The Ofcom Files, Part 2: IP Blocking the UK is Not Enough to Comply with the Online Safety Act
Posted on November 6, 2025 by prestonbyrne
A follow up to The Ofcom Files.
Some notes on Ofcom’s strategy to date.
As many of you know, I represent the U.S. website 4chan, pro bono, in its U.S. federal lawsuit against the UK’s communications regulator, Ofcom, together with my co-counsel Ron Coleman. The suit seeks to defend 4chan from the UK’s attempts to censor that website using the UK’s new Internet censorship law, the Online Safety Act.
What some of you may not know is that I have personally committed to defend, pro bono, any U.S. website which operates lawfully in the United States – no matter how large or small – against the UK’s attempts to infringe on the First Amendment.
And indeed, I am currently representing every single U.S. social-media enforcement target of the UK Online Safety Act, pro bono, without exception. I will continue to do so until the Online Safety Act’s capacity to harm American citizens is destroyed, by America enacting a shield statute.
This means, necessarily, taking on some of the most controversial sites on the web as one’s clients. One such client, a social media forum called “Sanctioned Suicide,” has long been a target for Ofcom’s ire because of the subject matter that the site hosts – principally, it is a mental health webforum where suicidal people are allowed to discuss the most taboo subject of all taboo subjects, suicide itself, and how they plan to go about it.
To say that this site’s subject matter is controversial is an understatement; as a Catholic I freely admit I struggled at first with representing the site. SaSu, 4chan, Gab, and Kiwi Farms – the complete list of Ofcom’s U.S. enforcement targets to date – are some of the most unsympathetic websites in the world, from a political point of view.
This was, in my view, a deliberate strategy by Ofcom: pick the most radioactive free speech targets in the world, isolate them in confidential proceedings, punish them, and publicly shame them when you claim the fine notices or blocking orders as a win. The only way to counter that strategy is to ensure that no target goes without competent counsel, every target knows what Ofcom is trying to do, and every case will be fought like hell, in as public a fashion as possible. As Justice Brandeis said, “sunlight is the best disinfectant.”
The victory condition of the U.S. pushback against Ofcom is the successful defense of the First Amendment – all of the First Amendment. If we concede even a scintilla of our constitutional rights, we fail. If we let any target fight alone, we fail. That means we defend every site, however small or controversial it may be, from foreign attempts to infringe on their constitutional rights. It means not giving up so much as an inch of ground without a major fight, if those are the instructions.
We do this because the defense of any American is the defense of us all.
SaSu is a tiny forum which didn’t have much of an appetite for a fight. Accordingly, when Ofcom came calling at the end of February, SaSu more or less immediately IP blocked the entire UK in hopes of avoiding enforcement action. (Ofcom claims this occurred in July; it in fact occurred in May.)
What Ofcom did today
And, for a time, this worked. Today, however, I can reveal that Ofcom has reversed its decision and is going after the site anyway.
Ofcom alleges that SaSu’s geo-block went down.
This is demonstrably false. The block has been consistently functional for months, and when Ofcom’s e-mail landed in my inbox, I went to check it myself by using my own VPN to access the Internet through a London IP (unlike UK policymakers, I know how to use one). Sure enough, SaSu’s nationwide site block prevented me from viewing the site.
What appears to have happened is that SaSu had a site mirror and that someone figured out a way to hit the mirror – which was also subject to the geoblock – without using a VPN. This can be for a range of reasons. The primary one is that the notion of a “UK based IP” is nonsense. Geolocation databases work by figuring out where people log in from and only after doing a lot of pattern recognition do those addresses get associated with that location. So there will be UK-based IPs that geolocate to Poland, for example, even though the end-user is sitting in the UK, because the database thinks that that IP address belongs in Poland.
What might have happened is that a third party, understanding this, could have found SaSu’s mirror, hit SaSu’s mirror with one of these IPs, and then handed the file off to the regulator as some kind of “gotcha” demonstrating that the IP geoblock was ineffective, and using the fact of the access plus the fact that there was a mirror URL to claim that SaSu was somehow trying to dishonestly mislead the regulator about its compliance with the OSA through geoblocking. (The reasons why SaSu had a mirror are SaSu’s alone/none of Ofcom’s fucking business; what it suffices to note is that both SaSu’s main site and the mirror blocked the UK.) If this is in fact what happened, it would have been a profoundly dishonest way by UK activists to try to bring down regulatory hellfire on a disfavored American company, and it merits a full parliamentary investigation (though, I won’t hold my breath waiting for that).
Ofcom, in reopening the investigation on the basis that the geoblock was down when the geoblock was in fact up, (1) reveals that it has no idea how the Internet works and (2) has made a pretty titanic mistake. Now it’ll either need to assert that the geoblock isn’t effective (when, for the most part, it is) or it’ll need to climb down (causing fury among the political constituencies which have so much power in Westminster that they forced the file to reopen in the first place).
What seems clear to me is that Ofcom needs a scalp to present to Ofcom’s political masters. It’s been decided that SaSu is it. SaSu is, arguably, the single most important scapegoat that was used to justify the Online Safety Act, with Web censorship advocates like the Molly Rose Foundation – one of the major NGO sponsors of the Online Safety Act – seemingly existing for the sole purpose of shutting SaSu down.
It bears mentioning that the NGOs in question refuse to name the site, ostensibly for harm reduction purposes, but this also prevents people from openly engaging with the issue and having an honest conversation about what the site is, what (American) legal protections it benefits from, and, therefore, what practical limitations there are on the UK trying to close it down, both now and when the UK was drafting and enacting the UK Online Safety Act. The UK’s inability to have those honest conversations at the proper time is what is causing the Online Safety Act to, slowly but surely, fail as an international regulatory scheme. This habit also led the UK to enact the Online Safety Act instead of adopting other, less censorial, approaches to make the Internet a safer place, which were ignored.
Even today, aforementioned “Safety” NGO and others are using the simple fact of the SaSu’s existence to try to convince legislators that a nationwide VPN ban that applies to every one of the 69 million men, women, and children in the United Kingdom is necessary to end SaSu specifically – like using a thermonuclear bomb to kill a fly. Only three weeks ago, these groups called for the Prime Minister to open a parliamentary inquiry and wrote a 51-page report seeking to apply additional pressure for retaliatory action. SaSu was even mentioned by Keir Starmer, albeit not by name, when he tried justifying the Online Safety Act to President Trump.
One could make the argument that SaSu was the Online Safety Act’s necessary target, the target which, if the Act failed to end it, the Act itself also failed. The credibility of the entire regime rests on it. For this reason, SaSu was the very first site Ofcom targeted for enforcement action in February 2025, months before Ofcom went after 4chan or anyone else.
When that happened, the UK censorship NGO sector clearly expected SaSu to get wiped off the face of the Earth. But SaSu, rudely, didn’t die, a fact which makes the UK censorship-industrial apparatus incandescent. The UK has no power to shut the site down, because the site and its operators are in the United States, they are not violating U.S. law, and they are conducting themselves in a manner that is protected by the First Amendment.
So, it appears, as with 4chan, Ofcom has elected to proceed with a mock execution. Based on the fact that the nationwide IP block is still live, the precedent they want to set – the message they want to send – seems pretty clear to me: Geo-IP blocking the entire UK is no longer enough to comply with the Online Safety Act.
Ofcom is trying to set the precedent that no matter where you are in the world, and no matter how much you try to keep UK users off your site, Ofcom believes you have to follow its rules – even if you’re American and you’re engaged in constitutionally protected speech and conduct. To that end, Ofcom has renewed its previous threats of fines, arrest, and imprisonment, against SaSu and its operators – all Americans.
This is not what I expected. I had expected the UK, after encountering serious resistance to its extraterritorial expansion plans in the United States with 4chan’s refusal to comply, to start considering the merits of backing down. Instead, the UK is choosing to escalate, going after a target who the Online Safety Act’s political masters desperately want to, even need to, eradicate, even though that target made good-faith efforts to block the UK from its services.
Hate to spoil the party, but Ofcom will need to go try some other country’s websites to set that precedent. The UK is not going to be allowed to lay a finger on an American.
I reproduce relevant correspondence below. We have also sent this correspondence to the White House, both Houses of Congress, individuals spearheading legislative initiatives to erect censorship shield statutes in four different states, and the nation’s leading free speech advocacy organizations.
My message to Washington and state legislators
Free speech test cases are rarely made over mundane or pedestrian or popular speech. But we call them “test cases” for a reason: because they are the test of the boundaries, and their outcome determines the future trajectory of the law and human behavior.
The lesson from this correspondence is unmistakable: the UK thinks that anyone who refuses to adhere to its content rules, wherever they are based, is fair game for threats of fines and imprisonment, even if they try to wall themselves off from the UK with comprehensive blocks of UK IP addresses.
This includes every single person in the United States. Companies like SaSu are the canaries in the coal mine. Companies most of us use every day like Meta or X are next.
This problem is not going to go away. As we have seen with the escalating war of words between the UK and X, which culminated in a British King’s Counsel putting X’s Head of Global Government Affairs through a Maoist-style pro-Online Safety Act struggle session at an inquiry hearing only yesterday, it is clear the United Kingdom – or, at least, the bunch of yahoos who currently run it – will not be content to allow any American to enjoy the full measure of their constitutional rights online, no matter how obscure the U.S. site in question may be.
See, e.g.:
They will attempt to crush anyone who resists, even if that resistance is in the form of doing everything in its power to block the entire UK from their services. The UK is willing to punish and threaten American companies – large and small – and American citizens in order to set the precedent that the UK is in charge of America’s Internet.
Our government should not allow this to be done to any American, on principle. No American client of mine will ever bend to that sort of pressure. We need to act now to prevent our most valuable companies, and their hundreds of millions of American users, from being subjected to it.
These attempts to disrespect and override American sovereignty must be answered before the same thing is done to websites used by millions of other American citizens, when the UK inevitably turns its attention to the larger and more well-moderated services we all know and love, including all of our world-beating AI companies.
In the final analysis, American citizens shouldn’t have to put up with this bullshit from foreigners. We fought, and won, many wars to secure our freedoms.
As I have been doing for nearly an entire year, I strongly urge the White House and Congress, and legislators in each of the fifty States, to intervene to protect the free speech of all American citizens.
x 28
Looks like the Hawiyes are about to unleash a Sandstorm on Ilhan "Daarood" Omar.
