One in four apps that are aimed at children on the Google Play Store do not comply with the Information Commissioner’s Office age-appropriate design code, according to new research.
The study of more than 400 children’s apps available on the store, by consumer group Comparitech, found that nearly 25% violated the ICO’s guidelines in some way – the vast majority by collecting personal data of some kind.
The Children’s Code sets out standards to which online services must adhere to in order to comply with UK data protection law when it comes to children and protecting their personal information online.
Comparitech said in its study that the offending apps violated the ICO’s Code in different ways but many did so by collecting personal data without having a comprehensive, child-specific privacy policy in place.
The study was carried out by selecting 50 apps from each of the individual app categories for children within the Google Play Store tab, the group said.
The majority of the apps found to be violating the code were collecting a user’s IP address but in some cases other data including a user’s name, address, online contact information, telephone number, or geolocation was found to be collected, according to the research.
The consumer said that all of the apps it found to violate code were graded as “expert approved” by Google.
Comparitech head of data research, Rebecca Moody, said: “Almost 25% of the apps we reviewed were found to be in violation of the ICO’s guidelines in some way.
“The vast majority collected some kind of personal data without a clear and comprehensive section on children’s data protection within their privacy policy.
“Perhaps even more concerning was that 5.5% of the apps we reviewed claimed not to be targeted toward children, despite being featured within the child-specific section on Google Play and sometimes featuring the word ‘kids’ in the app name.”
What did ICO have to say on the matter?
A spokesperson for the ICO said: “The children’s code makes clear that children are not like adults online, and their data needs greater protections.
“We want children to be online, learning, playing and experiencing the world, but with the right protections in place to do so that reflects their best interests.
“All online services likely to be accessed by children must conform with the children’s code in order to be compliant with data protection legislation.
“It applies to all companies who will process data on UK children. We will investigate when evidence suggests that online services are not complying with their responsibilities to protect children outlined by the code or wider data protection law.”
How did Google respond to this?
Google said it was looking into the findings of the report and its methodology, in response to the research.
A Google spokesperson said: “Google Play takes the protection of children on its platform seriously.
“Play has policies and processes in place to help protect children on our platform and has invested significant resources into related features.
“Apps that target children must comply with our Google Play families policy, which requires developers to adhere to all relevant laws and all of Play’s developer programme policies, plus imposes additional privacy, monetisation and content restrictions like prohibiting access to precise location data.
“Developers are responsible for ensuring their apps are compliant with all relevant laws and appropriate for their target audiences, including children.”
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here