Schools often invite students to use education-focused mobile apps to streamline learning, classwork, day-to-day tasks and more. However, many of these apps are collecting kids' data and sharing them with third-party partners.
Me2B Alliance Product Testing, a tech-focused firm, discovered that 67% of education-oriented mobile apps were caught sharing students' private data. On average, each app sends data to about 11 third-party channels.
- Hackers are targeting your kids to infect Android and Chromebook devices with malware
- Nasty MacBook with M1 malware could steal your cryptocurrency
- Phones with the best battery life in 2021
67% of public school apps sent students' data to third parties
Me2B Alliance Product Testing analyzed and audited 73 mobile apps. Thirty-eight schools across 14 states use them; at least half a million people (e.g. students, educators and parents) are active on these mobile platforms. Investigators examined the data flow of all 73 apps by evaluating the SDKs included in each app.
Analysts discovered that 60% of school apps send students' data to third-party vendors, including Google and Facebook. Moreover, Me2B investigators found that 48% of apps sent student data to Google while 14% sent info to Facebook. As mentioned, each app sent data to about 11 third-party avenues.
When investigators zoomed in on public schools in the sample, they discovered that a whopping 67% used apps that sent students' data to third parties (compared to 57% of private schools).
Another public-school finding that Me2B deemed to be "disturbing" is that 18% of apps sent student data to "high-risk" third parties. Investigators defined high-risk third parties as entities that "further share data with possibly hundreds or thousands of networked entities."
Android apps are more reckless with third-party data sharing
A whopping 91% of Android apps sent students' data to high-risk third parties compared to 26% of iOS apps. The report stated that Apple's new app-tracking transparency feature helped reduce the number of iOS apps that share students' private data.
So what, exactly, are these apps sending to these third parties? Well, the analysts admitted that they didn't examine this in detail, but they confirmed that "unique identifiers" were sent to third-party ad platforms. Unique identifiers, by the way, help advertisers build profiles of each user to target them for ads.
The investigators made the following conclusions after wrapping up the study:
- The amount of student data being shared with third-parties (e.g. advertisers and analytics platforms) is unacceptable
- There shouldn't be third-party data channels within school-centered mobile apps
- Users don't have enough info about which third parties apps are getting their data; the Google Play Store and Apple App Store need to make this more clear
Analysts also concluded that iOS apps are safer than Android platforms, but they won't recommend an iOS-only mandate. According to the report, this would widen the "digital divide" and marginalize low socio-economic families due to the price difference between Android and Apple phones.
Interestingly, 8% of schools in the study only offered iOS apps to students.