Many of today's most popular mobile applications for children are collecting personal information from those young technology users and sharing it with advertisers and other third parties without their parents' knowledge or consent, according to a new federal report.
The report, "Mobile Apps for Kids: Disclosures Still Not Making the Grade," was released this week by the Federal Trade Commission. It offers a stinging breakdown of what it describes as the failure of the technology industry—including app stores, developers, and third parties offering services within the apps—to consider children's and families' basic privacy while pedding their products.
The commission, an agency that seeks to protect consumers from anti-competitive or deceptive practices, originally flagged worries about privacy and the lack of information available to parents about apps in a report released earlier this year. It was based on a survey of mobile applications for children offered through Apple's app store and Gooogle's Android Market, which the report identifies as the two largest American app stores.
The new report is based on a follow up survey conducted earlier this year, a review that took the additional step of testing popular apps' practices against the disclosures they made. It found that many apps offer interactive features, or share children's information, without informing parents.
"Industry appears to have made little or no progress in improving its disclosures since the first kids' app survey was conducted, and the new survey confirms that undisclosed sharing occurs on a frequent basis," the FTC states, adding, that "it is clear that more needs to be done in order to provide parents with greater transparency in the mobile app marketplace."
The FTC found that 59 percent of 400 apps reviewed transmitted some kind of information from the user's mobile device either back to the developer, or to a third party. The most common type of information given to the developer, or, more often, to analytics companies, advertising networks, or other third parties, was the "device ID," a collection of letters or numbers that identifies individual mobile devices.
It was much rarer for apps to give away a user's phone number (which occurred only 1 percent of the time) or geolocation (3 percent of the time), the report found. But the turning over of that data is nonetheless a source of worry, the FTC argued. A third party who collects this information could potentially "add it to any data previously collected through other apps running on the same device," or turn over that information to advertisers.
Similarly, families are often left in the dark about the tide of advertising directed toward children in apps, the report concluded. Just 15 percent of the apps reviewed disclosed whether or not they contained advertising—which, on its face was an improvement over the previous survey. But a much stronger percentage of apps, 58 percent, did contain advertising, and in some cases, the FTC found that apps that claimed not to include advertising, did in fact do so.
Some apps' promotional pages did not show that they contained advertising, but FTC staff found ads after downloading or running the app. In some cases, those ads were "mature in nature," the FTC noted.
The report includes an example of one app which, on its promotional page, presented innocuous screenshots. But after FTC staff downloaded the app, they found that it contained a promotion for an online dating site: "See 1000+ Singles."
While a number of the practices identified in the report amount amount to federal violations of federal law, simply enforcing the law cannot solve the entire problem, the authors say. The FTC calls on various camps within the technology industry, including app stores, developers, and third parties, to adhere to practices identified by the commission and engage in "privacy-by-design," to prevent the release of personal information, and give consumers more information about when it is occurring.
The FTC is also launching a number of investigations into whether "certain entities in the mobile app marketplace" are violating the Children's Online Privacy Protection Act, the report explains. In addition, the agency is developing consumer education information for parents to help them become more informed about mobile apps and how to avoid products that don't disclose how children's personal information is being used.