Global Privacy Sweep Targets Children’s Online Safety

Key Takeaways

• Global Coordination: More than 30 privacy authorities worldwide are assessing children’s online privacy protections from November 3–7, 2025.
• Focus on Children’s Data: The sweep examines whether websites and apps used by children employ safeguards, age verification, and transparent privacy practices.
• Child’s Perspective: Regulators will test services as if they were young users, evaluating ease of access to privacy choices and account controls.
• Ten-Year Comparison: This year’s review coincides with the 10th anniversary of a similar global children’s privacy sweep in 2015.

Deep Dive

More than thirty privacy and data protection authorities around the world have launched a coordinated investigation into how websites and mobile apps used by children handle their personal data. The initiative is part of the 2025 Global Privacy Enforcement Network (GPEN) Sweep, running from November 3 to 7, 2025.

Authorities will review whether online platforms commonly used by children, including educational sites, online retailers, games, and social networks, have adequate safeguards in place to protect young users. The sweep will assess whether platforms are transparent about their data practices, limit personal data collection, and employ appropriate age verification or assurance mechanisms.

This year’s theme recognizes that digital environments form an integral part of children’s daily lives, offering spaces for creativity, social interaction, and learning. Regulators will examine whether services put the best interests of children first or, conversely, expose them to risks such as online tracking, targeted advertising, profiling, and harmful or inappropriate content.

Participants will simulate the online experience from a child’s perspective, testing how easily young users can find privacy information, make choices about their data, or delete an account. The exercise will also compare current findings with those from a similar global sweep conducted a decade ago in 2015.

The 2025 sweep is being coordinated by the Office of the Privacy Commissioner of Canada, the UK Information Commissioner’s Office, and the Office of the Data Protection Authority of Guernsey, with contributions from more than thirty international regulators, including the Information and Data Protection Commissioner (IDPC). The IDPC will focus on websites and services within its jurisdiction, spanning industries such as online shopping, education, and children’s activities.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.