The future of games & tech — 5 key takeaways from the RE:FORMAT Summit

We explore the key insights shaping the future of games, digital creative and tech from this year’s FORMAT Group Summit.
Talk to us: 0333 004 4488 | hello@brabners.com
The Information Commissioner’s Office (ICO) — the UK’s data protection regulator — has issued a fine of £12,700,000 to TikTok Information Technologies UK Limited and TikTok Inc (TikTok) for a number of breaches of data protection law, including failing to use children’s personal data lawfully. Our expert Eleanore Beard explains the decision.
The ICO’s decision comes after the Dutch regulator fined TikTok €750,000 in July 2021 for violating the privacy of young children. By not offering its privacy statement in Dutch, TikTok failed to provide an adequate explanation of how the app collects, processes and uses personal data.
While data protection legislation is designed to protect everyone, there are additional child-specific considerations if you are processing children’s personal data, as they may be less aware of the risks, consequences and safeguards concerned, as well as their rights in relation to the processing of personal data.
While TikTok has now been hit with a hefty fine, the figure is not as large as it could have been. In September 2022, the ICO issued a ‘notice of intent’ to TikTok, indicating that it could face a fine of £27 million for its breaches, which included failing to protect children’s privacy. The ICO indicated that the notice was provisional and that it would consider any representations from the company before issuing its final decision.
The ICO has now finalised its decision and — having found TikTok in breach of a number of UK GDPR Articles — issued a fine that has been significantly reduced from its original notice of intent.
The ICO’s final decision found that TikTok was providing its services to an estimated one million UK children under the age of 13. By processing their personal data without consent or authorisation from their parents or carers (contrary to Article 8) it had failed to provide proper information to users about how their data is collected, used and shared in a way that is easy to understand (contrary to Article 12 and 13). It had also failed to ensure that the personal data belonging to its UK users was processed lawfully, fairly and in a transparent manner (contrary to Article 5).
The ICO has said that TikTok did not do enough to check who was using its platform or take sufficient action to remove its underage child users.
However, the ICO did not pursue its initial allegation that TikTok had processed special category data without the legal grounds to do so. Special category data includes information such as ethnic and racial origin, political opinions, religious beliefs, sexual orientation or health data and therefore should be afforded increased protection.
This latest ICO decision reinforces the importance of ensuring that relevant checks and balances are in place to protect the privacy of individuals, especially where children’s data is concerned.
In September 2022, the ICO issued its Children’s Code, which provides additional layers of protection for online services. These should be followed for apps, games, connected toys or devices and news services, which are likely to be accessed by children even if they are not aimed at children. It is of note that TikTok’s breaches of data protection legislation predate the ICO’s Children’s Code.
If you or your organisation have any queries on how to handle children’s personal data, or how to establish a compliant data privacy culture, please contact me at eleanore.beard@brabners.com or our wider data protection team.

We explore the key insights shaping the future of games, digital creative and tech from this year’s FORMAT Group Summit.

We explore the ESPR’s implications for M&A and outline what businesses should be doing in response.

We explore the potential impact of the Government's consultation and outline the practical steps that you can take to prepare.

Live from Old Trafford, we explored the realities of geopolitical risk, security threats, commercial sustainability and the growing role of technology.

We explore the key changes and outline the practical steps that retailers need to take ahead of 2027.

We explore the tension between AI‑driven optimism and growing fears of an overinflated tech bubble.

We explore what the HFSS regime means in practice, break down how the ASA is applying the rules and outlines the steps that retailers should take now.

We explain why uncontrolled use of public AI tools creates real confidentiality and data protection risks and outline how you can manage them safely.

We explore how scaleup policy, growth opportunities and local engagement help ambitious businesses to turn national strategy into practical support.

We break down the sector-wide impact of the Government’s funding boost and prescribing reforms.

We explore the sector’s digital shift, from predictive repairs and income management to tenant engagement and the governance needed for responsible AI use.

We brought the retail sector together in London for a focused look at the risks, from physical threats, digital disruption and reputational challenges.

We delve into the new data, what it tells us about the ‘modern family’ and the steps that cohabiting couples should take to protect their rights.

We explore how new parliamentary findings and the Government’s updated position are shifting the UK’s direction on AI and copyright.

We explain how AI patent applications are now being assessed and what this means for innovation and patent strategies.

We explore why retailers are particularly affected by deepfakes and the implications around data protection, IP, advertising compliance and more.

We explore how AI is transforming data protection, the risks that organisations now face and what effective compliance looks like today.

We explore the key challenges retailers face with Martyn’s Law, how to balance compliance with operations and the common misconceptions.

We outline how an overseas marriage is treated under English and Welsh law for anyone considering divorce.

We break down the key insights from each panel, exploring AI's real-world impact and why it’s crucial to balance innovation with long‑term sustainability.

We explore the key findings from the study and outline what they mean for clubs, governing bodies and others responsible for player welfare.

We set out seven practical steps to help retailers to prepare, respond decisively and recover quickly when the unexpected happens.

AI is enhancing performance and even scouting future talent in elite sport. Sports technology and data are key to success, but come with legal risks.

We discuss the key opportunities and considerations shaping the future of sustainable AI and quantum‑powered technology.

We break down what the ICO found and outline three key steps that UK businesses should take now.