Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

Global Privacy Sweep Finds Privacy Issues in Children’s Apps

By Privacy and Cybersecurity Group
September 9, 2015
  • Canada
  • Consumer Protection
  • Enforcement
  • Government Information
Share on Facebook Share on Twitter Share via email Share on LinkedIn

Last week, the Global Privacy Enforcement Network (GPEN) released the results from their third annual Privacy Sweep. Twenty-nine privacy enforcement authorities spread across 21 countries reviewed 1,494 websites and mobile applications (apps) either targeted to or popular among children – the theme of this year’s sweep.

Canadian regulators participating in the international sweep included the Office of the Privacy Commissioner of Canada (OPC), the Office of the Information and Privacy Commissioner of Alberta and the Office of the Information and Privacy Commissioner of British Columbia, who focussed their review on websites and apps based in Canada.

Among the overall findings by GPEN, 67% of the websites and apps examined collected personal information from children, such as names, photos, videos, audio, addresses and phone numbers.

“Too many developers are collecting particularly sensitive personal information such as photos, videos and the location of children, and often allowing it to be posted publicly, when there are clearly ways to avoid it,” said Privacy Commissioner Daniel Therrien in a statement. The OPC has repeatedly recommended in its publications and report of investigations that the best practice is to never collect personal information from children.

The OPC noted that many companies are developing innovative, creative and dynamic technological tools that balance the purpose of the website or app while respecting privacy protection.

The Privacy Sweep also found that 51% of websites and apps reviewed indicated they may disclose the children’s personal information to third parties. The Privacy Sweep found that 58% of websites and apps reviewed, while purporting not to collect personal information, redirected children to sites and apps that did collect personal information. The redirection was via an advertisement or a contest that sometimes appeared to be part of the website or app.

In considering parental or some form of adult supervision or control, only 31% of websites and apps reviewed had any protective control in place that would limit the collection of personal information; even less (24%) had some form of parental involvement.

The focus of privacy protection of vulnerable groups, such as youth and children, is one of Commissioner Therrien’s current privacy priorities.

The OPC also provided recommendations for companies to consider when collecting, using or disclosing personal information that may involve children, including:

  1. Avoid collecting any personal information from children.
  2. Instead of requiring children to disclose their name or photo or other personal information – for example to register with a website or app – companies should use protective controls such as preprogrammed avatars and usernames that children can select instead.

The goals of the GPEN Privacy Sweep include creating awareness and encouraging compliance with privacy legislation; however, GPEN and the OPC note that the results of the Privacy Sweep could lead to follow-up action being taken, including outreach and investigations.

 

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Privacy and Cybersecurity Group

About Privacy and Cybersecurity Group

Our Privacy and Cybersecurity lawyers operate at the intersection of technology and law. We understand that data is one of your core assets, driving insights and enabling development of valuable new products and services. Our global Privacy and Cybersecurity group works across all sectors offering a full complement of counseling and advice, regulatory and litigation services.

All posts

RELATED POSTS

  • Canada

C-11 – The act to enact the Consumer Privacy Protection Act: Five top measures to get ready

By Chantal Bernier
  • Enforcement
  • General
  • New and Proposed Laws
  • United States

US State Privacy Update: California Privacy Protection Agency Announces Revised Rulemaking Timeline Under The CPRA

By Peter Stockburger
  • Consumer Protection
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • New and Proposed Laws
  • Privacy Rights
  • United States

New York Proposes First-in-the-Nation Cybersecurity Regulation for Financial Institutions

By Peter Stockburger

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site