For Parents

• What can we do to protect children's privacy while using parental control solutions?

  Limit the information supplied to the parental control solution, and consider using generic names for profiles within these solutions (e.g., use John/Jane Doe as name).

• How can I know which information is being collected by the application?

  The simplest way to get an idea about which information a mobile app accesses is through the permissions it requests. If an app asks for an unreasonable amount of sensitive permissions, such as camera and microphone access, try to disable these permissions. If the app cannot operate without them, consider switching to a different app if you are not comfortable sharing that information. Please see our Results Summary if the solution you use has been analyzed.

• Where can I find information about a particular solution's security?

  We have investigated a selection of the most popular parental control applications and devices for bad security practices and threats. Scorecards rating the privacy and security of each solution can be found in the results summary. If these scorecards show particularly bad scores in multiple categories, it might be time to switch to a safer solution.

For Developers

• How can we develop a secure product?

  Parental control companies should rely on publicly available guidelines and best practices, including proper API authentication and web security standards. We also strongly encourage companies to adopt a strong password policy in their products, because the use of default, weak and stolen credentials has been exploited in many known data breaches. In the case of network devices, manufacturers should employ a secure firmware update architecture. Adopting known best practices is critical due to the especially vulnerable user base of these products.

• How can we find and address vulnerabilities?

  Because of the sensitivity of the information manipulated by parental control apps and devices, companies should conduct regular security audits. Moreover, they should have a process to address vulnerabilities such as responsible disclosure or bug bounty programs. The security and privacy evaluation methodology that we developed can also be considered.

• What do we do in case of suspicious activity?

  Parental control solutions should report suspicious activities on the parent’s account such as password changes and accesses from unrecognized devices. These activities could indicate account compromise.

• What is the best practice in personal data collection?

  Parental control tools should limit the collection, storage, and transmission of the children’s data to what is strictly necessary. For instance, the tool should not store PII which is not required for the tool’s functionality. The parental control tools should also allow the parent to selectively opt-out of the data collection in certain features.

• How do we transmit senstive data (e.g., child's location)?

  Transmission of sensitive data or personally identifiable information should happen exclusively over secure communication channels (TLS 1.2/1.3). The solution should utilize MITM mitigation techniques such as host white-listing, certificate pinning, and HSTS.

• To what extent can we incorporate trackers into our application?

  Parental control tools should limit the usage of trackers and tracking SDKs in apps intended for children. For example, Branch prohibits the use of their SDKs in any apps or websites that are directed to children under 13. This is to limit the data collection from children to comply with COPPA. Some SDKs also have limited modes of operation where they do not collect as much data. These limited features should be used where possible. The best practice should be the complete avoidance of using any tracking services.