New British Child Protection Regulations

Uploaded on 2025-05-05 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

Social media and other Internet platforms will be legally required to block children’s access to harmful content from July 2025, or face massive fines UK’s media regulator Ofcom has announced. And companies must change the algorithms recommending content to younger people and improve age checks.

Ofcom says that its Children's Codes will offer transformational new protections and the final versions have now been published and this will come into force in July 2025.

Platforms which include pornography, or content which encourages self-harm, suicide or eating disorders are among those which must change to prevent children using this content.

Dame Melanie Dawes, Ofcom Chief Executive, said: “These changes are a reset for children online. They will mean safer social media feeds with less harmful and dangerous content, protections from being contacted by strangers and effective age checks on adult content. Ofcom has been tasked with bringing about a safer generation of children online, and if companies fail to act they will face enforcement.”

Ian Russell, chairman of the Molly Rose Foundation, which was set up in memory of his daughter, who took her own life aged 14, said he was "dismayed by the lack of ambition" in the codes.

The new rules for platforms are subject to parliamentary approval under the Online Safety Act. The regulator says they contain more than 40 practical measures tech firms must take, including:

  • Safer feeds: Personalised recommendations are children’s main pathway to encountering harmful content online. Any provider that operates a recommender system and poses a medium or high risk of harmful content must configure their algorithms to filter out harmful content from children’s feeds.
  • Effective age checks:  The riskiest services must use highly effective age assurance to identify which users are children. This means they can protect them from harmful material, while preserving adults’ rights to access legal content. That may involve preventing children from accessing the entire site or app, or only some parts or kinds of content.

If services have minimum age requirements but are not using strong age checks, they must assume younger children are on their service and ensure they have an age-appropriate experience.

  •  Fast action: All sites and apps must have processes in place to review, assess and quickly tackle harmful content when they become aware of it.
  • More choice and support for children: Sites and apps are required to give children more control over their online experience. This includes allowing them to indicate what content they don’t like, to accept or decline group chat invitations, to block and mute accounts and to disable comments on their own posts. 
  • Easier reporting and complaints: Children will find it straightforward to report content or complain, and providers should respond with appropriate action. Terms of service must be clear so children can understand them.
  • Strong governance: All services must have a named person accountable for children’s safety, and a senior body should annually review the management of risk to children.

Ofcom said it has "the power to impose fines and, in very serious cases ,apply for a court order to prevent the site or app from being available in the UK... Today’s Codes of Practice are the basis for a new era of child safety regulation online. We will build on them with further consultations, in the coming months, on additional measures to protect users from illegal material and harms to children.”

The children's charity NSPCC welcomed the Codes,although they have called for Ofcom to go further, especially when it came to private messaging apps which are often encrypted, meaning platforms cannot see what is being sent.

Ofcom  |  BBC  |  Guardian  |   Irish News  |   Yahoo   |    Radio  News 

Image:  profwicks

You Might Also Read: 

New Laws To Prevent Using AI To Generate Sexual Images:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Legal Steps To Take When Facing A Cybersecurity Breach In Your Business
Entering the Cybersecurity Workforce: Where to Begin? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

Aves Netsec

Aves Netsec

Aves is a deceptive security system for enterprises who want to capture, observe and mitigate bad actors in their internal network.

NovaTech Automation

NovaTech Automation

NovaTech products and services make the world’s power grids and essential process industries more reliable, efficient, sustainable and secure.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

Kleiner Perkins

Kleiner Perkins

For five decades, Kleiner Perkins has made history by partnering with some of the most ingenious and forward-thinking founders in technology and life sciences.

Business Hive Vilnius (BHV)

Business Hive Vilnius (BHV)

BHV is one of the oldest startup incubator and technology hubs in the Baltics, primarily focused on hardware, security, blockchain, AI, fintech and enterprise software.

BIND 4.0

BIND 4.0

Bind 4.0 is an acceleration program geared toward tech startups with solutions applied to Advanced Manufacturing, Smart Energy, Health Tech or Food Tech fields.

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity is a cybersecurity and advisory firm. We specialize in penetration testing, threat hunting, incident response, regulatory compliance, and employee training services.

IntegraONE

IntegraONE

IntegraONE is a IT solutions provider offering a full range of networking and technology solutions.

Advantage

Advantage

Advantage exists to provide peace of mind in an evolving technology reliant world. We were created by visionaries who for nearly 4-decades have been passionate about providing world-class solutions.

Xceptional

Xceptional

Xceptional is a multi-award-winning technology services firm that celebrates the unique strengths of people with autism.

Techmentum

Techmentum

At Techmentum, our mission is to utilize technology to help companies succeed. Our expertise includes fully managed IT services, cybersecurity, cloud, and custom technology solutions.

Geobridge

Geobridge

Geobridge was one of the first information security solutions providers to support cryptography and payment applications for payment processors, financial institutions and retail organizations.

AccessIT Group

AccessIT Group

AccessIT Group is a specialized cybersecurity solutions provider offering a full range of advanced security services.