Research indicates that thousands of Android apps infringe children’s privacy

In recent years, data privacy has attracted more attention. For example, after the false news storm, Facebook has fallen into the Cambridge data collection scandal. However, a new study by the International Institute of Computer Science recently pointed out that thousands of Android apps are suspected of violating the Children’s Online Privacy Protection Act (COPPA). Unlike the accusations faced by YouTube earlier, there are still some uncertainties as to who should bear legal responsibility and whether there is any clear violation.

Android apps infringe children’s privacy

The disclosure of private data is already a very bad thing. But when the muzzle was aimed at children, things became even more terrible.

It is reported that researchers have developed and used an automated tool that analyzes 5,855 Android applications marked as “family-good”. The result is very disturbing:

● In the absence of parental consent, 5% of applications will collect user’s location and contact data (such as phone number or email address);

● Even if the service clause explicitly prohibits use in children’s apps, 19% of apps (1100) will share sensitive information with third parties (perhaps related to advertising behavior);

● 39% of applications (2281) are suspected of violating Google’s Terms of Use (related to sharing persistent identifiers, which can lead to identity tracking across device platforms);

● In the absence of reasonable security measures, 40% of applications will share user’s personal information through the Internet;

● Of the 1280 apps that integrate Facebook services, 92% of apps failed to use the company’s configuration options (designed to protect users under 13).

Worse than these data, because the COPPA Act itself is not strong enough or strict, the relevant departments cannot pursue possible violations, resulting in further deterioration of the situation.

The U.S. Federal Trade Commission (FTC) explained the COPPA quite strictly and limited the application of the law to online services.

These services either directly target users under the age of 13 or have a solid understanding of these users.

What needs to be pointed out is that Duolingo, a hotly-spoken language learning service provider, has even appeared on the greylist – even if it claims to be an application for a wide audience, it is not suitable for applying the COPPA Act.

Multi-neighboring countries acknowledge sending information to third parties, but interpreting this data is only used to fix bugs or crashes of applications.