The Australian government is drafting legislation for a 'digital duty of care' that would require social media platforms and other online providers to establish risk management systems to identify and mitigate potential harms. However, the effectiveness of this regulatory framework will depend on whether digital platforms, governments, and the public can meaningfully observe what is happening—a concept known as platform observability.
What the digital duty of care entails
Australia already regulates online safety through a kids' social media account ban, complaints systems for reporting illegal or harmful content like cyberbullying and harassment, and codes of practice for age-inappropriate content. But these measures are inadequate when algorithms promote harmful content. The UK and EU have already imposed duties of care on platforms, and Australia plans to follow.
The digital duty of care would require platforms to take reasonable steps to mitigate harms from algorithms that hack attention, promote scams, target users with ads for addictive products like gambling and alcohol, or show harmful content about eating disorders or untested health products. Platforms have more data and technical capacity than any single person or regulator to tackle these harms. The duty should also ensure information with public and community value—such as trusted public health information—isn't buried or banished from feeds.
The observability challenge
Knowing whether the duty of care is working requires observability measures. Feeds are highly personalised and content often ephemeral, disappearing within hours. Current transparency measures provide only partial information. Our research on digital advertising demonstrates this problem: advertising libraries are incomplete, transparency reports aggregate away important detail, and user-facing explanations like 'why am I seeing this ad?' offer limited insight into complex targeting and recommendation systems. Knowing why one person received a particular ad tells little about who didn't receive it or reveals patterns of exclusion.
Platforms have increasingly controlled who gets to research their content. Platform-approved researchers often see only what platforms choose to make visible, in formats platforms define, using tools platforms control. This contrasts with 20th-century broadcasting, where independent ratings agencies measured what was happening, providing independent verification for advertisers, creators, regulators, and the public.
Building an ecosystem of observability
A digital duty of care should be accompanied by an ecosystem of observability where researchers, journalists, regulators, and civil society organisations work together to understand platform operations and hold them accountable. Legislation should include three additional protections based on research experience: first, researchers conducting legitimate public-interest work should be protected from platform retaliation; second, platforms should provide meaningful access to data for independent research, exportable without limits on publication; third, Australians should have stronger rights to access, download, and donate their own platform data for research purposes.
These measures would create foundations for ongoing accountability rather than one-off compliance exercises. The digital duty of care is an important opportunity, but its success depends on both the scope of the duty and the ecosystem needed to observe, evaluate, and challenge platform behaviour over time.



