Feb. 17, 2012 -- It's been a heck of a week when it comes to app security issues.
Just after Congress took issue with Apple on its address book and app privacy issues, the Federal Trade Commission has issued a report pushing Apple and Google to better police the security in applications for children.
"Companies that operate in the mobile marketplace provide great benefits, but they must step up to the plate and provide easily accessible, basic information, so that parents can make informed decisions about the apps their kids use," FTC Chairman Jon Leibowitz said in a statement.
"Right now, it is almost impossible to figure out which apps collect data and what they do with it. The kids app ecosystem needs to wake up, and we want to work collaboratively with industry to help ensure parents have the information they need," he added.
The 23-page report calls the current privacy disclosures "dis app ointing" (yes, "app" is italicized in the report), and after looking at hundreds of children's apps, including learning and gaming options, the report recommends that the app stores, developers and third parties improve how and what information is provided to parents about the app.
It goes on to suggest concrete ideas of how that can be done: "App developers should provide this information through simple and short disclosures or icons that are easy to find and understand on the small screen of a mobile device." The full report can be read here.
Apple already responded to similar security concerns earlier in the week with a statement detailing that it would be taking steps to be more transparent about what personal information is being accessed or stored by applications.
"We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release," Apple wrote.
Apple did not have any further comment in response to the FTC report focusing on children's apps.
Google, on the other hand, has promised to review the report. "We are reviewing the FTC's report," Google spokesperson Randall Sarafa told ABC News. "From the beginning, Android has had an industry-leading permission system, which informs consumers what data an app can access and requires user approval before installation. Additionally, we offer parental controls and best practices for developers to follow when designing apps that handle user data."
On an Android device, there is a helpful list of permissions (location, etc.), but the disclosures are fairly buried and do not always include what the app does with the access. Rovio, the developer of the popular game, did not respond for comment.
A company like Duck Duck Moose, which develops apps like Wheels on the Bus and Itsy Bitsy Spider, does not collect any information from users.
"We do not ask users to provide any information and we do not collect any information about users, their devices or usage of our mobile applications," Caroline Hu Flexer, the co-founder of the company told ABC News. However, while that policy is listed on its website, it is buried in the applications. Hu Flexer said the company would appreciate more flexiblity in the app store to display privacy policies.
Michael Kaiser, executive director of the National Cyber Security Alliance, is calling for the same thing.
"Anything that developers can do to make privacy controls and permission settings more prominent and easier to navigate is helpful to parents and to users in general," he said.
And that's the message of the week. This FTC report along with the issues earlier surrounding application data storage without user's knowledge has privacy advocates calling for Google, Apple and the application developers to promptly start providing simpler and more obvious disclosures. And that's not just for the sake of the kids.