Google Play is full of Android apps that track kids' online activity, thus violating the US privacy laws such as COPPA, claims a survey from a team of university researchers and computer scientists, according to Gizmodo.
The most troubling findings were that almost 256 apps collected geolocation data without parental permission, 107 shared user's email address and 10 of them shared phone numbers.
Consider, for example, the developer BabyBus, which has produced countless mobile games for kids under the age of six, including "Baby Panda Care", "Little Panda Restaurant", and "Toilet Training - Baby's Potty".More news: Facebook responds to how it collects data when you are logged out
"This is an incredibly important study that clears demonstrates that many apps for children are violating Coppa at a massive scale", said Josh Golin, executive director of the Campaign for Commercial Free Childhood.
"Overall, roughly 57% of the 5,855 child-directed apps that we analyzed are potentially violating COPPA", privacy experts from multiple United States universities wrote in a research paper they plan to present this summer at the Privacy Enhancing Technologies Symposium (PETS) in Barcelona, Spain. Unfortunately, they have already been downloaded up to 1,250 times, so there could be users out there carrying some very risky apps.
The reason for uncertainty regarding the exact numbers is because there is no concrete, widely agreed upon criteria for determining what apps are for children.
Other crucial discoveries that were made under the study include 281 apps that collected the location or contact data of children without asking for permission from parents, and 1,100 apps that shared persistent identifying information that can be used for behavioral advertising methods that are banned to be used on children.More news: RAW: Superstar Shakeup Brings New Faces, Loses Miz
Fun Kid Racing alone has more than 10 million downloads, according to the app page. This information was actually leaked by Google in a screenshot on the Android Developers Blog, which was nearly instantly removed, cropped, and re-uploaded. It followed the FTC's requirement of "verifiable consent", which meant that developers had to take steps to ensure that people knew what information they were giving up. We've asked Google for comment on the findings as well.
Google, in 2014, had allowed its users to reset their Android Advertising ID, which gave them better control on how online services track their data.
Worse, researchers point out that around a fifth of all the tested apps used an SDK that specifically prohibited developers from using its library in child-directed apps, due to the nature of its data collection.
The study also looked at how the apps were transferring the data, and found that 40 percent of them failed to do it in a secure way.More news: Street Fighter V new DLC character announcement, meet Falke
- OnePlus 5T Gets iPhone X Like Gesture Navigation With OxygenOS 5.1.0
- PM accuses Russian Federation and Syria of trying to cover up chemical attack
- Apple plans to launch the Apple Music of magazines
- Democrats' midterm advantage narrows in new poll
- No missiles but ballet as North Korea's Kim puts on a show
- Deceased Woman's Testimony Can Be Used In Her Murder Trial, Judge Rules
- 'Stratospheric offer' - Both PSG & Man United keen on Casemiro from Real Madrid
- Blake Shelton Dishes About Gwen After ACMs
- China's trade surplus with USA rises
- AMD's Ryzen 2 processors have been overclocked beyond 5GHz