Privacy fears over websites sharing children's data

By Sean Coughlan
Education correspondent

  • Published
KeyboardImage source, PA
Image caption,
There are warnings about children's personal data being shared by websites

Websites and apps aimed at children are gathering unacceptable amounts of personal data, the Information Commissioner's Office has warned.

The UK's data protection agency took part in an international investigation looking at almost 1,500 websites popular with young people.

It found that one in five asked for phone numbers or pictures.

"These are concerning results," said Adam Stevens, head of the ICO's intelligence hub.

The investigation looked at how websites were harvesting large amounts of personal information, with half sharing children's data with third parties.

Lack of control

The research, co-ordinated by the Global Privacy Enforcement Network, an international umbrella group for privacy regulators, found concerns with 41% of the websites examined.

There were 50 UK-based websites among those investigated.

The study has not identified the names of the websites and apps, but Mr Stevens said they would be contacted and action could be taken against them to enforce changes.

It found that more than two in three gathered names and email addresses, with this information being passed on to other websites.

Less than a third of the websites had "effective control" of the information collected from children, and less than a quarter encouraged parental involvement.

Only a minority of websites had an accessible way for families to delete information that had been submitted.

Mr Stevens said: "These are concerning results. The attitude shown by a number of these websites and apps suggested little regard for how anyone's personal information should be handled, let alone that of children.

"Internationally, we saw some websites and apps gathering more information than we felt they needed, and sharing that data with third parties.

"The most common concern domestically was a lack of information being provided about how their information would be used.

"We saw generic privacy policies that simply weren't specific enough, and some without any information at all, which isn't good enough.

"We'll now be writing out to the sites and apps that caused us concern, making clear the changes we expect them to make.

"We wouldn't rule out enforcement action in this area if required."