Published: Tue, April 17, 2018
IT | By Lester Massey

Over 3300 Android Apps on Google Play Store Are Improperly Tracking Kids

Over 3300 Android Apps on Google Play Store Are Improperly Tracking Kids

"This is an incredibly important study that clears demonstrates that many apps for children are violating Coppa at a massive scale", said Josh Golin, executive director of the Campaign for Commercial Free Childhood.

The study's authors claim that none of the apps in question attained "verifiable parental consent" for accessing or sharing this private information, which constitutes a violation of the Children's Online Privacy Protection Act (COPPA) in the US.

"We identified several concerning violations and trends", wrote the authors of the Proceedings on Privacy Enhancing Technologies, led by researchers at the International Computer Science Institute at the University of California, Berkeley. Given the dominance of the Google App platform and the interest young children have in apps, it's not practical for a parent to have to spend time trying to decipher the complex connections that drive the ad supported App industry.

The researcher's automated tool could offer the means to do this, but we suspect that there will be more data collection issues in a similar vein before Google works out a way to tackle such challenges.

Researchers have discovered over 3,000 Android apps for kids on the Google Play Store that improperly collect data, which should raise an alarm for parents around the world.

In other news, Facebook still tracks users even if they're logged out of the social network.

Up to 235 apps were accessing the phone's Global Positioning System data - 184 of which transmitted the device's location to advertisers, according to the study. Unfortunately, they have already been downloaded up to 1,250 times, so there could be users out there carrying some very unsafe apps. Some of the apps named in the report include KidzInMind, TabTale's "Pop Girls-High School Band", and Fun Kid Racing.


All the apps analyzed in their study are part of the Google Play Store "Designed for Families" (DFF) program, a section of the Play Store that lists only apps that developers say are COPPA compliant, so at least in theory, these apps should not have had any violations. In January this year, Google deleted 60 apps from Google Play store which were allowing pornographic content to be accessed by kids.

"The researchers must have stated that they are over 13 while performing these simulations", he said.

"If a robot is able to click through their consent screen which resulted in carrying data, obviously a small child that doesn't know what they're reading is likely to do the same", Egelman said.

Google did not respond to a request for comment. Developers can use our testing infrastructure to assess how well their apps comply with their privacy policies and regulatory requirements, prior to releasing those apps to the public.

The study also looked at how the apps were transferring the data, and found that 40 percent of them failed to do it in a secure way.

It connects your device to an offsite secure server and uses an encrypted connection to keep your data safe on that connection.

Like this: