Story image

Children's websites and apps raise privacy concerns

By Catherine Knowles, Fri 4 Sep 2015
FYI, this story is more than a year old

How safe are the websites and apps children are using? This is the question raised by the Global Privacy Enforcement Network (GPEN) Sweep that took place in May and involved 29 data protection regulators, including the Office of the Privacy Commissioner in New Zealand.

The project reviewed 1,494 websites and apps that are targeted at or popular with children, and raised concerns about 41% of these, particularly around how much personal information was collected and how it was shared with third parties.

The sweep found 67% of the sites/apps examined collected children’s personal information and half of these shared personal information with third parties.

Only 31% of sites/apps had effective controls in place to limit the collection of personal information from children.

Particularly concerning was that many organisations whose sites/apps were popular with children simply claimed in their privacy notices that they were not intended for children, and then implemented no further controls to protect against the collection of personal data from the children who would inevitably access the app or site, GPEN says.

Furthermore, 22% of sites/apps provided an opportunity for children to give their phone number and 23% of sites/apps allowed them to provide photos or video. The potential sensitivity of this data is a concern, says GPEN.

Also noted was that 58% of sites/apps offered children the opportunity to be redirected to a different website.

Only 24% of sites/apps encouraged parental involvement; and 71% of sites/apps did not offer an easy way to delete account information.

The project did find examples of good practice, with some websites and apps providing effective protective controls, such as parental dashboards, and pre-set avatars and/or usernames to prevent children inadvertently sharing their own personal information.

Other good examples included chat functions which only allowed children to choose words and phrases from pre-approved lists, and use of just-in-time warnings to deter children from unnecessarily entering personal information.

While the project focused on privacy practices, authorities also noted concerns around the inappropriate nature of some advertisements on websites and apps aimed at children.

GPEN aims to improve global enforcement cooperation around privacy legislation. This is the third annual sweep, and follows reports on the privacy practice transparency of websites and mobile privacy.

Recent stories
More stories