WHAT’S BEING CLAIMED:
- Researchers have found that 3,337 Android apps on Google Play were potentially violating the Children’s Online Privacy Protection Act (COPPA).
- These popular kids’ apps are free but may be improperly tracking the young users—their location and where they live.
- Google is now looking at the study’s findings and vowed to take the matter “very seriously.”
Researchers from the International Computer Science Institute used an automated testing process to study 5,855 Android apps on Google Play. They discovered that more than 3000 of these apps were improperly collecting kids’ information, which potentially put them in violation of the U.S. COPPA law.
The Children’s Online Privacy Protection Act or COPPA is a law that protects the privacy of children under 13. One of its guidelines states that websites must obtain parental consent for the collection or use of any personal information of young internet users under 13. COPPA is managed by the Federal Trade Commission (FTC).
By collecting contact or location data without getting a parent’s consent, 281 of the apps analyzed are already in violation of the law. More than 1000 of these kids’ apps shared constant established information with third parties for restricted purposes.
The researchers are saying that they are not filing any case against the violators but leaving it up to FTC regulators for action.
Some of the apps that were analyzed were “transmitting location data, where you go, potentially where you live,” said Serge Egelman, study co-author and director of privacy research at the International Computer Science Institute.
“There’s no way for the average consumer to tell an app can do this,” Egelman told NBC News. He recommended “not to use apps” as the solution.
According to AppBrain, more than 2,700 apps are added per day as of March 2018. It will be challenging for Google app store, and similar platforms, to inspect and monitor each one. The automated testing tool the study used could help in addressing this issue. It may still require manual inspection but it’s necessary before discarding them or involving the law.
The study’s results only show how Google and officials are challenged endlessly in implementing COPPA and other child-centered privacy laws. It’s not as simple as performing an age check or asking for parents’ permission. App developers may not be fully aware of the COPPA law because it just not entails the appropriate age for a certain app or a parent’s permission. There are numerous data sharing concerns that need to be addressed.