Click to Skip Ad
Closing in...
  1. Prime Day Deals
    09:43 Deals

    These early Prime Day deals have prices so low, it’s like Amazon made a mistake

  2. amazon nest thermostat 3rd generation
    14:02 Deals

    Newest Nest Thermostat gets a rare Amazon discount ahead of Prime Day

  3. Best Amazon Deals Today
    07:58 Deals

    15 hidden Amazon deals that are so exclusive, they’re only for Prime members

  4. Best Kitchen Gadgets
    08:33 Deals

    Amazon shoppers are obsessed with this $23 gadget that should be in every kitchen

  5. Prime Day Deals
    07:58 Deals

    Amazon has 10 new early Prime Day deals you need to see to believe

Study finds thousands of Android apps that improperly track children

Zach Epstein
April 16th, 2018 at 7:45 AM
Android Apps Track Children

As Facebook continues the fight to put the massive Cambridge Analytica scandal being it, consumer privacy is once again being dragged out into the spotlight. It’s an important issue that’s always on our minds to an extent, but even more so now that privacy violations are at the center of the mess Facebook has managed to get itself into. Of course, Facebook isn’t the only company that periodically finds itself in hot water over issues pertaining to privacy. Google is no stranger to controversy when it comes to user privacy, which makes sense since the company has a similar business model to Facebook: Make products everyone wants, give them away for free, and collect user data in order to serve targeted advertisements.

Unlike Facebook, Google actually has a very good track record when it comes to protecting the personal user data it collects. Unfortunately, the company has a much worse track record when it comes to preventing third parties from abusing its policies. We’ve seen numerous examples of this in the past, and the latest revelation could be one of the most troubling ones yet.

Apple and Google own and operate the two most widely-used mobile platforms in the world, but they employ dramatically different strategies. Apple closes its platform off from other hardware companies, and it imposes tight restrictions as well as a thorough review process for third-party apps distributed through its App Store. On the other end of the spectrum we have Google, which gives away Android to other smartphone makers for free. Google is also much more lax with its Google Play app store, and these lax policies have gotten the company into trouble numerous times in the past.

The latest instance of Google’s policies potentially harming Android users has just been uncovered by researchers affiliated with the International Computer Science Institute (ICSI). In a new study titled “‘Won’t Somebody Think of the Children?’ Examining COPPA Compliance at Scale,” it has seemingly been revealed that Android’s app store is home to thousands of apps that are improperly tracking certain users. Of course, the idea that an Android app might track you is nothing new. So why is this new study so alarming? ICSI researchers found that these particular apps improperly track young children.

Here’s the abstract from the researchers’ study:

We present a scalable dynamic analysis framework that allows for the automatic evaluation of the privacy behaviors of Android apps. We use our system to analyze mobile apps’ compliance with the Children’s Online Privacy Protection Act (COPPA), one of the few stringent privacy laws in the U.S. Based on our automated analysis of 5,855 of the most popular free children’s apps, we found that a majority are potentially in violation of COPPA, mainly due to their use of third-party SDKs. While many of these SDKs offer configuration options to respect COPPA by disabling tracking and behavioral advertising, our data suggest that a majority of apps either do not make use of these options or incorrectly propagate them across mediation SDKs. Worse, we observed that 19% of children’s apps collect identifiers or other personally identifiable information (PII) via SDKs whose terms of service outright prohibit their use in child-directed apps. Finally, we show that efforts by Google to limit tracking through the use of a resettable advertising ID have had little success: of the 3,454 apps that share the resettable ID with advertisers, 66% transmit other, non-resettable, persistent identifiers as well, negating any intended privacy-preserving properties of the advertising ID.

There were a number of alarming findings that resulted from this study. The researchers found that 40% of the apps studied shared children’s personal info unsecurely, 39% violated Google’s terms regarding persistent identifiers, 19% shared private info with third-party services that aren’t supposed to be used in children’s apps, and 5% collected children’s physical locations or contact data without obtaining parental consent.

“These problems are rampant, and it’s resulting in kids being exposed to targeted advertising and automatic profiling that could be illegal,”co-author Serge Egelman told Education Week. Google hasn’t yet commented on the study, which can be read in full at this link.

Zach Epstein

Zach Epstein has worked in and around ICT for more than 15 years, first in marketing and business development with two private telcos, then as a writer and editor covering business news, consumer electronics and telecommunications. Zach’s work has been quoted by countless top news publications in the US and around the world. He was also recently named one of the world's top-10 “power mobile influencers” by Forbes, as well as one of Inc. Magazine's top-30 Internet of Things experts.

Popular News