The UK’s Information Commissioner’s Office (ICO) has levied a substantial £14.47 million fine on Reddit, Inc. This decision follows an investigation that revealed the platform’s failure to adequately protect the personal data of users under 13, lacking effective age verification controls and exposing young users to inappropriate content.
Investigation Findings and Legal Violations
Reddit, a platform bustling with 121 million daily users, had a policy against users under 13, yet did not enforce age verification until July 2025. The ICO found Reddit processed data of underage users without a lawful basis under UK data protection laws, as significant numbers of children under 13 were using the platform.
Additionally, Reddit did not perform a necessary Data Protection Impact Assessment (DPIA) before January 2025. This assessment is crucial for identifying and reducing risks to children’s data, particularly as the platform knowingly allowed users aged 13 to 18.
Regulatory Actions and Industry Implications
John Edwards, the UK Information Commissioner, emphasized the gravity of the situation, stating that children had their data used in ways they could not comprehend or control, exposing them to unsuitable content. He criticized platforms relying on user self-declaration for age verification and confirmed ongoing scrutiny of such practices.
The fine is the largest the ICO has issued concerning children’s privacy. It follows a prior fine against MediaLab.AI, Inc. in February 2026, prompting Imgur to exit the UK market. The ICO’s actions highlight a growing commitment to enforcing the Age Appropriate Design Code, sending a clear message to tech companies.
Reddit’s Response and Future Measures
In response, Reddit introduced age assurance measures in July 2025, including age verification for mature content access and age prompts during account setup. However, the ICO warned that self-declaration is easily circumvented and will continue to monitor Reddit’s practices regarding children’s data.
A Reddit spokesperson argued against the ICO’s demands for more extensive data collection, citing user privacy concerns. The company plans to appeal the decision, underscoring their belief in user privacy and safety.
The ICO’s enforcement efforts have reportedly benefited over 3 million children across various platforms. It continues to investigate 17 other platforms, including Discord, Pinterest, and X, and is addressing concerns with Meta and Snapchat regarding children’s location data. The penalty calculation considered the number of children affected, the potential harm, the duration of non-compliance, and Reddit’s global revenue.
