GPEN Sweep Finds Mixed News for Children’s Online Privacy
The third annual privacy sweep conducted by the Global Privacy Enforcement Network (GPEN), a cross-border network of privacy regulators, has yielded good news and bad news for children’s apps and websites. The bad news—a May 2015 GPEN survey raised privacy concerns about 41% of the 1,494 children’s apps and websites examined. The United Kingdom Information Commissioner’s Office (ICO) expressed particular concerns about children’s apps and sites that collect more information than needed to provide their intended service and those that share information with third parties. The ICO also noted that such services frequently failed to disclose how they used the collected information, with many using generic privacy policies. The report did, however, cite several examples of good practices, such as centralized “dashboards” for parental controls and settings that limited how much information children could share.
The GPEN sweep findings reflect the persistent concerns of regulators around the world about children’s online privacy. To avoid scrutiny from the FTC and other regulators, sites and apps targeted at children should post clear and easy-to-find privacy disclosures, strive to minimize the amount of data collected from children, carefully evaluate the use of in-app advertising, and ensure they are COPPA-compliant when they do collect personal information from kids.