You know there’s a law the precludes companies (websites and apps) from tracking personal data and collecting personal data if the user is under the age of 13, right? (Now, you know why Facebook wants all users to be over the age of 13, too.)
The Children’s Online Privacy Protection Act (COPPA) is supposed to make moms and dads feel safe when they provide their kids an app from the “Designed for Families” section of Google Play. Notice the “supposed to”- that’s because it’s really just a charade. (No one is saying that Apple’s iTunes Store is not just as guilty- it’s just that those apps are not open source, so testing and manipulation of the app is more problematic.)
Too many of those apps simply don’t bother to comply with the law. The apps record serial numbers of the device being used so that folks can track your kids (especially when this is paired with the device’s location data) . These apps also collect eMail addresses and a slew of other data that are then sold to other firms. Without telling anyone. Which is absolutely against the law.
The International Computer Science Institute has tested a slew (some 5000 and growing) of these apps. Now, the institute believes that all these developers were not nefarious (see below for where the courts may fall)- but the developers certainly didn’t worry what advertisers were going to do with the data they were selling them. (Let us not forget that selling this data is still against the law!) And, Google only requires that the developer “self-certify” that they are in compliance with COPPA.
(Apple has a review process- but no one knows what tests are done- or what compliance is required. And, at least some of the Apple games (Disney clearly comes to mind) have behavioral advertising enabled- and that violates COPPA.)
Given the current state of our government, it is not clear if the FTC will really enforce the law. (One can only hope the attorneys general of our states will come around.) But, there are class action suits on the horizon.
OK. Not on the horizon. A class action (Northern District Court, California) has just been filed (after i first wrote this blog piece) against Disney, Upsight, Unity, and Kochava. Disney has some 42 apps that violate COPPA, and the other 3 have similar numbers of violations. In particular, these firms all collect data from users under the age of 13 and sell that data to commercial advertisers and others.
The Institute has codified its findings about kid-friendly apps at AppCensus. The mission of the site is to provide users an idea of what happens with their personal (identifying) data. So, parents (and concerned citizens, since we all should worry about our own privacy) should start checking the site routinely.
Because that will at least provide some idea of COPPA compliance. And, let the adults know how compromised their- and their kids’- behavior may be.
Horrors!!!! Sounds dangerous. It’s a scary world in cyberspace for kids. Parents are on their own, apparently.
The real issue is that all these firms are violating the law and putting folks kids at risk. That’s why I published it- to make parents aware.
Thanks for the visit and the comment, Alice.