X Close Search

Companies Face Tough New U.K. Child Protection Laws

The new changes will apply to any online service that tracks or collates children’s data including social media, online games, messaging apps, news outlets, educational services, live streaming platforms and search engines as well as any website offering goods or services to users, and will be applicable to UK-based companies as well as non-UK companies who process the personal data of UK children. If you are affected by anything touched on within this article, follow the links to our various support services or click on the blue logo icon at the bottom right of the screen to start using Cybersmile Assistant, our smart AI support assistant.

Companies operating in the UK, including big tech and social media companies, will now need to follow tough new child data and privacy protection codes of practice brought into force with the introduction of The Age Appropriate Design Code. The new code lays out standards that companies are now expected to build into any online services used by children – making the protection of young people a priority from the design up.

Under the new code of practice, digital technologies such as location tracking, profiling, and use of nudge techniques that encourage users to provide unnecessary personal data, are among the tech features that must be switched off or limited by default to protect younger users.

The new changes will apply to any online service that tracks or collates children’s data including social media, online games, messaging apps, news outlets, educational services, live streaming platforms and search engines as well as any website offering goods or services to users, and will be applicable to UK-based companies as well as non-UK companies who process the personal data of UK children.

“The internet was not designed with children in mind and I think the Age Appropriate Design Code will go a long way to ensure that kids have the right kind of experience online. I think it will be astonishing when we look back to ever think of a time when we didn’t have protections for children online because I think they need to be protected in the online world in the same way that they’re protected in the offline world.”

Elizabeth Denham CBE, UK Information Commissioner

Companies that do not comply with the new rules risk being fined up to £17.5 million or 4% of their annual worldwide turnover for serious failures – with a warning from the Information Commissioners Office (ICO) that it will take more severe action against breaches involving children where it sees harm or potential harm.

Companies were given a year to ensure compliance with the new codes of practice, which has already prompted a number of recent changes. These include Instagram announcing all users now being required to provide their date of birth, Google introducing a number of privacy policy changes for children using its search engine and YouTube and TikTok limiting the direct messaging abilities of younger users as well as offering advice to parents and caregivers on how to support teenagers when they sign up.

If you are affected by anything touched on within this article, we can help you. Visit our Help Center or click on the blue logo icon at the bottom right of the screen to open Cybersmile Assistant, our smart AI support assistant.

To learn more about Cybersmile and our work, please explore the following recommendations:

Share your thoughts on this news by contacting us or tweet us @CybersmileHQ.