In a report released today, the FTC said that when it comes to mobile applications aimed at kids there is "little, if any, information in the app marketplaces about the data collection and sharing practices of these apps."
The Federal Trade Commission said that its staff searched the Apple and Android app stores for apps using the word "kids," and "encountered a diverse pool of apps for kids created by hundreds of different developers," but that privacy disclosure was lacking.
The report, titled Mobile Apps for Kids: Current Privacy Disclosures are Disappointing (PDF), focused on disclosures to users regarding the data practices of apps aimed at children. The agency said that its staff will "evaluate whether the industry is moving forward to address the disclosure issues raised in this report," and determine whether there are violations of the Children's Online Protection Act ( ) "and whether enforcement is appropriate."
Its report is not directly tied to the recent controversy surrounding mobile apps that upload users' address books without their permission. But the report's release comes the day after Reps. Henry Waxman (D-Calif.) and G.K. Butterfield (D-N.C.) publicly released "whether Apple's iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts." Apple that apps that collect users' data without their permission are in violation of its app store guidelines. It also said that it will fix the problem in an upcoming software release.
Both the FTC report and the recent address book revelations are particularly disturbing considering the vast number of developers out there creating apps for smartphones and tablets. The FTC report cited data that there are now more than 500,000 apps in the Apple store and 380,000 in the Android Market from thousands of developers around the world. Even if we assume the best intentions from the companies implicated in the recent flap, it's not hard to imagine that there are other apps out there that are also not disclosing their data practices, including some from developers that might not be as and others that have changed their permissions policies in recent days.