A new study showing tech companies are collecting data from Apple and Google apps — mostly used by children without parental consent — and sending it to advertisers has experts calling for laws that would make app developers responsible for determining if children are using their products.
“Apps are spying on our kids at a scale that should shock you,” according to The Washington Post, which reported on the study. “More than two-thirds of the 1,000 most popular iPhone apps likely to be used by children collect and send their personal information out to the advertising industry.”
The study, by Pixalate, a company that focuses on fraud protection and privacy, found 79% of Android apps do the same.
Researchers found popular apps like Angry Birds 2 and Candy Crush Saga spy on kids who use their apps — as do apps used for coloring and math homework.
Pixalate was able to identify more than 391,000 child-directed apps across both Apple and Google stores, and were able to identify the 1,000 most popular child-directed apps and analyze how sensitive data was handled.
Of all the apps identified by Pixalate, 7% sent either location or internet address data to the advertising industry.
The study also found popular apps had a greater incentive to track users because they make money from targeted advertising.
Both Google and Apple deny any wrongdoing and claim that their app stores protect the privacy of children, according to The Washington Post.
In another study by Pixalate, researchers found almost 90% of 164 educational apps and websites sent information to the ad-tech industry.
A 2020 study showed two-thirds of apps played by 124 preschool-aged children collected and distributed identifying information.
A 2017 research report examining media literacy showed many children can’t differentiate ads from content, and tracking technology allows marketers to micro-target their minds.
“They’re grabbing the kids’ general locations and other identifying information and sending it to companies that can track their interests, predict what they might want to buy, or even sell their information to others,” wrote Geoffrey Fowler, The Washington Post’s technology columnist.
A loophole in the system
The Children’s Online Privacy Protection Act (COPPA) in 1998 was enacted to prevent tech companies from collecting personal information of children under age 13 without parental consent.
“It was pretty obvious when the bill was being originally drafted that there was going to be real opportunity for unscrupulous corporations to take advantage of young people,” Sen. Edward J. Markey (D-Mass.), one of the authors of COPPA, told The Washington Post. “Now the problems are on steroids.”
According to SuperAwesome, a London-based company that helps app developers navigate child-privacy laws, “by the time a child reaches 13, online advertising firms hold an average of 72 million data points about them.”
“They are placing their profits over the mental health and social well-being of every child in America, because that’s the power they have today,” Markey said.