Researchers from a nonprofit organization called the Me2ba Alliance recently looked at a large number of apps used by schools all around the country. The researchers were concerned that these apps, based on readily available software development kits, might be leaking data on children to third parties and advertisers. The study looked at 73 apps in use by 38 schools in 14 states across the nation.
The researchers found that 60 percent of the apps were sending student data to various third parties, and roughly half the apps are sending data to Google. In fact, the study found that every Android app in use was sending data to Google. Another 14 percent of the apps in the study were sending data to Facebook.
Researchers found that, on average, there were 10.6 third-party data channels present in each of the apps they investigated. Researchers examine the apps by looking at their software development kits, which are prepackaged code modules provided to developers. SDKs run in the background and rarely asked for consent before sending data to a third-party developer.
The study identified 56 unique SDKs used by most apps, with the majority of them owned by major tech companies. The tech companies include Google, Facebook, Apple, Amazon, Square, and Twitter. Researchers further arranged the apps into medium-risk SDKs and very high-risk SDKs. The medium risk were design for utility purposes with a very high-risk design for advertising and monetization. In all, 18 percent of the apps in the study were placed into the very high-risk category.