outsources identity checks to private verification firms such as Persona (US), Veriff (Estonia/US), Onfido (UK), and Au10tix (Israel). Several of these companies have already been fined or exposed for misusing or leaking biometric data.

This raises profound sovereignty and security concerns. Having UK citizens’ most sensitive data shared with the United States, a country many now perceive as sliding towards authoritarianism, is unacceptable. Are you happy giving UK citizens’ data to Russia or China? Why should any foreign entity have this power? Even more troubling is the involvement of companies based in Israel. With the ongoing conflict in Gaza, and with widespread condemnation of Israel’s killing of children, UK citizens who have spoken out, or who are of Palestinian, or Iranian descent, could face the risk of their data being accessed under Israeli jurisdiction. A simple ID submission to log into a website could, in the wrong hands, expose them to subpoenas, surveillance, or harassment by a foreign state. Having the ID of British citizens given to private firms based in states currently accused of human rights violations, including the killing of children, in the name of protecting children. This is unacceptable.

Recent history shows what happens when sensitive databases are compromised:

  • The NHS Synnovis hack (2024) leaked 500GB of patient records.

  • The Electoral Commission hack (2023) exposed the details of 40 million voters.

  • Even the Ministry of Defence has accidentally leaked sensitive data abroad.

If the NHS and Electoral Commission cannot guarantee security, why should the public trust startups with millions of passports and selfies?

Worse still, under UK GDPR Article 82, anyone whose data is exposed in a breach has the right to compensation — including for distress and loss of control, not just financial harm. Past cases against British Airways and Marriott led to multi-million-pound settlements. If OSA databases are breached, the government may face class actions from the entire adult population of the UK. In fact, this isn’t a case of if, it’s a case of when. Foreign backed hacker groups will see this as a trove of personal data that can harm UK citizens. Why is it acceptable to risk identity theft and abuse of adults for a law of protecting children by measures that already exists with Internet Service Providers (ISPs).

Is this risk really preferable to simply funding social care and educating parents about existing ISP filters that already block adult content?

Public Backlash and International Lessons

The British public has already rejected the OSA in practice: VPN usage surged (ProtonVPN signups up 1800%, NordVPN sales up 1000%), 400,000 signed a repeal petition within days, and polling shows even Labour voters oppose ID-for-porn more than Conservatives.

Other democracies have shown where this road leads. France faces legal chaos and blocked platforms. Germany has spent years in court with little impact. US state laws have been struck down as unconstitutional. Australia branded age verification a “privacy nightmare” and refused to enforce it. The only regimes where blanket online ID checks “work” are Russia and China; countries the UK rightly calls adversaries.

Your colleague Peter Kyle, the Technology Secretary, has gone further still, publicly implying that adults using VPNs to avoid OSA restrictions are “predators.” I ask you directly: do you stand by that characterisation?

VPNs are not tools of predators. They are lifelines for privacy and security. British journalists use them to report safely from hostile states. NGOs and aid workers rely on them to bypass censorship abroad. Even our intelligence and military personnel depend on VPNs daily to protect operational security. Suggesting that anyone who values online privacy is a predator is not only false, it is reckless. It risks branding those who protect our freedoms: the press, aid workers, and the intelligence community that keeps this country safe - as criminals. Do you share that view, or will you repudiate it?

My Questions to You

As my MP, I ask you to provide clear answers to the following:

  1. Why should UK citizens be required to present ID for music, forums, or lawful political speech?

  2. How does the OSA protect children more effectively than properly funding social care?

  3. What safeguards exist against inevitable data breaches, and is the government prepared to face mass compensation claims from its own citizens?

  4. How will Labour prevent this law from branding the UK as an authoritarian state in line with Russia or China?

  5. Why was OSA needed when ISPs were already able to protect children?

  6. Do you agree with Peter Kyles comments that insinuates adults who use VPN for their safety (including our press, our aid workers and our own military and intelligence) are predators and criminals?

  7. Why is our personal data allowed to be in the hands of private firms in countries currently practicing authoritarianism and the genocide of children, in the name of protecting children?

Closing

The Online Safety Act, in its current form, undermines freedom of expression, endangers privacy, endangers UK citizens from foreign governments and distracts from real child protection. I urge you to support its urgent reform or repeal.

If Labour insists on treating citizens as suspects and allies as adversaries, it will not be forgotten at the ballot box. Your constituents will remember whether you defended liberty or enabled censorship.

Yours sincerely,
Dan Smith

Response

Screenshot of an email from Jim Dickson MP discussing the importance of the Online Safety Act, including points on free speech, privacy, and online harm, with his signature, office details, and a green emblem at the bottom.