According to a new research study, more than 3,300 family-oriented Android apps available on Google Play have been collecting the data of children under the age of 13, in possible violation of U.S. law.
The COPPA law in the United States limits the amount of data that can be collected from children under 13. The researchers said that — while only a few of the apps were engaged in glaring violations of the law — many Android apps were collecting data in a questionable manner in relation to the law.
The study checked nearly 6,000 Android apps, and it found that more than 280 of them collect location data of underage children without asking their parents for permission. About 1,100 apps further shared identifying data of children with third parties improperly. Other violations included breaking Google’s Terms of Service regarding the sharing of identities (2,281), transmitting data without proper security measures (2,400) and using Facebook tie-ins without limiting use among those under 13 (1,177).
The researchers noted that they have not demonstrated what they termed “definitive legal liability.” They said that was up to the FCC to decide. They were only indicating which apps could be in violation of the law.
The study did not include data for iOS.
Google has yet to comment on the issue, but the research demonstrates the challenge they — and regulatory bodies — face in regards to the issue. They cannot simply ask for permission from parents or perform some kind of age check. Many concerns relating to data sharing must be addressed, especially in apps in which children are not the prime focus.
It is further difficult for companies even as big as Google to manually check every app for COPPA compliance when as many as 2,700 new apps are added to Google Play every single day. An automatic tool, such as the one used in the study, could help the company, but the company likely would still have to check every app manually.
