Apps targeted at Children removed from the App Store for failing to have a privacy policy

Following on from the ICO’s Children’s Code which has now come into effect (you can read our full breakdown for what this means for your school here), a recent study from Pixalate has shown some worrying statistics that have come out of a host of apps that Apple and Google have delisted from their respective app stores, most of which are targeted at children. In total there were over 813,000 apps delisted, with over 86% of them targeted at children aged 12 and under.  

Some worrying statistics from Google’s delisted apps saw that 66% of the apps had ‘dangerous permissions’, 27% could access their user’s location, and scarily 19% could access the camera. A lack of privacy policy seems to be one of the main reasons for apps being delisted however, with 60% of Apple’s delisted apps from China failing to have a privacy policy in place to protect users’ data, and 26% of Google’s delisted apps in Russia also not having one in place. 

The report highlights once again how much of a push there needs to be to protect children’s personal information when online, and how key the ICO’s Children’s Code must be going forward with Third Parties being key players in ensuring the safety of children’s data.

The full report by Pixalate can be found here.

Apple’s new software update is a great step forward in allowing users to take control of how their personal information is being used

Following on from the story above, Apple appears to be the industry leader in ensuring their user’s personal information is being protected from those who wish to use it without our permission. 

Apple’s new IOS15 builds on the previous year’s groundbreaking changes as far as data privacy is concerned, by providing numerous improvements that allow users to control how their personal information is shared with third parties. A new privacy menu will break down the data that different apps have about you, and what permissions you have given them. It will then be able to tell you how many times each app has accessed, for example, your microphone or camera. 

Another key change is aimed at preventing email tracking, with iOS 15 now allowing users to open marketing emails to prevent their location and the time they opened the email from being shared with the sender. One other piece of security that comes with iOS 15 is that when users open Safari, they will be given a privacy report which tells you how many times Safari has prevented trackers from profiling you and hidden your IP address from known trackers in the last 7 days.

The privacy updates that come with Apple’s new OS will be a welcome improvement to users and it’s great to see a company like Apple who holds personal information for 100’s of millions of people treat data privacy as seriously as they are, particularly with the increase in cyber attacks that are taking place, more of which can be read here.

A record £42 million in ICO fines for 2020/21

A study conducted by a law firm named RPC has found that fines for data protection breaches by the Information Commissioner’s Office have risen in the past financial year by 1580%, with a record £42 million worth of fines being handed out. A large percentage of this amount however represents only two high profile cases, where British Airways were fined £20 million as a result of a cyber-attack that left the personal data of 429,612 customers and staff at risk in 2018.

The other large profile case was that of Marriott International Hotels, who were fined £18.4 million due to a weakness in their security which saw the information of 339 million (yes, 339 million) guests being exposed. What is perhaps even more eye-opening than seeing the sum of these huge fines, is that they could have been even bigger. The ICO cited the COVID-19 pandemic, and the subsequent economic pressure it has put on both businesses as reasons for their more lenient fines. 

Once again cyber attacks seem to be a key threat and a catalyst for the record fines we are seeing, and the higher-profile cases of British Airways and Marriott International Hotels can be good examples of illustrating the importance of ensuring cyber security protocols are put in place in schools to best protect data and personal information.