Data handling practices and commercial features of apps related to children: a scoping review of content analyses

BACKGROUND: Child interaction (including via parent proxy) with mobile apps is common, generating concern about children’s privacy and vulnerability to advertising and other commercial interests. Researchers have conducted numerous app content evaluations, but there is less attention to data sharing or commercial practices. OBJECTIVE: This scoping review of commercial app evaluation studies describes the nature of such evaluations, including assessments of data privacy, data security and app-based advertising. METHODS: We searched Scopus, PubMed, Embase and ACM Digital Library (2005–2020). We included studies that evaluated the properties of apps available through commercial app stores and targeted children, parents of a child (0–18 years) or expectant parents. Data extracted and synthesised were study and app user characteristics, and app privacy, data sharing, security, advertisement and in-app purchase elements. RESULTS: We included 34 studies; less than half (n=15; 44.1%) evaluated data privacy and security elements and half (n=17; 50.0%) assessed app commercial features. Common issues included frequent data sharing or lax security measures, including permission requests and third-party data transmissions. In-app purchase options and advertisements were common and involved manipulative delivery methods and content that is potentially harmful to child health. CONCLUSIONS: Research related to the data handling and the commercial features of apps that may transmit children’s data is preliminary and has not kept pace with the rapid expansion and evolution of mobile app development. Critical examinations of these app aspects are needed to elucidate risks and inform regulations aimed at protecting children’s privacy and well-being.