Online Safety Act Illegal Harms Risk Assessment for Toot Wales
from Tŵt Blog
Below is our draft of an illegal harms risk assessment for our Mastodon service. I am publishing this in its current form as a means to share our approach to this activity. This document is not final and is subject to change, but it may be helpful in considering your own approach to assessing your service.
Preamble
Tŵt Cymru / Toot Wales (“Tŵt”) operates a small Mastodon service “toot.wales” that allows persons to request permission to create hosted accounts on the service (subject to our terms of service and account approval process) and/or create hosted accounts without approval for post priori account review; and to then publish text and media to public and private feeds. The service further allows approved users to find and follow content from a wide variety of world wide web sources, predominantly using an Internet protocol “ActivityPub” that allows third-party services using the same protocol to interoperably exchange messages with our service.
Of particular note, there are no “virality” mechanisms that would increase the risk of harm to a large number of users, as the service is predominantly user-configured chronological feeds. There are a small number of recommendation algorithms that are curated by our moderation staff and take into account all local and third-party user and domain “limits” and “suspensions”, service settings which partially or wholly block access to accounts and domains. In short, while Tŵt is a social media service, it is extremely user-centred and does not enable or facilitate viral marketing or reach.
The Tŵt service is therefore a user-to-user service, hosted in the United Kingdom with its primary audience being United Kingdom residents (“Wales and the Welsh, at home and abroad”).
The service is administered and moderated by volunteer staff who take actions on actors, behaviour, and content subject to service policies and process manuals, which are available as listed in the table below.
The service is operated and administered by the New York tax-exempt charitable incorporation “Toot Wales Inc.” with the EIN 83-4296652.
Key information
The service to which the risk assessment relates | https://toot.wales |
---|---|
Service size | 11,226 registered accounts |
The named person responsible for the risk assessment | Jaz-Michael King |
The findings of this risk assessment have been reported and recorded through appropriate governance channels | This document will be made available as required and appropriate |
Date of this risk assessment | February 17th, 2025 |
Next scheduled review date | March 1, 2026 |
Content | Risk factors | Conclusion | Rationale | Measures |
---|---|---|---|---|
Terrorism | 1a, 4a, 5,b, 5e, 7b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. In addition, the service follows alerts issued by IFTAS from the SW-ISAC account (https://mastodon.iftas.org/@sw_isac), which recommends specific sources of Advanced Persistent Threat and Terrorism and Violent Extremist Content for blocking. | None |
Child Sexual Exploitation and Abuse (CSEA): Grooming | 1a, 2, 3a, 4a, 5b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The service prohibits user accounts created by persons under the age of 18, and we are unaware of any accounts that are operated by or for a person under the age of 18. In addition, the service follows alerts issued by IFTAS from the SW-ISAC account (https://mastodon.iftas.org/@sw_isac), which recommends specific sources of CSEA and CSAM for blocking. | None |
Child Sexual Exploitation and Abuse (CSEA): Images | 1a, 2, 5b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service. The service uses industry-standard hash and match technology to review media files stored on the service to identify images or video of child abuse and/or sexual exploitation, and to date no media has resulted in a positive match. In addition, the service follows alerts issued by IFTAS from the SW-ISAC account (https://mastodon.iftas.org/@sw_isac), which recommends specific sources of CSEA and CSAM for blocking. | None |
Child Sexual Exploitation and Abuse (CSEA): URLs | 7b | Low | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is low. The content is prohibited by our terms of service. Over the past six years, two instances of URLs purporting to be links to third-party destinations where CSEA may be available were removed from the service. As we have no access to a database or directory of CSEA URLs, we respond to user-generated reports and/or moderator review to remove this content reactively. If such a database were available, we would implement a filter to disallow these URls from appearing on the service. | None |
Encouraging or assisting suicide | 1a, 5e, 5g, 7b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Hate | 1a, 3a, 5e | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. Further, the service makes use of several databases and lists of services that are known to allow this content, and we routinely defederate (disconnect and block access to and from) such services. At time of Risk Assessment the service blocks 969 domains. | None |
Harassment, stalking, threats and abuse | 1a, 3a, 4a, 5b, 5e, 5g | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. Further, the service makes use of several databases and lists of services that are known to allow this content, and we routinely defederate (disconnect and block access to and from) such services. At time of Risk Assessment the service blocks 969 domains. | None |
Controlling or coercive behaviour | 1a, 4a, 5b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. Further, the service makes use of several databases and lists of services that are known to allow this content, and we routinely defederate (disconnect and block access to and from) such services. At time of Risk Assessment the service blocks 969 domains. | None |
Drugs and psychoactive substances | 1a, 3a, 4a, 5b, 5e, 7b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Firearms, knives or other weapons | 1a | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Human trafficking | 1a, 3a, 5e | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Unlawful immigration | 1a, 3a, 5e | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Sexual exploitation of adults | 1a, 3a | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Extreme pornography | 1a, 5e | Low | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is low. The content is prohibited by our terms of service, and our proactive and reactive content moderation processes severely limit the accidental availability of such content. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Intimate image abuse | 1a, 5b, 5g | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and our proactive and reactive content moderation processes severely limit the accidental availability of such content. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. The service hashes and matches all images and video sent to the service and compares it to industry standard hash databases, and no instance of CSAM has ever been flagged as a match or a near match, further limiting intimate image abuse (as related to minors). | None |
Proceeds of crime | 1a, 3a | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Fraud and financial offences | 1a, 3a, 4a, 5b, 7b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Foreign interference | 1a, 3a, 4a, 5e, 5g, 7b | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Further, the service makes use of several databases and lists of federated services that are known to allow this content, and we routinely defederate (disconnect and block access to and from) such services. At time of Risk Assessment the service blocks 969 domains. In addition, the service follows alerts issued by IFTAS from the SW-ISAC account, which recommends specific sources for blocking. | None |
Animal cruelty | 1a, 5e | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. The content is prohibited by our terms of service, and in six years of operation no such content has been published by our hosted accounts. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. | None |
Other illegal content | Negligible | The likelihood of a visitor encountering this content, or the service being used to facilitate or commit this offence, is negligible. All harms as described in https://connect.iftas.org/library/iftas-documentation/shared-vocabulary-labels/ are disallowed and/or subject to moderator action. Where such content may be encountered from third-party web sites that can be viewed from within the service, we routinely block access to such third-party sources when notified by user reporting. |
Duties and approach
Duty | Toot Wales Approach |
---|---|
To prevent individuals from encountering priority illegal content by means of the service | Our preventive measures include the use of IFTAS’ Do-Not-Interact and IFTAS’ “CARIAD” databases, a service that monitors bad actor services and recommends defederation. A range of IP and domain blocks are applied at the service level using industry standard IP and domain reputation metrics. The service uses industry-standard hash and match technology to review media files stored on the service to identify images or video of child abuse and/or sexual exploitation. |
To effectively mitigate and manage the risk of the service being used for the commission or facilitation of a priority offence | New user accounts are reviewed, including but not limited to the IP address (geolocation and IP reputation score where appropriate), email domain, and “reason for joining”. |
To effectively mitigate and manage the risks of harm to individuals | No additional actions planned |
To minimise the length of time for which any priority illegal content is present | For the time period Mar 1, 2024 through Feb 15, 2025, our moderation team have responded to a total of: 58 service-hosted account reports (reports about our hosted users), resulting in 46 user account suspensions (predominantly for spam) in a timely fashion concordant with our Moderator Content and Account Action Process Manual. 69 reports received for third-party accounts (reports about accounts hosted by third-parties) visible from our service, 39 of which resulted in moderator action. 1,924 third-party accounts suspended for violations of our policies after moderator review. During the time period specified, we received ten appeals for our moderator actions, two of which were upheld, eight rejected. Of the eight rejected, the outcomes were six suspensions, one freeze, one limit. Our severity approach ranks actors, behaviour and content into one of three tiers with a corresponding target time-to-action: Severity: Takedown within 60 minutes Severity: Takedown within 24 hours Severity: Warning within 24 hours Regardless, three strikes leads to takedown and/or account suspension. In general, we follow the harms classifications and definitions found at https://connect.iftas.org/library/iftas-documentation/shared-vocabulary-labels/ unless local law preempts or further defines such harms. |
Where the provider is alerted by a person to the presence of any illegal content, or becomes aware of it in any other way, swiftly take down such content | As above. |
To have in place regulatory compliance and risk management arrangements | This document |
Design of functionalities, algorithms and other features | We prohibit the use of certain hashtags, removing content bearing these hashtags from our recommendation engine. Our domain blocks remove any associated listings from our “trending” or recommended content function. Our account suspensions in turn suppress listings from the account recommendation function. |
Policies on terms of use | Code of Conduct Content Guidance Automated and Bot Content Policy Federation Policy News Media Publishing Policy Spam and Inauthentic Activity Verified Accounts |
Policies on user access to the service or to particular content present on the service, including blocking users from accessing the service or particular content | https://blogs.toot.wales/toot/twt-community-code-of-conduct |
Content moderation, including taking down content | https://blogs.toot.wales/toot/twt-community-code-of-conduct |
Functionalities allowing users to control the content they encounter | The service provides content in several contexts: a personalised chronological (“home”) timeline that will only show content the user has elected to “follow” either by account or by topic; a public timeline of locally-hosted user-generated content; a public timeline of third-party user-generated content that is not otherwise prohibited or removed by our content reviewers; Notifications; Conversations Account users can use the following features to control the content they encounter: Filtering posts (drop or hide) by keyword or phrase These filters can be applied to each of the above contexts individually Hiding “boosts” (allowing content from a followed account, but not allowing that followed account’s reposts or boosts) Account muting Account blocking Domain (entire server) blocking Reporting harmful content to our staff Full technical specifications for these options is available at https://docs.joinmastodon.org/user/moderating/ |
User support measures | Users can message the staff account (teamtoot) or email our help desk help@toot.wales |
Staff policies and practices | All staff sign and agree to a Moderator Agreement and Code of Conduct. All staff are trained on and are directed by the Toot Wales Content and Account Action Process Manual. All staff undergo annual safeguarding training. |
To include provisions in the terms of service specifying how individuals are to be protected from illegal content | https://blogs.toot.wales/toot/twt-community-code-of-conduct |
A duty to apply the provisions of the terms of service consistently | As above |
A duty to include provisions in the terms of service giving information about any proactive technology used by a service for the purpose of compliance with a duty set out in s10(2) or 10(3) (including the kind of technology, when it is used, and how it works). | https://toot.wales/privacy-policy |
A duty to ensure that the provisions of the terms of service are clear and accessible | All policies are written in plain speech, reviewed annually, and linked to from various pages and account profiles on the service and our related web properties. |
Ofcom reference | Measure | Comment |
---|---|---|
ICU A2 | Accountable individual | Jaz-Michael King |
ICU C1 | Content moderation function | Service staff will review and assess suspected illegal content |
ICU C2 | Take down | Takedowns occur subject to the Moderator Process Manual. |
ICU D1 | Enabling complaints | Complaints can be received in-app by messaging the teamtoot account, or via email help@toot.wales |
ICU D2 | Easy to find complaints information | Service about page, service web site. |
ICU D7 | Appropriate action for complaints | All complaints are reviewed by staff |
ICU D10 | Appeals | All appeals are reviewed by staff |
ICU D11 | Proactive technology | Thorn Safer - CSAM hash and match IFTAS FediCheck - domain blocking |
ICU D12 | Appropriate action for complaints | All complaints are reviewed by staff |
ICU D13 | Manifestly unfounded complaints | All complaints are reviewed by staff |
ICU G1 | Terms of service | https://blogs.toot.wales/toot/twt-community-code-of-conduct https://toot.wales/privacy-policy |
ICU G3 | Clarity of terms | See ICU G1 |
ICU H1 | Proscribed organisations | The service will block any account and/or domain if we become aware that they are a member of a proscribed organisation. |