Mobile apps for children continue to leave parents in the dark as to what information is being collected and what is being done with that information, according to a new study by the Federal Trade Commission (FTC).

The study, “Mobile Apps for Kids:  Disclosures Still Not Making the Grade,” is a follow-up to a February 2012 study, which reported that little or no information was available to parents about the privacy practices and interactive features of the mobile apps surveyed.  In addition, the FTC found that even when there were privacy policy disclosures, actual practices often did not follow the policies.

The FTC randomly picked for the study 400 apps aimed at children.  Of those reviewed, 59 percent transmitted some information from the user’s mobile app back to the developer or to a third party.  Only 20 percent of the apps reviewed contained any privacy policy.  In the earlier study, 16 percent of the apps contained a privacy policy.  There are over 700,000 children’s apps available in Apple’s App Store and a similar number available in Google Play.

“The survey results showed that parents still are not given basic information about the privacy practices and interactive features of mobile apps aimed at kids,” the report states.  “Indeed, most apps failed to provide any information about the data collected through the app, let alone the type of data collected, the purpose of the collection, and who would obtain access to the data.”

“Even more troubling, the results showed that many of the apps shared certain information – such as device ID, geolocation, or phone number – with third parties without disclosing that fact to parents.  Further, a number of apps contained interactive features – such as advertising, the ability to make in-app purchases, and links to social media – without disclosing these features to parents prior to download.”

One of the most common pieces of information collected and shared is the device user ID.  In fact, 59 percent of the apps that transmitted information transmitted the user ID to the app developer or third parties.  Also transmitted were geolocation information and phone numbers.  “Using the device ID and other information from multiple apps, these third parties could potentially develop detailed profiles of the children using the apps, without the parent’s knowledge or consent,” the FTC explained.

The report noted that one app’s disclosure stated that it “may record user foot prints for the analysis purposes.  Your email address and personal information are only stored if you subscribe to the newsletter or special offers.  We do not share or sell this information to third parties in any sense.”  In reality, the app transmitted the device ID, geolocation, and phone number to multiple advertising networks.

“The results of the survey are disappointing.  Industry appears to have made little or no progress in improving its disclosures since the first kids’ app survey was conducted, and the new survey confirms that undisclosed sharing is occurring on a frequent basis,” the FTC report said.

As a result of its findings, the FTC is investigating whether the discrepancies between company practices and disclosures could constitute violations of the Children’s Online Privacy Protection Act. 

The FTC will conduct another survey in six months.