ICO hits Imgur owner with £250K fine for mishandling children’s data

Imgur, which suspended access for users in the UK in September 2025 over concerns about a forthcoming fine from the UK Information Commissioner’s Office (ICO), now knows the price that has been put on its noncompliance with data privacy laws.

The ICO has fined MediaLab, which runs the image hosting and sharing platform, for failing to use children’s personal information lawfully. A release from the ICO says the penalty of 247,590 pounds reflects an investigation which found Imgur in breach of the UK GDPR.

Imgur misstepped in processing the personal information of children under 13 without parental consent or “any other lawful basis,” failing to implement effective age assurance measures, and failing to carry out a data protection impact assessment.

“MediaLab failed in its legal duties to protect children, putting them at unnecessary risk,” says UK Information Commissioner John Edwards. “For years, it allowed children to use Imgur without any effective age checks, while collecting and processing their data, which in turn exposed them to harmful and inappropriate content.  Age checks help organizations keep children’s personal information safe.”

“Ignoring the fact that children use these services, while processing their data unlawfully, is not acceptable. Companies that choose to ignore this can expect to face similar enforcement action.”

The ICO has the authority to issue fines of up to £17.5 million, or 4 percent of an organization’s annual worldwide turnover, whichever is higher. It says in setting the tab for MediaLab at £247,590, it “took into consideration the number of children affected by this breach, the degree of potential harm caused, the duration of the contraventions, and the company’s global turnover.”

Imgur remains inaccessible to UK users.

Article Topics

age verification  |  children  |  data privacy  |  Information Commissioner’s Office (ICO)  |  UK GDPR