Google Removes 3 Android Apps For Children, With 20M+ Downloads Between Them, Over Data Collection Violations
Researchers at the International Digital Accountability Council (IDAC), a nonprofit watchdog based out of Boston, found that a trio of popular and seemingly innocent-looking apps aimed at younger users was recently found to be violating Google’s data collection policies, potentially accessing users’ Android ID and AAID (Android Advertising ID) numbers, with the data leakage potentially connected to the apps being built using SDKs from Unity, Umeng and Appodeal.
Collectively, the apps had more than 20 million downloads between them.
“We can confirm that the apps referenced in the report were removed,” said a Google spokesperson. “Whenever we find an app that violates our policies, we take action.”
The violations point to a wider concern with the three publishers’ approach to adhering to data protection policies. “The practices we observed in our research raised serious concerns about data practices within these apps,” said IDAC president Quentin Palfrey.
The incident is being highlighted at a time when a lot of attention is being focused on Google and the size of its operation. Earlier this week, the U.S. Department of Justice and 11 states sued the company, accusing it of monopolistic and anticompetitive behavior in search and search advertising.
To be clear, the app violations here are not related to search, but they underscore the scale of Google’s operation, and how even small oversights can lead to tens of millions of users being affected. They also serve as a reminder of the challenges of proactively policing individual violations on such a scale, and that those challenges can land in a particularly risky area: how minors use apps.