Researchers’ access to information from regulated online services

Online safety Illegal and harmful content Consultations and statements
Published: 28 October 2024
Consultation closes: 17 January 2025
Status: Closed (statement published)
Last updated: 8 July 2025

Ofcom has today published a report examining how researchers could gain better access to information from regulated online services to support work on online safety matters. The report outlines three policy options for government consideration as part of any future access framework.

Access to high-quality information about the digital ecosystem is vital for empowering people with greater knowledge about online safety matters. This information can provide important insights into online harms, enable users to make informed decisions about their digital habits, and support researchers and policymakers in assessing measures intended to mitigate those harms.  

The Online Safety Act requires Ofcom to produce a report on how and to what extent independent researchers access information about online safety matters from providers of regulated online services. The report also explores the current constraints on information sharing for research purposes and assesses how greater access might be achieved.

We have sought views from a diverse range of stakeholders in preparing this report, including other regulatory and government bodies, UK Research and Innovation, academics, civil society groups and regulated services. We also requested evidence of how researchers have overcome information-sharing constraints in sectors beyond online safety, where such cases might illustrate effective data governance or data-sharing mechanisms.

Our report has been submitted to the Secretary of State, who has laid it before the UK Parliament today.

In parallel to our work, the UK Parliament has enacted the Data (Use and Access) Act 2025 that allows the UK Government to create, if it chooses to do so, a new framework to enable researchers to access information regarding online safety matters held by regulated services. 

Policy Options

We outline three potential policy options and models for facilitating greater researcher access, which include:

  1. Clarify existing legal rules: Relevant authorities, could provide additional guidance on what is already legally permitted for researcher access on important issues, such as data donations and research-related scraping.
  1. Create new duties, enforced by a backstop regulator: Services could be required to put in place systems and processes to operationalise data access. This could include new duties on regulated services to create standard procedures for researcher accreditation. Services would be responsible for providing researchers with data directly or providing the interface through which they can access it and offering appeal and redress mechanisms. A backstop regulator could enforce these duties – either an existing or new body. 
  1. Enable and manage access via independent intermediary: New legal powers could be granted to a trusted third party which would facilitate and manage researchers’ access to data. This intermediary – which could again be an existing or new body – would accredit researchers and provide secure access.

Our report describes three types of intermediary that could be considered – direct access intermediary, notice to service intermediary and repository intermediary models.

  • Direct access intermediary. Researchers could request data with an intermediary facilitating secure access. In this model, services could retain responsibility for hosting and providing data while the intermediary maintains the interface by which researchers request access.
  • Notice to service intermediary. Researchers could apply for accreditation and request access to specific datasets via the intermediary. This could include data that would not be accessible in direct access models. The intermediary would review and refuse or approve access. Services would then be required to provide access to the approved data.
  • Repository intermediary. The intermediary could itself provide direct access to data, by providing an interface for data access and/or hosting the data itself and taking responsibility for data governance. This could also include data that would not be accessible in direct access models.

Through our analysis, it has become evident that no single model is likely to meet the full range of researcher needs. A layered, flexible approach – combining legal clarity, technical safeguards, and independent oversight – offers the best chance of enabling responsible, timely and useful information access.

The policy options and models within them do not need to be considered in isolation and could be regarded as complementary. Elements from different models, combined with enabling measures, may present more effective means of facilitating researcher access depending on policy objectives.

We look forward to engaging with the UK Government on these issues in more detail as it considers the design of any future access framework.

Read the report

Researchers' access to information from regulated online services (pdf, 1.3 MB)

Original Call for Evidence

This is a call for evidence for the report that Ofcom must produce under the Act about researchers’ access to information from online services to study online safety matters.

The Act requires Ofcom to report on how and to what extent independent researchers access information about online safety matters from providers of regulated services. The report will also explore the current constraints on information sharing for research purposes and assess whether greater access might be achieved. This call for evidence is to give stakeholders an opportunity to provide information and evidence which Ofcom can take into consideration when producing the report.

We are seeking evidence and input on the following:

  • how and to what extent independent researchers currently access information from providers of regulated services;
  • the challenges that currently constrain information sharing for these purposes; and,
  • how greater access to this information might be achieved.

We are also open to receiving evidence about how researchers have overcome information sharing constraints in areas other than online safety, where that might demonstrate what effective data governance or data-sharing mechanisms are available.

Taking into account responses to this call for evidence and other relevant input, we will then prepare our report, which will be submitted to Government within 18 months of the relevant sections of the Act coming into force and then laid before Parliament. We will also publish the report on Ofcom’s website.

Main documents

Call for evidence - Researchers access to information from regulated online services PDF 264.94 KB 28 October 2024

Responses

5Rights PDF 223.51 KB 8 July 2025
Ada Lovelace Institute PDF 289.1 KB 8 July 2025
Atlantic Council Democracy + Tech Initiative PDF 121.04 KB 8 July 2025
British Academy PDF 172.65 KB 8 July 2025
Centro de Estudios en Libertad de Expresión (CELE) PDF 179.12 KB 8 July 2025
Dommett, Dr. K, Orben, Dr. A and Zendle, Dr. D PDF 357.56 KB 8 July 2025
Economic and Social Research Council (UK Research an Innovation), Smart Data Research UK PDF 299.07 KB 8 July 2025
Global Witness PDF 151.42 KB 8 July 2025
Institute for Strategic Dialogue (ISD) PDF 290.78 KB 8 July 2025
Knight-Georgetown Institute PDF 611.84 KB 8 July 2025
Leon Y. Xiao PDF 184.96 KB 8 July 2025
medConfidential PDF 103.95 KB 8 July 2025
Meta PDF 374.89 KB 8 July 2025
Minderoo Centre for Technology and Democracy PDF 218.95 KB 8 July 2025
Name Withheld 1 PDF 226.22 KB 8 July 2025
Name Withheld 2 PDF 113.19 KB 8 July 2025
National Society for the Prevention of Cruelty to Children PDF 206.18 KB 8 July 2025
New Political Communications Unit, Royal Holloway University London PDF 3.24 MB 8 July 2025
NYU Stern Center for Business and Human Rights PDF 212.05 KB 8 July 2025
NYU’s Center for Social Media and Politics (CSMaP) PDF 257.55 KB 8 July 2025
Online Safety Act Network PDF 145.16 KB 8 July 2025
Open Data Institute PDF 163.1 KB 8 July 2025
OpenMined Foundation PDF 209.15 KB 8 July 2025
REPHRAIN- The National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online PDF 2.33 MB 8 July 2025
Reset.tech PDF 95.59 KB 8 July 2025
Smart Data Research, University of Liverpool PDF 166.71 KB 8 July 2025
The British and Irish Law Education Technology Association (BILETA) PDF 232.29 KB 8 July 2025

Contact details

Address

Online Safety Policy Delivery Team
Ofcom Riverside House
2A Southwark Bridge Road
London
SE1 9HA

Email: Researcheraccess@ofcom.org.uk
Back to top