Published: Tue, April 17, 2018
IT&Software | By Alfonso Woods

Study shows thousands of apps in Google Play tracks kids' data illegally


Data collection has always been a hot topic, and the practices of various tech companies in this regard has been further highlighted by the Facebook-Cambridge Analytica data breach.

A study completed by seven researchers in the USA has found that thousands of free and popular apps on the Google Play Store for Android smartphones are violating a key privacy law in the country. The data they get from online tracking results in targeted advertising and automatic profiling of children, which is considered illegal under COPPA. COPPA, which stands for Children's Online Privacy Protection Act, regulates how apps and websites are allowed to collect and process data from children below 13 years old.

Citing the International Computer Science Institute research (ICSI), it said that more than half of 5,855 Android apps on Google Play were potentially violating United States privacy laws that protect children under 13 from invasive data collection. "The rampant potential violations that we have uncovered points out basic enforcement work that needs to be done".

"While many of these SDKs offer configuration options to respect COPPA by disabling tracking and behavioral advertising, our data suggest that a majority of apps either do not make use of these options or incorrectly propagate them across mediation SDKs".

About 40 percent of apps transmitted info without using "reasonable security measures", and almost all 1,280 apps with Facebook tie-ins were not properly using the social network's code flags to limit under-13 use.

In their research, they reviewed 5,855 popular Android apps that were specifically marketed to families with children and that were published on the Google Play Store from November 2016 to March 2018.

Some of the apps in question included Disney's "Where's My Water?", Gameloft's Minion Rush and Duolingo, the language learning app. However, Google barely enforces this on its end, or checks whether the apps truly are COPPA-compliant. Disney, Gameloft and Duolingo did not immediately respond to requests for comment from the Washington Post. They added that it would not be hard for Google to augment their research to detect the apps and the developers that may be violating child privacy laws.

While the findings of the study reveal a concerning trend among Android app for kids, the researchers claim that they are not showing "definitive legal liability".

Like this: