Language in the Children's Online Privacy Protection Act that requires parental consent before tracking minors younger than 13 is having negligible impact on thwarting such practices, as app developers continue to collect data on children, according to reports.
Compounding the fact privacy policies of apps are often baked into densely worded documents, the number of software offerings available on app stores continues to grow. Policing apps is getting harder to do and users are prone to skipping over the thick language of privacy policies on their way to use the mobile games and utilities.
While watchdog groups have struggled to quantify the amount of apps that violate COPPA or skirt it through overly complicated privacy policies, reviews of popular games have found that the software tracks everything from location to voice. That information is being packaged and sent to ad agencies that use that data for targeted advertising, including direct marketing to individuals under the age of 13.
"Kids are such a lucrative market, especially for apps," says Jeff Chester, executive director of the Center for Digital Democracy. "Unfortunately, there are still companies out there that are more concerned about generating revenue than protecting the privacy of kids."
App permissions are also becoming a larger concern to parents. Just as privacy policies are often convoluted, developers are said to be failing to adequately explain what users are consenting to when authorizing apps to access features like cameras and microphones.
Kandi Parsons, an attorney for the Federal Trade Commission, says her division, the Bureau of Consumer Protection, ultimately seeks to ensure that companies are complying with COPPA, including the revision that requires app developers to get parental consent before collecting personal data on anyone younger than 13, including information like the unique identifying device on a phone, a phone number or a device's location. But that compliance goal doesn't undermine the FTC's pursuit of organizations that violate COPPA.
While the 2013 revision to COPPA keeps the spotlight on app privacy and permission, the Future of Privacy Forum and the Software & Information Industry Association have been calling for tech companies to vow to making privacy policies as clear as possible. The pledge drafted by the pair also calls for the responsible handling of student and minor data.
"These commitments clearly and concisely articulate a set of expectations that parents and education officials have for the safeguarding of children's sensitive data," said Jules Polonetsky, executive director and co-chair of the Future of Privacy Forum, a think tank that advocates for responsible data practices. "The pledge will enhance the trust between families, schools and third-party service providers necessary to support the safe and effective use of student information for student, teacher and school success."
Microsoft was one of the largest companies to sign the pledge, while Google, which is mulling child-centric services, has yet to take the vow.