You expect to be safe when you go to work or when your kids play at the school playground. When you go to the doctor or get financial advice from the bank, you expect they’ll act in your interests.
In short, there are many places in our society where the people with more control or more power have a duty of care to the people using their spaces and services.
Digital platforms should be no different. They’re important places for accessing information and participating in our communities. They need to be safe and trustworthy.
This is why the Australian government is drafting legislation for a “digital duty of care”. It would require social media platforms and other online providers to establish risk management systems – to identify potential risks of harm from their services and take reasonable steps to prevent or mitigate serious harms.
However, we’ll only know if it’s working if digital platforms, governments and the public can meaningfully observe what’s going on.
This is known as platform observability. Our ongoing work and examples from overseas show that mechanisms for observability and transparency need to be, and can be, built into the regulatory framework.
Putting the responsibility on platforms
Australia already regulates online safety through three main mechanisms:
- the kids’ social media account ban
- complaints systems so people can report illegal or harmful content (like cyberbullying and harrassment) and request it be taken down
- codes of practice for limiting access to age-inappropriate content.
But these measures are inadequate when the algorithms that shape our online environment are promoting harmful content. Current product safety rules under the law don’t extend to online service providers, and it’s unclear at best whether or when general tort law would impose duties.
United Kingdom and the EU have already imposed duties of care on platforms. Australia plans to follow.
Australia’s digital duty of care should require platforms to take reasonable steps to mitigate harms from algorithms that hack our attention, promote scams, target us with ads for addictive products like gambling and alcohol, or show us harmful content about eating disorders or untested health products.
Platforms have more data and technical capacity than any single person or regulator to tackle these harms.
We also argue that a digital duty of care shouldn’t be just about reducing risks of harm. It should also entail reasonable steps to ensure information with public and community value – such as trusted public health information – isn’t buried or banished from our feeds.
How will we know it’s working?
Just as important as creating a duty of care is knowing if it’s working. Our feeds are highly personalised and content is often ephemeral, disappearing within hours. So we need to build in observability measures.
This can’t just be reporting, where platforms self-assess according to standards they largely define. Most transparency measures currently offered by platforms provide only partial information.
Our own research on digital advertising demonstrates this problem. Advertising libraries are incomplete, transparency reports aggregate away important detail, and user-facing explanations (“why am I seeing this ad?”) offer limited insight into the complex systems that shape targeting and recommendation.
Knowing why one person received a particular ad tells us very little about who didn’t receive it, or reveal patterns of exclusion, or unequal access to information.
To understand the broader scope of platform dynamics, we must observe systems at scale and over time.



