According to new research, a staggering one in five Android apps meant for kids on the Google Play Store don’t comply with data collecting regulations. The study found around 20 percent of the top 500 Android apps for kids on the Google Play Store collect data that likely breaches the Children’s Online Privacy Protection Act (COPPA). The Android apps in question have been downloaded from the Google Play Store 492million times.
The study was carried out by Compareitech, who said 101 Android apps for kids on the Google Play Store have privacy policies that “suggest” COPPA violations.
COPPA is imposed by the US’s Federal Trade Commission (FTC) and applies to apps, services and websites aimed at children under 13.
According to the study, out of the Android apps that likely violated privacy rules, the majority collected data but failed to include a child-specific section.
This means children’s data could be being collected in the same way as adults.
Researchers said: “A separate section on how the developers ensure children’s safety should be included. If the app didn’t collect any data whatsoever, this wouldn’t be necessary”.
The study also found that even if parents closely monitor which apps their children use, they could still end up downloading an Android app which potentially violates privacy rules.
That’s because half of the apps which could violate COPPA regulations boast a “teacher approved” badge on the Google Play Store.
The Compareitech study said: “274 of the apps we reviewed had received this teacher-approved tick and 50 of these (18%) were found to be in violation of COPPA guidelines. This means the apps and their privacy policies have been through two layers of review and have still passed quality control despite being in breach of COPPA’s standards.”
The research also found that nine percent of apps analysed put the onus on parents or children, asking kids to either refrain from submitting personal information (PI) or asking parents to monitor their children’s app usage.
It said: “Apps should request parental consent from the onset if they’re to collect PI (they shouldn’t expect parents to look into this themselves, and they certainly shouldn’t expect children to read privacy policies before submitting data).”
Comparitech used a number of different criteria to see if Android apps for kids violated COPPA.
According to COPPA, PI includes a first and last name, physical address, online contact information, telephone number, a photo, video or audio file which includes a child’s image or voice, and other identifying information.
Published at Wed, 23 Jun 2021 17:06:00 +0000