Security experts at the International Computer Science Institute discovered something upsetting among more than 5,800 popular apps for kids. More than half – 57 percent – spy on kids without their parents’ knowledge. Some of these apps are familiar: Where’s my Water?, Minion Rush, and even Duolingo, the learning app most used by young people.
“We identified several concerning violations and trends: clear violations when apps share location or contact information without consent (4.8 percent), sharing of personal information without applying reasonable security measures (40 percent), potential non-compliance by sharing persistent identifiers with third parties for prohibited purposes (18.8 percent), and ignorance or disregard for contractual obligations aimed at protecting children’s privacy (39 percent).”
The results, summarized as a “market failure” by the investigative team, have to do with Android versions: it’s unknown if the apps also violate privacy on iOS.
“Although we cannot know the true number of children’s apps in the Play Store, we believe that our results are representative, given that the apps that we examined represent the most popular free ones.”
The report explains that, unfortunately, there’s no easy way for parents to protect their kids, since practices carried out by companies are subtle and obscure, thus difficult to detect.
Google has worked to ensure that app developers for young people comply with laws protecting children’s data. “However, as our results show, there appears to not be any (or only limited) enforcement.” The study suggests that it wouldn’t be too difficult for Google to increase the search for apps violating children’s privacy protection laws.
In response to the study, Disney, Gameloft, and Google released statements saying that the protection of children’s rights is important to them and they have committed themselves to investigate further.