A flaw in a Facebook app designed for children under 13 years old allows them to chat online with people unapproved by their parents.
The messaging app is designed to give parents control over who their kids text and video chat with online, but a bug in the software lets a contact approved to chat with one child to talk to another without the approval of the second child’s parents.
In the message to parents, Facebook included links to the FAQ for the app, to the parent’s control center for the software, and to a feedback page.
The breakdown in parental control occurs when a child is part of a group chat. Any person chatting one-on-one must be approved by the child’s parents. In group chat, however, the organizer of the group may invite members who are cleared to communicate with the organizer but not cleared to talk to some other members of the group. The bug in the app allows all group members to chat with each other whether approved by a parent not.
Data collection issues about Messenger Kids arose just months after the app launched in 2018. The Parent Coalition for Student Privacy, based in Boston, filed a complaint with the U.S. Federal Trade Commission alleging Messenger Kids violated the federal Children’s Online Protection Act.
Facebook’s app collected personal information from children as young as five without obtaining verifiable parental consent, and failed to provide parents with clear and complete disclosures of Facebook’s data practices, the group maintained in its complaint.