We’re in an period the place dad and mom like me have grown up with smartphones. My dad and mom, as a lot as I beloved them, have been what we’d seek advice from as ‘technologically challenged’. I typically had to assist them navigate the digital world, instructing them the best way to spot phishing emails or PayPal scams.
Now, as a dad or mum myself, I discover the roles reversed. It’s my job to guard my children not simply from the hazards of the bodily world, however from the cellular app privateness dangers for youths. Most children don’t take into consideration issues like information assortment, on-line monitoring, predatory promoting or extreme permissions. They only need to play video games, chat with associates and have enjoyable. That’s why it’s as much as us as dad and mom and guardians to remain vigilant about kids’s cellular app safety and privateness.
What Knowledge Are Apps Actually Accumulating?
Each the Apple App Retailer and Google Play Retailer require builders to reveal the sorts of knowledge their apps acquire. These Privateness Vitamin Labels and Knowledge Security Labels are supposed to present transparency about information assortment practices and can provide dad and mom higher perception about cellular app privateness for youngsters.
For apps designed for youths, the foundations are imagined to be stricter. In response to the Google Play Households Coverage and Apple App Evaluate tips, apps that focus on kids aren’t supposed to gather device-specific or user-specific information. These necessities are strengthened by digital privateness legal guidelines similar to Kids’s On-line Privateness Safety Act (COPPA) in america and the Normal Knowledge Safety Regulation (GDPR) in Europe.
However in actuality, it’s not all the time that straightforward. Take Roblox, some of the well-liked children apps on the planet. Roblox collects a spread of knowledge, together with voice recordings, private info and location information. Roblox claims to serve a basic viewers, not simply children. This technicality lets the app sidestep among the stricter guidelines round COPPA compliance, despite the fact that kids make up a big a part of its consumer base.
The Florida Lawyer Normal just lately subpoenaed Roblox as a part of an investigation into how the platform protects kids from on-line exploitation. The subpoena geared toward strengthening digital safeguards for minors consists of paperwork associated to Roblox’ information assortment and processing practices.
Can We Belief App Retailer Privateness Labels?
Each the Google Play Retailer and the Apple App Retailer present perception into what information an app collects, the way it’s used, and who it’s shared with. However right here’s the catch: these labels typically don’t inform the entire story about children app information assortment.
Most builders solely disclose the info their very own app collects, not the info collected by third-party parts. These third-party libraries, additionally referred to as Software program Improvement Kits (SDKs) or dependencies, are sometimes used for analytics, in-app promoting or further options and save time for builders. Sadly, many builders don’t totally perceive how these SDKs deal with information, which creates critical privateness dangers in children apps.
One of many largest cellular information breaches in historical past provides an ideal instance of this. In early 2025, Gravy Analytics suffered a large breach, exposing tens of thousands and thousands of consumer information on the darkish internet. Hundreds of apps have been affected, together with among the hottest apps accessible similar to Tinder and Sweet Crush. Lots of the app builders had no thought they have been even related to Gravy Analytics — they have been merely utilizing a third-party advert library to monetize their apps. However behind the scenes, this promoting SDK collected cellular app telemetry and private information.
In the present day, among the similar advert libraries are nonetheless current in children’ apps. In actual fact, some of the well-liked advert libraries just lately eliminated COPPA compliance from its Android library, however dozens of childrens’ apps nonetheless use it immediately. That’s why dad and mom needs to be cautious when reviewing app retailer declarations and be cautious of hidden third-party information sharing.
Shedding Gentle on Cell Privateness Dangers
To gauge the accuracy of the Knowledge Security labels, I made a decision to run a real-world take a look at by inspecting app site visitors. What I discovered was troubling to say the least.
I downloaded a children app that explicitly claimed it didn’t acquire ANY information and didn’t share information with third events as proven under.
However after I analyzed the community site visitors, I discovered one thing regarding: each 30 seconds, the app despatched an encrypted message containing 7,448 characters to the developer’s server.
That’s a number of info for an app that supposedly collects nothing. What’s being transmitted? Why is it encrypted? We will’t say for certain, however we all know that information is being decrypted on the developer finish and used for one thing.
This sort of hidden cellular information assortment highlights why dad and mom have to be vigilant about cellular app privateness for youngsters. As we’ve seen, not all apps adhere to their information assortment statements and privateness insurance policies.
What About Roblox?
To match, I ran the identical evaluation on the hit sport Roblox. The Roblox app itemizing states it collects private info, approximate location and in-app buy information. Once I created an account as a minor, I noticed some variations. The community site visitors was largely restricted to session-related information app telemetry, foreign money standing and stock updates. Primarily based on this habits, we see Roblox has taken some measures to try to safeguard children’ app privateness.
In July, Roblox launched new security measures for teenagers, together with AI-powered age estimation know-how and monitored Trusted Connections conversations to higher defend younger customers on the platform.
How Mother and father Can Defend Their Children from Cell Privateness Dangers
1. Allow Parental Controls
Parental controls allow you to filter content material, block inappropriate apps and prohibit downloads.
2. Examine App Permissions
Each perform on a telephone, from the digicam to location providers, requires permission. Apps ought to solely request permissions to entry functionalities which can be completely crucial for the app to work correctly. For instance, a easy Sudoku puzzle sport shouldn’t ask for exact location or entry to file audio.
Listed below are permissions I all the time block for youths’ apps:
- Digicam entry
- Microphone entry
- Contacts entry
- Exact location*
*Apps within the ‘Children’ part of the Play Retailer are prohibited from gathering this information
3. Be Cautious of “Free” Apps
The app shops are inundated with children sport apps that look free, however drive income by adverts, microtransactions or subscriptions. ‘in-app purchases’. Some apps even try and lock the consumer right into a month-to-month/yearly subscription. Take into account paying upfront for paid apps to keep away from these misleading in-app buy practices.
4. Look ahead to Misleading Advertisements
Many apps are full of misleading adverts disguised as video games. These adverts typically trick children into enjoying, then redirect them to the app retailer. Typically the ‘shut’ button is hidden or too small to identify. For instance, this advert for the Township sport popped up on the display screen with none warning, making it virtually really feel prefer it was part of the unique sport. The choice to exit the advert was crammed within the nook, virtually not possible to see. When you lastly see it and faucet it, the app retailer pops with the choice to put in the sport!
5. Take into account Subscription Companies Like Apple Arcade
In my residence, I’ve inspired my younger children to make use of Apple Arcade as a result of it provides ad-free video games with no in-app purchases. On Android, the Google Play Children tab provides some safer choices in addition to paid apps, although dad and mom ought to nonetheless vet every app rigorously.
6. Keep away from Social Options in Children Apps
Social apps for youngsters are dangerous attributable to predatory habits and on-line security dangers. Apps like Roblox or older platforms like Membership Penguin embody chat options that may expose children to strangers. In my home, apps with social limits are strictly off limits till my kids are sufficiently old to grasp the potential risks.
The Backside Line: Defending Children’ Privateness Is As much as Us
Our children are among the most weak customers within the digital world. They rely upon us to guard their privateness, security, and on-line safety. Which means going past trusting app retailer labels, questioning what apps are actually doing behind the scene and refusing to just accept shady information practices as regular.
We should proceed to push for stronger cellular app privateness protections for youngsters and demand stricter enforcement of the insurance policies that exist already. In relation to children apps and information assortment, you possibly can by no means be too cautious.
On the office entrance, whether or not you’re a developer, safety skilled, privateness specialist or enterprise mobility supervisor, NowSecure options detect hidden information leaks, dangerous SDKs, extreme permissions, privateness points and compliance gaps, together with violations of COPPA, HIPAA and GDPR rules.
In a world the place even “protected” children apps can secretly acquire information, NowSecure provides you the instruments to assess the apps you construct and vet the third-party apps you employ totally and act with confidence. Contact NowSecure to discover how we may also help defend your cellular software’s privateness posture.