It’s already tough for users to understand app permission requests to access various features on their phones. Kids who download game or language apps face an even tougher time understanding what they are giving up in exchange. Because we rarely pay attention to what we agree to, random apps, and implicitly third-parties, get access to our device’s camera, GPS or microphone, and even our email or contact list.
Research has revealed that the apps were not only collecting phone numbers, emails and location data (5 percent), but they were also sharing sensitive information with third-parties (19 percent) which was specifically forbidden to prevent tracking and behavioral advertising. As many as 39 percent were in violation of Google’s terms of service that forbid sharing identifiers, and 40 percent shared personal information online without ensuring the data is secured. Facebook-integrated apps were breaking the law because they didn’t protect users under 13 years of age.
Although some potentially violate the US Children’s Online Privacy Protection Act (COPPA) by collecting more data than the law stipulates, legal action may not be in the cards under the current law, even though it limits data collection for kids under 13. Because some applications fall in a grey area, the FTC will ultimately decide what actions will be taken to remediate the situation.
This is a Security Bloggers Network syndicated blog post authored by Luana Pascu. Read the original post at: HOTforSecurity