Reed Smith In-depth

Key takeaways

  • Ofcom finalises new codes under the OSA, setting out child safety duties for online services.
  • Services must assess risks by age group and address new harm types, including body stigma and depression content.
  • Key deadlines are approaching, with risk assessments due by 24 July 2025 and mitigation measures applying from 25 July 2025.

On 24 April 2025, Ofcom published its updated Protection of Children Codes of Practice (the Codes) and related guidance under the Online Safety Act 2023 (OSA), marking a major milestone in the UK’s regulatory landscape for the protection of children online. The Codes, accompanied by comprehensive risk assessment guidance and supporting materials, establish a detailed set of expectations for online user-to-user and search service providers to safeguard young users from a spectrum of online harms.

See our previous materials for more details on who the rules apply to, the key obligations and the consequences of non-compliance. Also see our summary of the consultation version of the Codes and our OSA tracker.

Below, we summarise the key changes from the consultation version and outline the associated timeframes.