Back in the early '00s how often did we stop to think about the dark side of social media? A quarter of a century later we see too frequently the tragic consequences of exposure to harmful content online. The dangers are a well-rehearsed conversation on every parental WhatsApp group. Yet until recently the only legal measures to police social media content were a patchwork belonging to the print age.

The UK's Online Safety Act is arguably the strictest piece of online content law in the world with Ofcom empowered to fine up to 10% of turnover and shut down non-compliant platforms. So why has it attracted such controversy? Surely protecting the vulnerable from criminals and bullies is exactly what our regulators should be doing?

Since its inception, the Act has laid bare diametrically opposing views: freedom of speech vs content moderation; and privacy vs security. Social media platforms have threatened to withdraw from the UK citing privacy concerns in the face of proposals to break end-to-end message encryption, but parents' groups say the measures do not go far enough.

The mixed response to what should be the internet's white knight is perhaps inevitable:  trying to change a generation's worth of online behaviour is the legislative equivalent of turning a juggernaut in a cul-de-sac. And make no mistake, this law is a juggernaut. Its 300 pages don’t even touch on many details like specific safeguards that need to be put in place.

Small business will be caught alongside big tech. Current estimates suggest potentially hundreds of thousands which might operate user-to-user channels or provide search services. They will need to follow Ofcom's extensive menu of consultations, codes of practice, and secondary legislation. Some have expressed concerns about continuing to operate with UK customers; a very real issue for the UK Government.

We have not seen a knee-jerk reaction from businesses, however, as it is clear this is a marathon and not a sprint. The well-publicised consultation on protecting children in May was a significant instalment in Ofcom's plan, but many will follow over the coming months on similarly emotive topics such as protection of women and girls.

It is clearly important to get this right, but there are concerns that the complex and slow process does not allow immediate meaningful enforcement or flexibility to respond to fast-evolving technology.

Ofcom has certainly resourced up, with reported anticipated enforcement spend over the coming years totalling hundreds of millions and prominent announcements made around collaborating with other UK regulators.

Having seen the challenges faced by bodies such as the UK's privacy regulator the ICO, who has had enforcement challenges against big tech such as Meta and Clearview AI, the early signs are that Ofcom is doing everything it can put in place a structure that will allow it to walk a long tightrope towards meaningful change.

Can the UK demonstrate leadership in digital regulation without stifling innovation and infringing on privacy? All eyes will be on what Ofcom does next.

Helena Brown is a Partner and data protection specialist at law firm Addleshaw Goddard

Agenda is a column for outside contributors. Contact: agenda@theherald.co.uk