Privacy Report Card for Parental Control Solutions
What can we do to protect children's privacy while using parental control solutions?
Limit the information supplied to the parental control solution, and consider using generic names for profiles within these solutions (e.g., use John/Jane Doe as name).
How can I know which information is being collected by the application?
The simplest way to get an idea about which information a mobile app accesses is through the permissions it requests. If an app asks for an unreasonable amount of sensitive permissions, such as camera and microphone access, try to disable these permissions. If the app cannot operate without them, consider switching to a different app if you are not comfortable sharing that information. Please see our Results Summary if the solution you use has been analyzed.
Where can I find information about a particular solution's security?
We have investigated a selection of the most popular parental control applications and devices for bad security practices and threats. Scorecards rating the privacy and security of each solution can be found in the results summary. If these scorecards show particularly bad scores in multiple categories, it might be time to switch to a safer solution.
How can we develop a secure product?
Parental control companies should rely on publicly available
guidelines and best practices, including proper
API authentication and web
security standards. We also strongly encourage companies to adopt a strong
password policy in their products, because the use of default, weak and stolen
credentials has been exploited in many known data
breaches. In the case of network devices, manufacturers should employ a secure
firmware update architecture. Adopting known best practices is critical due
to the especially vulnerable user base of these products.
How can we find and address vulnerabilities?
Because of the sensitivity of the information manipulated by parental
control apps and devices, companies should conduct regular security audits.
Moreover, they should have a process to address vulnerabilities such as
responsible disclosure or bug bounty programs. The security and privacy
evaluation methodology that we developed can also be considered.
What do we do in case of suspicious activity?
Parental control solutions should report suspicious activities on the
parent’s account such as password changes and accesses from unrecognized
devices. These activities could indicate account compromise.
What is the best practice in personal data collection?
Parental control tools should limit the collection, storage, and transmission of the children’s data to what is strictly necessary. For instance, the tool should not store PII which is not required for the tool’s functionality. The parental control tools should also allow the parent to selectively opt-out of the data collection in certain features.
How do we transmit senstive data (e.g., child's location)?
Transmission of sensitive data or personally identifiable information
should happen exclusively over secure communication channels (TLS 1.2/1.3). The
solution should utilize MITM mitigation techniques such as host white-listing,
certificate pinning, and HSTS.
To what extent can we incorporate trackers into our application?
Parental control tools should limit the usage of trackers and
tracking SDKs in apps intended for children. For example, Branch prohibits the
use of their SDKs in any apps or websites that are directed to children under
13. This is to limit the data collection from children to comply with COPPA.
Some SDKs also have limited modes of operation where they do not collect as
much data. These limited features should be used where possible. The best
practice should be the complete avoidance of using any tracking services.