The Children’s Online Privacy Protection Act (COPPA) and certain provisions of the General Data Protection Regulation (what we call GDPR-K) were created to protect the privacy of kids online. COPPA is administered by the Federal Trade Commission (FTC) and the GDPR by each EU countries’ data protection authority or DPA (it became enforceable in all EU member states in May 2018). Both laws have an extraterritorial scope, which means they are enforceable against companies based anywhere in the world to the extent they have users in the USA or EU respectively.
COPPA defines children as users of any digital service that are below the age of 13 while GDPR-K defines them as under 16.
Note that GDPR-K has been implemented in the UK via the new Data Protection Bill, and its provisions will apply in the UK irrespective of Brexit.