Skip to content

Menu

LexBlog, Inc. logo
NetworkSub-MenuBrowse by SubjectBrowse by PublisherJoin the NetworkGet StartedSubscribeSupport
Contact Us
Search
Close

Global Privacy Regulators Launch Enforcement Sweep Focused on Children’s Data Protection

By Lindsey Tonsager, Dan Cooper, Jenna Zhang & Rosie Moss on November 10, 2025
Email this postTweet this postLike this postShare this post on LinkedIn

Last week, the Global Privacy Enforcement Network (“GPEN”)—a global network of over 30 national data protection authorities—announced the launch of its annual privacy sweep. The purpose of the sweep is to examine how websites and mobile applications commonly used by children handle minors’ personal information. Members of GPEN include regulators who have long prioritized protections for children and teens, such as the Federal Trade Commission (“FTC”), the California Attorney General, the California Privacy Protection Agency, the UK Information Commissioner’s Office, the French Commission Nationale de l’Informatique et des Libertés (“CNIL”), and the Irish Data Protection Commission.

The focus of this year’s enforcement sweep is to examine whether digital services “that are known to be used by children or cater to them” collect data from those children, are transparent about their privacy practices, and have systems in place for age verification. GPEN regulators will also investigate whether those digital services employ controls designed to minimize the collection of children’s personal data.

This enforcement sweep comes amid heightened U.S. legislative and regulatory efforts to bolster online protections for children by safeguarding their personal data and limiting their access to certain content. For example, several states have enacted new laws this year that require social media providers to strengthen their data privacy and safety protections for children.

The FTC also has continued its focus on children’s privacy protections through multiple enforcement actions this year including multi-million settlements for alleged violations of the Children’s Online Privacy Protection Act (“COPPA”).

This year’s effort also marks the tenth anniversary of a similar GPEN enforcement sweep conducted in 2015, allowing regulators to compare developments over the past decade. The Office of the Privacy Commissioner of Canada, the United Kingdom’s Information Commissioner’s Office and the Office of the Data Protection Authority of Guernsey are leading this year’s sweep, and results will be compiled and published in a report in the coming months.

Companies offering services likely to be used or accessed by children should review their data collection practices and transparency measures to ensure they comply with applicable laws and regulations.

Photo of Lindsey Tonsager Lindsey Tonsager

Lindsey Tonsager is a recognized leader in representing companies before federal and state regulators, and is renowned for advising on minor protection, AI, and state comprehensive privacy laws.

Lindsey chairs the firm’s global Data Privacy and Cybersecurity practice. She advises clients in their…

Lindsey Tonsager is a recognized leader in representing companies before federal and state regulators, and is renowned for advising on minor protection, AI, and state comprehensive privacy laws.

Lindsey chairs the firm’s global Data Privacy and Cybersecurity practice. She advises clients in their strategic and proactive engagement with the Federal Trade Commission, the U.S. Congress, the California Privacy Protection Agency, and State Attorneys General on proposed changes to data protection laws, and regularly represents clients in responding to investigations and enforcement actions involving their privacy and information security practices.

Lindsey’s practice focuses on helping clients launch new products and services that implicate the laws governing the use of artificial intelligence; data processing for robotics, autonomous vehicles, and other connected devices; biometrics; online advertising; the collection of personal information from children, teens, and students online; e-mail marketing; disclosures of video viewing information; and new technologies.

Lindsey also assesses privacy and data security risks in complex corporate transactions where personal data is a critical asset or data processing risks are otherwise material. In light of a dynamic regulatory environment where new state, federal, and international data protection laws are always on the horizon and enforcement priorities are shifting, she focuses on designing risk-based global privacy programs for clients that can keep pace with evolving legal requirements and efficiently leverage the clients’ existing privacy policies and practices. She conducts data protection assessments to benchmark against legal requirements and industry trends and proposes practical risk mitigation measures.

Read more about Lindsey TonsagerEmail
Show more Show less
Photo of Dan Cooper Dan Cooper

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing…

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing clients in regulatory proceedings before privacy authorities in Europe and counseling them on their global compliance and government affairs strategies. Dan regularly lectures on the topic, and was instrumental in drafting the privacy standards applied in professional sport.

According to Chambers UK, his “level of expertise is second to none, but it’s also equally paired with a keen understanding of our business and direction.” It was noted that “he is very good at calibrating and helping to gauge risk.”

Dan is qualified to practice law in the United States, the United Kingdom, Ireland and Belgium. He has also been appointed to the advisory and expert boards of privacy NGOs and agencies, such as the IAPP’s European Advisory Board, Privacy International and the European security agency, ENISA.

Read more about Dan CooperEmail
Show more Show less
Photo of Jenna Zhang Jenna Zhang

Jenna Zhang advises clients across industries on data privacy, cybersecurity, and emerging technologies. 

Jenna partners with clients to ensure their compliance with the rapidly evolving federal and state privacy and cybersecurity laws. She supports clients in designing new products and services, drafting privacy…

Jenna Zhang advises clients across industries on data privacy, cybersecurity, and emerging technologies. 

Jenna partners with clients to ensure their compliance with the rapidly evolving federal and state privacy and cybersecurity laws. She supports clients in designing new products and services, drafting privacy notices and terms of use, responding to cyber and data security incidents, and evaluating privacy and cybersecurity risks in corporate transactions. In particular, she advises clients on substantive requirements relating to children’s and student privacy, including COPPA, FERPA, age-appropriate design code laws, and social media laws.

As part of her practice, Jenna regularly represents clients in data privacy investigations and enforcement actions brought by the Federal Trade Commission and state attorneys general. She also supports clients in proactive engagement with regulators and policymakers to ensure their perspectives are heard.

Jenna also maintains an active pro bono practice with a focus on supporting families in adoptions, guardianships, and immigration matters.

Read more about Jenna ZhangEmail
Show more Show less
Photo of Rosie Moss Rosie Moss

Rosie Moss is an associate in the firm’s Washington, DC office. She is a member of the Data Privacy and Cybersecurity Practice Group and the Technology and Communications Regulation Practice Group.

Rosie advises clients on a wide range of data privacy and technology…

Rosie Moss is an associate in the firm’s Washington, DC office. She is a member of the Data Privacy and Cybersecurity Practice Group and the Technology and Communications Regulation Practice Group.

Rosie advises clients on a wide range of data privacy and technology regulatory issues, including emerging artificial intelligence compliance matters. She assists clients in complying with federal and state privacy laws and Federal Communications Commission (FCC) regulations. Rosie also maintains an active pro bono practice.

Read more about Rosie MossEmail
Show more Show less
  • Posted in:
    Privacy and Cybersecurity
  • Blog:
    Inside Privacy
  • Organization:
    Covington & Burling LLP
  • Article: View Original Source

Call us at 1-800-913-0988 or email sales@lexblog.com.

Facebook LinkedIn Twitter RSS
  • About LexBlog
  • The Field We Built
  • Our Beliefs
  • Our Team
  • Contact LexBlog
  • Disclaimer
  • Editorial Policy
  • Terms of Service
  • Get Started
  • Publishing Solutions
  • Compass
  • Submit a Request
  • Support Center
  • System Status
Copyright © 2026, LexBlog, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo