Data Privacy Risks in Child-Targeted Android Apps – Incogni Research
With many children’s apps lacking transparency in the data-safety and privacy practices, these apps may also be engaging in invasive practices, potentially exposing children to exploitative advertising and even criminal activity.
Incogni conducted worldwide research and analyzed the 10 most popular child-targeted apps from 59 countries. Their findings revealed that half of these apps extensively collect children’s data.
The troubling fact is that many apps don’t follow the best data privacy guidelines. Due to the fact that kids spend so much of their free time on mobile devices, keeping them and their personal information safe becomes a challenge.
Insufficient parental supervision can facilitate the exposure of children’s data, not only for marketing purposes but also for malicious and criminal activity targeting children.
Press Release
Incogni, a leading personal information removal service, has conducted an analysis of child-targeted Android apps, shedding light on concerning data privacy practices prevalent in children’s apps globally.
The data was gathered and analyzed for the 10 most popular child-targeted apps from 59 countries, which yielded a total of 74 unique apps—primarily games.
The investigation focused on the data safety sections of these apps on the Google Play Store.
Data Collection Findings
Out of these 74 popular children’s apps, Incogni identified 34 that were collecting user data, and 21 that were sharing data.
The 34 data-collecting apps gather data from an average of 5.7 data points and share from an average of 2.8 data categories. Notably, 11 apps were recognized as particularly data-hungry, collecting 7 or more data points, with five collecting 10 or more, mainly their users’ approximate location (4), email addresses (8), photos (2), and purchase histories (8).
- These 11 apps accounted for 55% of all data points collected by the investigated apps, including analytics, app functionality, fraud prevention, and advertising/marketing.
Almost all data-collecting apps claimed to encrypt data and remain committed to the Google Play Families Policy. However, only 62% of data-collecting apps allowed users to request the deletion of their data.
In a global breakdown, apps popular in Oceania exhibited the highest average of 5.3 data points per use, with those in New Zealand coming in at the top. Apps in Europe averaged 5 data points, with the most data being collected in Finland (6.7 collected data points), followed by Ireland (6.2), Portugal (6.0), Poland (6.0) and Spain (5.6). In Germany most popular apps collect 5.1 data points, in the UK 4.6 and in France only 3.1.
- Among the most popular children’s apps in Europe are: Avatar World: City Life, Toca Life World: Build a Story, Kahoot: Play and Create Quizzes and Bluey: Let’s Play.
North America ranked as the third most data-hungry region, with popular apps collecting an average of 4.1 data points and sharing 0.2. Apps popular with Americans collected 4.9 data points, almost double Mexico’s 2.6.
The complexity of privacy settings, legal and regulatory gaps, and weak enforcement, contribute to the persistence of exploitative practices. The issue is intensified further by the lack of parental education.
Incogni emphasizes the need for enhanced transparency and user control, urging app developers to prioritize the privacy and security of their youngest users.
Darius Belejevas, Head of Incogni, outlines.
Incogni’s study, based on the rankings provided by Appmagic.rocks2 in the kids’ category, covered apps popular in 59 countries. The information on each of the 74 identified apps was then collected from the data safety sections of the Google Play Store pages and further aggregated on a country and regional level for analysis. Data collection from the Google Play Store took place on November 28, 2023.
Research Data
- The full text of the study and images are available here: study
- The data used in this research is available here: public dataset