Regulatory information

eSafety’s purpose is to help safeguard Australians at risk from online harms and to promote safer, more positive online experiences.

eSafety has a range of regulatory functions and powers, which we apply in a flexible and integrated way to promote compliance and achieve good outcomes for all Australians.

These powers are enhanced by the Online Safety Act 2021, commencing 23 January 2022. 

The Online Safety Act

The Australian government enacted the Online Safety Act 2021 to better equip eSafety to prevent and address current and future online harms in a rapidly changing environment.

The Act enhances eSafety’s regulatory schemes for dealing with the cyberbullying of children, image-based abuse, and illegal or restricted online content, while also introducing a new scheme for dealing with adult cyber abuse.

Our approach is set out in our regulatory posture (or philosophy) and our regulatory priorities for the 2021-22 financial year. Our Regulatory guidance documents explain how eSafety implements each of the regulatory schemes included in the Act.

Basic Online Safety Expectations

The Act allows the development of Basic Online Safety Expectations for a broad range of online services, outlining the fundamental safety practices expected of service providers. By empowering eSafety to request or require information about how services are protecting the online safety of their users, the Expectations will drive greater transparency and accountability.

Find more information about the Basic Online Safety Expectations and download a summary of the information provided by eSafety at a session with industry on 21 June 2022, outlining key aspects of our regulatory approach.

Safety by Design

Safety by Design is an initiative that puts user safety and rights at the centre of design and development of online products and services.

Rather than retrofitting safeguards after a harm has occurred, Safety by Design focuses on how technology developers and service providers can prevent online harms by anticipating, detecting and eliminating risks for users before their products and services reach the market and throughout their lifecycle.

This proactive approach focuses on embedding safety into the culture, leadership and processes of industry participants. It emphasises accountability and aims to foster more positive, civil and rewarding online experiences for everyone.

Industry codes

The Act gives industry bodies or associations the opportunity to develop a new code, or set of codes, which would be registered by eSafety to regulate and prevent the spread of certain types of harmful online material. 

This ‘class 1’ and ‘class 2’ material ranges from the most seriously harmful online content, such as videos showing the sexual abuse of children or acts of terrorism, through to content which is inappropriate for children, such as online pornography.

The codes would apply to the participants of eight key sections of the online industry, including providers of social media, messaging, search engine and app distribution services, as well as internet and hosting service providers, manufacturers and suppliers of equipment used to access online services, and those that install and maintain the equipment.

eSafety must make reasonable efforts to make sure an adequate code for each section of the online industry is registered within six months of commencement of the Act. However, the Act allows for standards to be imposed if the online industry cannot reach agreement on codes.

To help the online industry develop the codes, eSafety released a position paper in September 2021 setting out 11 policy positions regarding the substance, design, development and administration of industry codes, as well as eSafety’s preferred model based on risks and outcomes.

eSafety has engaged with several industry bodies and associations and will continue to work with them to have codes registered within the legislative time frame.