FTC report slams app stores for weak child data safeguards
Monday, December 10, 2012 @ 6:30pm
| The US Federal Trade Commission has continued its campaign against the collection and use of children's personal data online. A report, released today, entitled "Mobile Apps for Kids: Disclosures Still Not Making the Grade" takes both Google and Apple to task for hosted third-party applications that are failing to "provide any information about the data collected through the app, let alone the type of data collected, the purpose of the collection, and who would obtain access to the data."
The report -- a follow-up from a FTC survey in 2011 -- goes on to say that "even more troubling, the results showed that many of the apps shared certain information with third parties -- such as device ID, geolocation, or phone number -- without disclosing that fact to parents. Further, a number of apps contained interactive features -- such as advertising, the ability to make in-app purchases, and links to social media -- without disclosing these features to parents prior to download.”
FTC Chairman Jon Leibowitz believes that "most companies have the best intentions when it comes to protecting kids’ privacy, [but] we haven’t seen any progress when it comes to making sure parents have the information they need to make informed choices about apps for their kids. In fact, our study shows that kids' apps siphon an alarming amount of information from mobile devices without disclosing this fact to parents. All of the companies in the mobile app space, especially the gatekeepers of the app stores, need to do a better job. We'll do another survey in the future and we will expect to see improvement."
The report also says that FTC staff will be launching non-public investigations to determine whether certain publishers in the mobile app marketplace are violating the Children’s Online Privacy Protection Act (COPPA) or engaging in unfair or deceptive practices in violation of the Federal Trade Commission Act.
Enacted in 1998, the Children's Online Privacy Protection Act prohibits the collection of minor's personal information (including email addresses) by any party, without parental notification. Other identifiers such as browser cookies, and geolocation information are banned from collection efforts as well.
On August 6 of this year, the FTC published details on proposed revisions to COPPA after a nearly year-long public comment process. The revised rules clarify some ill-defined and outdated terms, as well as gives examples of proper use of contact information.