- Study finds that a large number of Android applications have infringed on COPPA law.
The internet has become so complicated in recent years such that nothing online can be trusted anymore. In fact, any information one posts on their social media, regardless of privacy settings, can no longer be treated as secure. Just a while ago, there has been an uproar regarding data sharing between Facebook and Cambridge Analytica.
While people are over concerned about their own privacy and the way in which their information is getting exploited by the companies behind these social media platforms and such, a different group of users who require much more attention has been overlooked. Through the use of an automated testing process, experts have recently discovered a shocking revelation. Over three thousand family and children-oriented applications on Android devices’ Google Play were found to be guilty of storing information and data of children. This is a direct infringement on the United States Children’s Online Privacy Protection Act (COPPA) law. COPPA serves to restrict data collection towards children who are under the age of thirteen years old.
There was a sum of 5,855 applications that were involved in the research. Even though there was a mere 281 of them which stored the children’s personal contacts and location data without attaining the consent of their parents, many others have shown actions that were on the edge of infringement. One thousand and one hundred of them have transmitted the children’s persistent identifiers to external sources for restricted purposes. On top of that, a whopping 2,281 of them transmits these persistent identifiers to the same endpoint as the Android Advertising ID. This is an infringement of the terms of service set by Google. This gives you control over tracking, as explained by Engadget.
In addition, statistics have shown that ninety-two percent of the 1,280 applications that were associated with Facebook were not in compliance with the terms set by Facebook. The term also restricts the usage of these servers by those who are below the age of thirteen. Of the 1,280, forty percent of them have been said to share the collected data loosely, which points to the absence of proper and adequate security precautions.
Nonetheless, these results are simply insufficient in the determination of the frequency of these occurrences. This is because it only entails Android applications, yet many applications are still under iOS. Engadget has reached out to Google for further remarks on this issue.
Of course, it is near impossible for the responsible parties to fully enforce rules and regulations that involve children, like COPPA. Aside from the basic age confirmation and request for parents’ consents, there are plenty of major and minor concerns over data collection as well as transmissions that have legal restrictions. In fact, Engadget suggests that some violations may even be unintentional. For instance, Facebook has such a wide range of users such that they are already faced with a huge amount of privacy concerns from adults. Hence, its negligence over child-privacy concerns, a minor group of users, may be justifiable. Furthermore, the experts who led the study are insistent of the fact that these applications do not exhibit “definitive legal liability”.
Similarly, Google faces the same, if not worse, situation as Facebook. There are literally thousands of applications that are implemented on a daily basis. AppBrain reports more than 2,700 applications that are added each day as of last month. Hence, it could be too demanding to expect applications store operators to keep track and contain these applications manually. Ironically, the automated testing process employed by these experts could be the exact solution for operators to achieve the goal. Ultimately, they would still have to read through the applications manually prior to their eliminations or even any legal proceedings. Overall, however, the final decision lays in the hands of the Federal Trade Commission regulators, regardless of whether or not these applications are actually violating legal terms.
Featured image via flickr/Kiwamu Okabe