Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

UK Information Commissioner’s Office (ICO) Issued a fine for GDPR non-compliance on Failure to use robust age verification and conduct a DPIA for children’s data

Regulatory/Legal Action
First reported
Last updated
Happening score
H score 20
1 unique sources, 1 articles

Summary

Hide ▲

The ICO fined Reddit £14.47m ($19.6m) for GDPR non-compliance, escalating child-data enforcement risk for online platforms that can be reached by under-13 users. Regulators said Reddit lacked robust age verification and had not completed a DPIA before January 2025. The penalty reflected the number of children affected, the potential harm, and the duration of the failings.

Related Happenings

ICO fine against South Staffordshire Water for data breach

Regulatory/Legal Action
First: 12.05.2026 11:30 Last: 12.05.2026 11:30 Sources 1

About this happening: The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...

Open Happening

UK CNI security leaders shift toward regulation-driven cyber maturity

Target Trend
First: 19.03.2026 11:00 Last: 19.03.2026 11:00 Sources 1

About this happening: **UK CNI** security leaders are increasingly using **regulatory compliance** to drive cyber investment, a shift that matters because it is now outpacing other maturity drivers acr...

Open Happening

Companies House WebFiling data exposure affecting five million registered companies

Data Leak
First: 16.03.2026 19:07 Last: 16.03.2026 19:07 Sources 1

About this happening: A **Companies House WebFiling** access-control flaw exposed non-public company records to unauthorized logged-in users, creating a privacy and integrity risk for millions of filin...

Open Happening

ICO fines Police Scotland over phone data disclosure

Regulatory/Legal Action
First: 12.03.2026 12:30 Last: 12.03.2026 12:30 Sources 1

About this happening: **The ICO** fined **Police Scotland** **£66,000** and reprimanded the force for a **data protection failure** that exposed a female officer’s phone contents to a colleague she acc...

Open Happening

Data (Use and Access) Act 2025 (DUAA) Moving the ICO from a corporation sole to a board-run government agency. for Fully materialized within the next few weeks.

Public Sector Action
First: 26.02.2026 16:00 Last: 26.02.2026 16:00 Sources 1

About this happening: The UK **Information Commissioner's Office (ICO)** is moving from a **single-leader model** to a **board-run government agency** under the **Data (Use and Access) Act 2025 (DUAA)*...

Open Happening

Timeline

  1. 25.02.2026 11:40 2 articles · 3mo ago

    ICO fines Reddit £14.47m for child-data GDPR failings

    Legal Policy Action Update

    The UK Information Commissioner’s Office imposed a £14.47m ($19.6m) GDPR fine on Reddit after finding the platform lacked robust age verification for children under 13 and had not completed a data protection impact assessment before January 2025; the regulator said the penalty reflected the number of children affected, the potential harm, the duration of the failings, and Reddit’s global turnover.

    Show sources
    Open in new tab