FTC Finds Apps for Kids Lack Adequate Privacy Disclosures
The Federal Trade Commission (FTC) has released a December 2012 staff
report finding that only 20 percent of the 400 children’s mobile applications
under review “contained any privacy-related disclosure on the app’s promotion
page, on the developer website, or within the app.” Titled “Mobile Apps
for Kids: Disclosures Still Not Making the Grade,” the report also warned that
even when privacy policies were provided, they were often “long, dense and
technical” or lacking in “basic details, such as what specific information about
a child would be collected, the reason for collecting such information, or what
parties would obtain the information.”
According to FTC staff, its testing results evidently revealed that 59 percent of the 400 apps “transmitted some information from a user’s mobile device back to the developer or a third-party,” with 5 percent transmitting the device ID to developers; 56 percent transmitting the device ID to advertising networks, analytics companies or other third parties; and 3 percent transmitting geolocation information to developers and advertising networks, often without disclosing how third parties would use it. The agency also noted “a high incidence of interactive features within the apps that, in most cases, were not disclosed to users.” In particular, the staff reported that only 15 of the apps “indicated the presence of advertising prior to download,” while only 9 percent disclosed links to social networking services before download.
In light of these conclusions, FTC has called on app stores, developers and
third parties that interact with the apps to implement the recommendations
made in its recent Privacy Report by (i) “adopting a ‘privacy-by-design’
approach to minimize risks to personal information”; (2) “providing consumers
with simpler and more streamlined choices about relevant data practices”;
and (3) “providing consumers with greater transparency about how data is
collected, used, and shared.” The agency has also apparently indicated that
it intends to update the Children’s Online Privacy Protection Act (COPPA) in
the near future as well as launch non-public investigations “to determine
whether certain entities in the mobile app marketplace are violating [COPPA]
or engaging in unfair or deceptive practices in violation of the Federal Trade
Commission Act.”
“While we think most companies have the best intentions when it comes
to protecting kids’ privacy, we haven’t seen any progress when it comes
to making sure parents have the information they need to make informed
choices about apps for their kids. In fact, our study shows that kids’ apps
siphon an alarming amount of information from mobile devices without
disclosing this fact to parents,” said FTC Chair Jon Leibowitz in a December 10,
2012, press release. “All of the companies in the mobile app space, especially
the gatekeepers of the app stores, need to do a better job. We’ll do another
survey in the future and we will expect to see improvement.” See Advertising
Age, December 10, 2012.