The Office of the Australian Information Commissioner (OAIC) this week will be assessing the privacy controls of 44 websites and mobile apps aimed at children aged 12 and under.
The OAIC is taking part in the third annual Global Privacy Enforcement Network (GPEN) privacy sweep.
Australian Privacy Commissioner Timothy Pilgrim said the sweep will check if the website or app collects children’s personal information and if so, whether controls exist to limit the collection of information.
The sweep will also assess if the websites or apps seek parental involvement, whether they allow users to be redirected off the site, if they make it easy to delete personal information and if privacy communications are tailored for children with simple language, large print, audio or animation.
“Another aspect we will examine is whether the websites and apps make it easy for parents to delete any personal information that has been collected about their child,” said Pilgrim.
The privacy sweep results will be released later in 2015.
According to Pilgrim, the results will help the OAIC to provide useful information to organisations about ways that they can protect the privacy of children, and to parents about any privacy issues they should be aware of when their children are using websites and apps.
Earlier this month the OAIC released the results of a website privacy assessment that focussed on the requirements of Australian Privacy Principle One (APP 1).
APP 1 covers the open and transparent management of personal information.
Pilgrim assessed websites belonging to a number of organisations including ANZ Bank, the Commonwealth Bank, the Department of Human Services, Westpac, Fairfax, and The Guardian Australia.
Five privacy policies did not outline how an individual could request access or correction of their personal information.
Eight privacy policies did not mention how the organisation would deal with a privacy complaint it may receive.
Five policies did not describe how the company protects the personal information they hold while four privacy policies did not outline whether the organisation was likely to disclose personal information overseas and the countries in which the recipients were located.
Follow Hamish Barwick on Twitter: @HamishBarwick