惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
WordPress大学
WordPress大学
博客园 - 【当耐特】
Engineering at Meta
Engineering at Meta
IT之家
IT之家
Apple Machine Learning Research
Apple Machine Learning Research
小众软件
小众软件
美团技术团队
S
SegmentFault 最新的问题
The GitHub Blog
The GitHub Blog
Martin Fowler
Martin Fowler
Recorded Future
Recorded Future
H
Help Net Security
aimingoo的专栏
aimingoo的专栏
Y
Y Combinator Blog
博客园_首页
A
About on SuperTechFans
MongoDB | Blog
MongoDB | Blog
阮一峰的网络日志
阮一峰的网络日志
V
Visual Studio Blog
D
DataBreaches.Net
人人都是产品经理
人人都是产品经理
大猫的无限游戏
大猫的无限游戏
B
Blog
The Register - Security
The Register - Security
I
InfoQ
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
雷峰网
雷峰网
Last Week in AI
Last Week in AI
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
月光博客
月光博客
酷 壳 – CoolShell
酷 壳 – CoolShell
Blog — PlanetScale
Blog — PlanetScale
N
Netflix TechBlog - Medium
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
有赞技术团队
有赞技术团队
Stack Overflow Blog
Stack Overflow Blog
Jina AI
Jina AI
Security Archives - TechRepublic
Security Archives - TechRepublic
Hacker News - Newest:
Hacker News - Newest: "LLM"
U
Unit 42
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
W
WeLiveSecurity
Latest news
Latest news
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 叶小钗
L
Lohrmann on Cybersecurity
博客园 - Franky
Recent Commits to openclaw:main
Recent Commits to openclaw:main
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

Tech

CBA chief economist Luke Yeaman talks down risk of ‘AI bubble’ at Australian Defence Industry Accelerator Summit The Industry Speaks, Part 1: AI Appreciation Day 2026 Open banking expands as non-bank lenders join Consumer Data Right Telstra CEO says she is ‘deeply sorry’ for nationwide outage Army uses AI-enabled recon drones in Exercise Southern Jackaroo Telstra finds secondary outage issue impacting 000 as government notes a Telstra finds secondary outage issue impacting 000 Telstra outage: Ministers, experts, and academics respond; ACMA to conduct full investigation 000 calls and Melbourne trains impacted by Telstra outage Kinetic IT launches AI engineering division to accelerate enterprise AI deployment US government lifts access controls on Anthropic’s Claude Fable 5 and Mythos 5 WA announces data science, artificial intelligence training program with industry, UK’s Faculty Civil liberties org rails against deployment of facial recognition tech by WA Police CrowdStrike expands QuiltWorks alliance with Amazon Web Services Vodafone urgently investigating outage impacting millions of Aussies Space Centre Australia debuts ASTRIS mission artificial intelligence at Australian Space Summit Is AI profitable yet? One website seeks to answer that question Report: Australians' faith in AI is almost non-existent Monash researchers unveil breakthrough photonic chip for next-generation AI and quantum computing Report: AI-based data incidents on the rise in Australia Anthropic launches dedicated Claude Security platform to public beta Ukrainian official advocates for artificial intelligence, autonomous drones for battlefield deployment CrowdStrike launches Project QuiltWorks to tackle skyrocketing AI-discovered vulnerabilities Outsiders are already accessing Anthropic’s new AI model, but is Claude Mythos really that powerful? Kinetic IT appoints Kishore Jayaram in new chief transformation officer role Anthropic launches Claude Opus 4.7 as researchers reveal fake Claude installer spreading malware US Federal Communications Commission announces ban on foreign-made consumer routers Australian arm of clothing retailer Lululemon fined $702k over spam breaches Not on our watch: Coles, Palantir respond to GetUp anti-surveillance campaign Kinetic IT earns fifth Deloitte Best Managed Companies award Inside Genetec: How a once-hardware-centric sector has become a software battleground Rubrik reveals Agent Cloud to secure agentic AI in the enterprise Sausage watch: What are the implications of this week’s Bunnings facial recognition ruling? Kinetic IT appoints Jeremy O’Donohue to lead state government and critical infrastructure portfolio Kinetic IT awarded ICT contract with Department of Defence Send nudes: SecDef Hegseth announces Grok rollout at the Pentagon UNSW lands $3m next-gen AI defence contract ServiceNow announces acquisition of Armis Axonius denies reports of Cisco acquisition
Report: Data collection by school-backed apps in Australia is out of control and a risk to kids
David Hollingworth · 2026-04-20 · via Tech

New research by the UNSW Institute for Cyber Security reveals that most applications backed by various departments of education around the country start harvesting children’s data almost immediately.

A raft of smartphone apps – all endorsed by schools around Australia – have been found to begin harvesting user data before the app has even been accessed and sharing children’s data within seconds of use.

An audit by the University of New South Wales’ Institute for Cyber Security found glaring issues with almost 200 school-backed apps, with 89.3 transmitting data to third parties before any interaction with the app in question.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

The harvested data, the audit found, includes device identifiers, location metadata and “other sensitive information”.

Dr Rahat Masood, a cyber security expert at UNSW, said even simply opening an app would lead to the transfer of user data.

“Telemetry data, which mainly refers to tracker-related identifiers and used for the automatic collection and transmission of data to remote servers,” Masood said of the data harvested.

“Despite just opening the app and not using any educational feature, it is still transferring a lot of information that is sensitive and can actually identify your device.”

In addition, more than 65 per cent of apps include some form of embedded tracking or analytics tool, such as Firebase, Facebook SDK or Unity Analytics – apps, UNSW said, that have zero educational purpose.

“None of these are needed to actually run the educational apps,” Masood said.

Just as worrying, the vast majority of privacy policies were considered easy to read, with 97 per cent requiring at least a university-level education to understand.

“Nobody will understand these terminologies and jargon,” Masood said.

“Comprehension, readability understandability – all these metrics that we analysed were all very bad.”

Perhaps more damning, many apps that claimed to not collect data were doing so within moments of use.

“We matched the privacy policy with the dynamic analysis – when the app is running, whether it is collecting the data and whether it is mentioned in the privacy policy or not,” Masood said.

“Only one in four were matching. Some of the policies appear to have been generated using AI tools.”

According to Masood, while the various departments of education maintain lists of approved and assessed apps, the level of actual assessment falls far short.

“They look at very high-level details and they don’t download the app – they don’t do the dynamic analysis, they don’t go through the accessibility and readability of the privacy policies,” Masood said.

Masood and the team behind the study – UNSW researchers Sicheng Jin, Jung-Sook Lee, and Hye-Young (Helen) Paik – are working on a “traffic light” system to give parents the information they need to understand how these apps work and what they collect.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.