How to protect your kids' privacy, innocence when choosing apps

Most people do weeks of research before buying a car or other consumer goods. But they'll download a 99-cent application, or app, for their mobile phone or tablet in a few seconds.

Doing a little more consumer research on these small purchases is a good idea, especially if children are using them. Finding out what kind of content the app might expose them to, such as violent game play, and what kinds of information the app may be collecting about them, has become a concern for many parents.

Like movies and games, apps are rated by age levels. But the ratings system varies from platform to platform: Apple, Android and Windows each has its own system, creating a confusion of categories.

Apple's iTunes store uses the following age categories: 4+, 9+, 12+ and 17+. The rating of 4+ is suitable for all ages, with no objectionable material; 17+ means the buyer must be at least 17, because the app contains offensive language, fantasy or realistic violence, horror, sexual content, alcohol, tobacco or drug use.

Google Play store rates apps in four categories -- Everyone, Low Maturity, Medium Maturity and High Maturity. Criteria include references to alcohol, tobacco and drugs, real or simulated gambling, profanity, suggestive content and realistic violence. Apps that share the user's location with others must be rated medium to high maturity.

Apps for Windows mobile devices follow the Entertainment Software Rating Board (ESRB) system used to rate video games. Its categories: Everyone, Early Childhood, Everyone 10+, Teen Mature and Adult Only. Users must be 18 or older to access the last category.

App developers are responsible for evaluating and rating their app content.

The lack of a standardized system for rating apps makes a complicated issue even more confusing for parents.

"Unifying this at one level makes a lot of sense," said Scott Weiner, an app developer in Mansfield, Mass. "The problem is, right now it's still an immature market," without "a clear set of leaders in the industry. As a parent and a developer, I'd rather make it the parent's choice and make it easy for them to see the issues."

The Children's Online Privacy Protection Act of 1998 was designed to protect children online and gives parents control over what information websites can collect about their kids.

On Dec. 19, the FTC announced several amendments to this act. They include adding geolocation information, photographs, and videos to the list of personal information that can't be collected without parental consent, and closing a loophole that has allowed apps and websites aimed at kids to let third parties collect personal information about them through plug-ins without parental notice and consent.

Apps can collect information about users, including their location. They can connect and post information to social networks like Facebook. Many free apps -- and some paid ones -- contain advertising that parents may not want their kids to see.

In February, the Federal Trade Commission issued a report that raised concerns about the lack of disclosure of app privacy practices and interactive features, and called on sellers and developers to be more transparent about data practices.

A follow-up FTC survey during the summer of 2012 found that the situation hadn't improved much. Using the keyword "kids," FTC staff chose 400 apps at random from the Google Play and iTunes stores, looking for interactive features such as advertising, in-app purchases, links to social media and whether the app collected or transmitted any information from the mobile device they were tested on.

Among the findings:

-- 60 percent of the apps transmitted the device ID to the developer or an advertising network; 14 of these also transmitted geolocation and/or phone number.

-- Only 20 percent disclosed information about their privacy practices.

-- 58 percent contained advertising, and only 15 percent indicated the presence of ads prior to downloading.

-- 22 percent had links to social networking services; 9 percent disclosed these links prior to download.

-- 3 percent transmitted the user's geolocation and 1 percent transmitted the device's phone number.

The "industry appears to have made little or no progress in improving its disclosures since the first kids' app survey was conducted, and the new survey confirms that undisclosed sharing is occurring on a frequent basis," the FTC report concluded.

Easy-to-understand disclosures about privacy practices "were far from the norm, and most apps failed to provide basic information about what data would be collected from kids, how it would be used, and with whom it would be shared."

There are things parents can do to preserve their children's online safety and privacy. The simplest: don't give them the account password. When they want an app, check it out first and download it for them.

Many developers are upfront about outlining their privacy policies and what kinds of information they collect. Others are not. But there are several websites where parents can look up app ratings and find out what kinds of information they harvest about their users.

Secure Me, at, has information on a slew of apps: Type a name in the search box, and Secure Me will give indicate what kind of information the app might post on Facebook, what kind of personal information it requests (name, gender, photo, Facebook ID), if it accesses data when the user is offline, if it accesses friends' information or posts to one's Facebook Timeline.

The same app ratings information also is available on the ESRB site, along with other resources for parents at

Print this article Back to Top