Google's Play Store is full of apps that improperly track children

Tuesday, 17 Apr, 2018

Some 256 (4.4%) were found to collect geolocation data, 107 shared the device owner's email address and 10 even shared the user's phone number. But the authors contest that the sheer number of apps with tracking works indicated that non-compliance was widespread and that their sample was big enough to be representative of the wider app economy.

The report continues that third-party software development kits (SDKs) are largely to blame for the high proportion of apps potentially in violation of COPPA.

Other crucial discoveries that were made under the study include 281 apps that collected the location or contact data of children without asking for permission from parents, and 1,100 apps that shared persistent identifying information that can be used for behavioral advertising methods that are banned to be used on children.

Furthermore, it says Google's efforts to limit tracking by using resettable advertising IDs are largely ineffective.

The study, which comes from researchers at the International Computer Science Institute in Berkeley, CA, analyzed 5,855 of the most popular free Android apps targeted at kids and families.

The reputation of Android apps has always been questioned when it comes to security.

According to the "Korea Mobile Internet Industry Report 2017" published last month by the Korea Mobile Internet Business Association, Google Play accounted for around 60.7 percent of mobile app content sales past year, with most of the revenue coming from mobile games.

Although the FTC did not explicitly state that they would investigate Google's abuse of market dominance, it seems that the FTC inquired whether or not Google committed unfair trade practices as the FTC caught some circumstantial evidence of Google's violations of law. Shackelford sees the study fitting into our present conversation about social media: This should be a wakeup call to these developers, along with platforms like Google and Facebook that host them.

Looking for help keeping your kids private?

Dormann works at the CERT Coordination Center (CERT/CC), and focused on the free tools that more people are likely to use, He found that while it was surprisingly common to find that keys, codes and passwords were embedded in apps - either through laziness or because that's how particular SDKs work - some apps were better at hiding what was happening than others. "Remember, the Internet is written in ink!"