Many mobile apps aimed at children collect and share personal data without notifying parents, potentially violating U.S. law, the Federal Trade Commission said in a report released Monday.
The FTC has launched an investigation of several mobile app makers after surveying 400 apps from the Apple App store and Google Play, said Jessica Rich, associate director of the FTC's Division of Financial Practices. In some cases, kids' mobile apps collect the identification of the mobile device, geolocation information or the phone numbers, without telling parents, she said.
Some of those practices may violate the Children's Online Privacy Protection Act (COPPA), Rich said during a press conference.
Mobile app makers have made little progress in disclosing to parents the information they share, advertising they contain and other information since the FTC released a first report on mobile privacy for children's apps in February, Rich said.
"What we found is cause for concern," Rich said. "We think this is a systematic problem."
Nearly 60 percent of the kids' apps the FTC surveyed transmit information from a users' device back to the app developer or a third party such as an advertising network or analytics company, the FTC report said. Just 20 percent of the apps reviewed disclose any information about their privacy practices.
In addition, 58 percent of the apps reviewed contained advertising, while only 15 percent disclosed the presence of advertising before people download them, the FTC said. Twenty-two percent of the apps contained links to social networking services, while only 9 percent disclosed that fact.
Another 17 percent of the apps reviewed allow kids to make purchases for virtual goods within the app, with prices ranging from US$0.99 to $29.99, the FTC said. Both app stores provided some indicators when an app contained purchasing capabilities, but those indicators were not always prominent or could be difficult for many parents to understand, the FTC said.
Rich declined to name which apps raised the most privacy concerns, saying the problem was widespread. The FTC hopes the new report will "light a fire under" mobile privacy efforts, including ones at the California Office of Attorney General and the U.S. National Telecommunications and Information Administration, Rich said.
Privacy advocates called for strong enforcement of COPPA by the FTC.
"This report reveals widespread disregard for children's privacy rules," Kathryn Montgomery, a communications professor at American University in Washington, D.C., said by email. "In the rapidly growing children's mobile market, companies are seizing on new ways to target children, unleashing a growing arsenal of interactive techniques, including geo-location and use of personal contact data."
The Center for Digital Democracy, a digital rights and online privacy group, plans to file two kids' privacy complaints this week, said Jeffrey Chester, the group's executive director.
CTIA, a trade group representing mobile carriers, said in a statement that its members are committed to "honoring and respecting consumers' privacy and offering them a variety of safeguards."
It's important for parents and children to talk to each other about how the family uses mobile devices and "make themselves aware of the privacy policies made available by wireless service providers, social networks and apps," CTIA added.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is [email protected]