20% of Google Play apps breach child privacy rules

Half of these offending apps were “teacher approved”

Around one fifth of the top Android mobile apps for children on the Google Play store collect data that violates the Children’s Online Privacy Protection Act (COPPA). These apps have been downloaded by 492 million users.

COPPA, imposed by the Federal Trade Commission (FTC), enforces several requirements on operators of websites or online services aimed at children under 13. It also applies to operators of other websites and online services that know they are collecting personal information from children under 13.

According to Comparitech, which looked at kids’ apps’ privacy policies to see if they aligned with regulations, most of the apps collect data but fail to include a child-specific section, suggesting they collect and use children’s data the same ways they do adult data.

The research found that around 5% of apps investigated declared their services do not target or address children, despite these apps having “kids” and “toddler” in their name.

According to researchers, half of the apps in violation of COPPA are collecting data without having a comprehensive, child-specific privacy policy in place. According to researchers, while a privacy policy indicates certain personal information is collected, these apps should have a separate section on how the developers ensure children’s safety. If the app collected no data at all, this wouldn’t be necessary.

Around 9% of apps collect no data themselves but work with third parties that potentially did.

For example, one app suggests geographic location may be used through Google Analytics, and other third-party ad networks may collect various pieces of data, including geographic location and device ID, according to Comparitech. 

“In this case, a child-specific section and parental consent are necessary, as is in-depth detail about each third party. It is also likely that many of the 50 percent of app developers that collect PI themselves also work with third parties that collect PI, too.”

Related Resource

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Business in the new economyDownload now

More troubling was that 50% of apps that violated COPPA had a “teacher-approved” badge on the app store, meaning the app went through an additional layer of review with teachers and specialists evaluating the apps based on multiple criteria. This suggests the experts evaluating these apps failed to ensure they didn't violate children's privacy.

The research also found that 9% of apps put the onus on parents or children, asking children to refrain from submitting personal information to the app or for parents to monitor their child’s app usage. 

“Apps should request parental consent from the onset if they’re to collect PI (they shouldn’t expect parents to look into this themselves, and they certainly shouldn’t expect children to read privacy policies before submitting data),” the researchers said.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

Google’s Grace Hopper subsea cable lands in Cornwall
Infrastructure

Google’s Grace Hopper subsea cable lands in Cornwall

15 Sep 2021
South Korea fines Google for abusing Android dominance
Policy & legislation

South Korea fines Google for abusing Android dominance

14 Sep 2021
Google handed user data to Hong Kong authorities despite pledge
privacy

Google handed user data to Hong Kong authorities despite pledge

13 Sep 2021
Google and Microsoft's hybrid work battle shows the narrative is just as important as the technology
collaboration

Google and Microsoft's hybrid work battle shows the narrative is just as important as the technology

9 Sep 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks
Security

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021