Iwas travelling home on the London Underground when more than 100 unsolicited images of an erect penis, sent over Apple’s AirDrop, appeared on my phone. The Bluetooth-enabled feature only works between iPhones that are within 10m (30 feet) of each other – around half the length of a tube carriage. I knew the sender was nearby, but I didn’t know who he was. Should I get off the train? Would I be safe to walk home if I did? Did he single me out from my fellow passengers to be his victim, or was I just a random female target picked from a list of nearby devices? What was his intent in sending the images: to threaten? To get sexual gratification? To feel powerful in his anonymity? Or just to amuse himself? For me, the consequences were akin to experiencing real-life flashing. I felt scared, embarrassed and angry. I wanted to simultaneously scream and to hide. But the consequences for the sender were nonexistent. I reported it to the police and nothing happened. The nature of the crime makes it almost impossible to trace the offender. For years, the Law Commission has been advising the government to plug this gap in legislation – a chasm between how we punish real-world behaviours and the same behaviour online – by introducing a specific cyber-flashing offence. In March 2022, the government announced it would do so as part of its huge, and much-discussed, online safety bill. If found guilty, perpetrators could face up to two years in prison. But campaigners have noted major loopholes in the proposed legislation, and have recently launched campaigns including petitions, and appeals to ministers, to close them. At the moment, the proposed legislation would only punish perpetrators who showed harmful intent, rather than working on the basis that the recipient didn’t consent to receive an image. This would mean that prosecutors would have to argue that a sender intended to either cause the victim to be “humiliated, alarmed or distressed”, or that the sender did it for their own sexual fulfilment. How do you prove what someone was thinking when they carried out such an action? How do you know if someone is getting a kick out of it when they do? This loophole will indisputably diminish the effectiveness of any new cyber-flashing law. We have seen this before. Until November 2022, the same loophole existed in the “image-based abuse” law. This similarly well-intentioned but piecemeal legislation was designed to stop so-called revenge porn – sexually explicit images or videos shared online without the subject’s approval. While there have been some high-profile successes – reality TV star Stephen Bear was jailed in March – some other image-based abuse cases have fallen apart as a result of the “intent to harm” clause. I have interviewed women on the frontline of this failure: one woman was told by police there was no case to answer even though her ex-boyfriend admitted to sharing naked images and videos of her online. After she discovered them and went to law enforcement, her former partner texted to say he hadn’t meant to cause her any harm. The case ended. A get-out-of-jail-free card, if you will. In November the government announced it was changing the image-based abuse law to include a consent clause. Having acknowledged the flaw in that law, and made amends, it’s nonsensical to repeat the same mistake in new legislation with cyber-flashing. Cyber-flashing is not a niche crime. The latest research by dating app Bumble found almost half (48%) of 18- to 24-year-olds in the UK have received a sexual photo they did not ask for, or consent to. This corroborates a 2018 study by YouGov that found 40% of women aged between 18 and 34 had been sent an unsolicited sexual image. Research by Clare McGlynn, a professor of law at Durham University, and Kelly Johnson, found that the harms to victims included sexual violation, humiliation, fear and changes to everyday behaviour (such as getting a different train). I have interviewed more than 70 women about their experiences and found the same. Cyber-flashing is not experienced as a less harmful or less damaging behaviour just because it happens digitally rather than on the street. In some cases it is reported to have felt even more violating, because it doesn’t just taint a particular place or a pavement, it taints all digital life. For those who have been AirDropped in a public place, there is not even the comfort of knowing for certain who is guilty. As our lives are lived increasingly online – our jobs, our social lives, our shopping, our news, our communities – we cannot tolerate a discrepancy in the way the law works for this space. If, as a society, we accept that people have the right to go about their day without being flashed, that should be the case wherever it happens. Sophie Gallagher is deputy features editor at i and the author of How Men Can Help