Privacy & Compliance Reddit Hit With $20 Million UK Data Privacy Fine Over Child Safety Failings Britain’s data privacy watchdog slapped online forum Reddit on Tuesday with a fine worth nearly $20 million for failures involving children’s personal information. By Associated Press | February 25, 2026 (5:04 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Britain’s data privacy watchdog slapped online forum Reddit on Tuesday with a fine worth nearly $20 million for failures involving children’s personal information. The Information Commissioner’s Office said it issued the penalty worth 14.5 million pounds ($19.5 million) because the failures resulted in the platform using children’s data “unlawfully.” “Children under 13 had their personal information collected and used in ways they could not understand, consent to or control. That left them potentially exposed to content they should not have seen,” said Information Commissioner John Edwards. “This is unacceptable and has resulted in today’s fine.” The U.K. privacy regulator has been escalating scrutiny of online platforms over child safety. Earlier this month it hit MediaLab, owner of image-sharing site Imgur, with a 247,590 pound fine over similar failures and it has also been investigating TikTok since last year. The watchdog took issue with Reddit’s age verification measures. It said that even though the platform doesn’t allow children under 13 to use its service, it didn’t have any way to check the ages of its users before July 2025. Edwards said online platforms that are likely to be accessed by children are responsible for protecting them by making sure they’re not exposed to any risks “through the way their data is used.” They can do this with “effective age assurance measures,” he said. Advertisement. Scroll to continue reading. Reddit rolled out age verification measures in July 2025 in order for users to access mature content, including asking them to declare their age when setting up an account. But the watchdog said “self-declaration” is easy to bypass and that it told Reddit it would continue to monitor the platform’s handling of children’s data. Reddit said it would appeal the decision. “Reddit doesn’t require users to share information about their identities, regardless of age, because we are deeply committed to their privacy and safety,” the company said in a statement. “The ICO’s insistence that we collect more private information on every UK user is counterintuitive and at odds with our strong belief in our users’ online privacy and safety.” Related : Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches Related : Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal Related : Vodafone Germany Fined $51 Million Over Privacy, Security Failures Written By Associated Press More from Associated Press Mississippi Hospital System Closes All Clinics After Ransomware Attack Amazon Scraps Partnership With Surveillance Company After Super Bowl Ad Backlash Nevada Unveils New Statewide Data Classification Policy Months After Cyberattack Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows TikTok Finalizes a Deal to Form a New American Entity Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses EU Plans Phase Out of High Risk Telecom Suppliers, in Proposals Seen as Targeting China Latest News Claude’s New AI Vulnerability Scanner Sends Cybersecurity Shares Plunging Ad Tech Company Optimizely Targeted in Cyberattack ‘Arkanix Stealer’ Malware Disappears Shortly After Debut VMware Aria Operations Vulnerability Could Allow Remote Code Execution CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM GitHub Issues Abused in Copilot Attack Leading to Repository Takeover Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Identity Under Attack: Why Every Business Must Respond Now February 11, 2026 Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise. Register Virtual Event: Ransomware Resilience & Recovery 2026 Summit February 25, 2026 SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats. Submit People on the Move Wealth management platform Envestnet announced the appointment of Rich Friedberg as CISO. Yuneeb Khan has been named Chief Financial Officer of KnowBe4, succeeding Bob Reich, who is retiring. Cyera has appointed Brandon Sweeney as President, Shira Azran as Chief Legal Officer and Joseph Iantosca as Chief Financial Officer. More People On The Move Expert Insights How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Living off the AI: The Next Evolution of Attacker Tradecraft Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP. (Etay Maor) Why We Can’t Let AI Take the Wheel of Cyber Defense The fastest way to squander the promise of AI is to mistake automation for assurance, and novelty for resilience. (Steve Durbin) The Upside Down is Real: What Stranger Things Teaches Us About Modern Cybersecurity To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down. (Nadir Izrael) Flipboard Reddit Whatsapp Whatsapp Email