On August 27, 2025, the imageboard website 4chan Community Support LLC (“4chan”) and discussion forum Lolcow, LLC (dba “Kiwi Farms”) (together, the “Plaintiffs”) filed a claim in the U.S. District Court of the District of Columbia (“Court”) asking the Court to declare, in effect, that the UK’s Online Safety Act 2023 (“OSA”) is unenforceable against the Plaintiffs. The claim was filed against Ofcom, the UK’s communications services regulator tasked with regulating and enforcing the OSA.
The Plaintiffs allege that the enforcement of the OSA against American companies is unconstitutional and that Ofcom’s actions to enforce the OSA are “intended to deliberately undermine the First Amendment and American competitiveness” (para. 113). As part of their claim, the Plaintiffs seek two permanent injunctions: one prohibiting Ofcom from enforcing the OSA against the Plaintiffs, and the other prohibiting Ofcom from issuing any further orders or demands to the Plaintiffs without “proper service” under the U.S.-UK Mutual Legal Assistance Treaty.
Background
The OSA imposes various obligations on “user-to-user” (“U2U”) services—i.e., services through which users “generate” and “encounter” content created by other users, e.g., social media and file-sharing service— to address the presence and prevalence of “illegal content”—such as terrorist content, revenge pornography, and child sexual exploitation material—on their services. U2U services that are “likely to be accessed by children” are also required to take steps to address content that is legal, but “harmful to” children. These obligations have come into force throughout 2025. Failure to comply with provisions of the OSA may result in penalties of GBP 18 million or 10% of worldwide revenue, whichever is greater.
Ofcom opened an investigation into 4chan’s compliance with the OSA in June 2025, following 4chan’s failure to adequately respond to various statutory information requests, including a request to disclose its illegal content risks assessments. Ofcom also sent formal communications to Kiwi Farms in March and July 2025 requesting records of their risk assessments. The Plaintiffs argue that such communications were not validly served under the U.S.-UK Mutual Legal Assistance Treaty.
Jurisdiction
The Plaintiffs argue that the Court has “subject matter jurisdiction over this action … because [it] arises under the Constitution and laws of the United States, specifically the First, Fourth, and Fifth Amendments to the Constitution and the Communications Decency Act” (para. 14), and that it has “personal jurisdiction” over Ofcom pursuant to the District of Columbia’s “long-arm statute, as Ofcom has committed unlawful acts within the District of Columbia by sending threatening communications to U.S.-based internet companies that interfere with their constitutional rights and business operations” (para. 15). It remains to be seen whether these jurisdictional arguments will be accepted by the Court.
* * *
The Covington team continues to closely monitor developments in online safety, including the implementation of the OSA. Please reach out to a member of the team if you have any questions.