惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
LangChain Blog
Scott Helme
Scott Helme
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Stack Overflow Blog
Stack Overflow Blog
Forbes - Security
Forbes - Security
T
The Blog of Author Tim Ferriss
Y
Y Combinator Blog
S
Schneier on Security
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
N
News | PayPal Newsroom
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Project Zero
Project Zero
Cyberwarzone
Cyberwarzone
Vercel News
Vercel News
M
MIT News - Artificial intelligence
云风的 BLOG
云风的 BLOG
Google Online Security Blog
Google Online Security Blog
Simon Willison's Weblog
Simon Willison's Weblog
MongoDB | Blog
MongoDB | Blog
Martin Fowler
Martin Fowler
T
Tenable Blog
I
InfoQ
W
WeLiveSecurity
Google DeepMind News
Google DeepMind News
G
Google Developers Blog
D
DataBreaches.Net
博客园 - Franky
Know Your Adversary
Know Your Adversary
Spread Privacy
Spread Privacy
S
Security @ Cisco Blogs
Hacker News: Ask HN
Hacker News: Ask HN
J
Java Code Geeks
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
F
Full Disclosure
C
Cisco Blogs
Google DeepMind News
Google DeepMind News
P
Proofpoint News Feed
C
CXSECURITY Database RSS Feed - CXSecurity.com
The Cloudflare Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
I
Intezer
The GitHub Blog
The GitHub Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
F
Fortinet All Blogs
Jina AI
Jina AI
V
Visual Studio Blog
L
LINUX DO - 热门话题
WordPress大学
WordPress大学
aimingoo的专栏
aimingoo的专栏

Tech

CBA chief economist Luke Yeaman talks down risk of ‘AI bubble’ at Australian Defence Industry Accelerator Summit The Industry Speaks, Part 1: AI Appreciation Day 2026 Open banking expands as non-bank lenders join Consumer Data Right Telstra CEO says she is ‘deeply sorry’ for nationwide outage Army uses AI-enabled recon drones in Exercise Southern Jackaroo Telstra finds secondary outage issue impacting 000 as government notes a Telstra finds secondary outage issue impacting 000 Telstra outage: Ministers, experts, and academics respond; ACMA to conduct full investigation 000 calls and Melbourne trains impacted by Telstra outage Kinetic IT launches AI engineering division to accelerate enterprise AI deployment US government lifts access controls on Anthropic’s Claude Fable 5 and Mythos 5 WA announces data science, artificial intelligence training program with industry, UK’s Faculty Civil liberties org rails against deployment of facial recognition tech by WA Police CrowdStrike expands QuiltWorks alliance with Amazon Web Services Vodafone urgently investigating outage impacting millions of Aussies Space Centre Australia debuts ASTRIS mission artificial intelligence at Australian Space Summit Is AI profitable yet? One website seeks to answer that question Report: Australians' faith in AI is almost non-existent Monash researchers unveil breakthrough photonic chip for next-generation AI and quantum computing Report: AI-based data incidents on the rise in Australia Anthropic launches dedicated Claude Security platform to public beta Ukrainian official advocates for artificial intelligence, autonomous drones for battlefield deployment CrowdStrike launches Project QuiltWorks to tackle skyrocketing AI-discovered vulnerabilities Outsiders are already accessing Anthropic’s new AI model, but is Claude Mythos really that powerful? Kinetic IT appoints Kishore Jayaram in new chief transformation officer role Anthropic launches Claude Opus 4.7 as researchers reveal fake Claude installer spreading malware US Federal Communications Commission announces ban on foreign-made consumer routers Australian arm of clothing retailer Lululemon fined $702k over spam breaches Not on our watch: Coles, Palantir respond to GetUp anti-surveillance campaign Kinetic IT earns fifth Deloitte Best Managed Companies award Inside Genetec: How a once-hardware-centric sector has become a software battleground Rubrik reveals Agent Cloud to secure agentic AI in the enterprise Sausage watch: What are the implications of this week’s Bunnings facial recognition ruling? Kinetic IT appoints Jeremy O’Donohue to lead state government and critical infrastructure portfolio Kinetic IT awarded ICT contract with Department of Defence Send nudes: SecDef Hegseth announces Grok rollout at the Pentagon UNSW lands $3m next-gen AI defence contract ServiceNow announces acquisition of Armis Axonius denies reports of Cisco acquisition
Report: Data collection by school-backed apps in Australia is out of control and a risk to kids
David Hollingworth · 2026-04-20 · via Tech

New research by the UNSW Institute for Cyber Security reveals that most applications backed by various departments of education around the country start harvesting children’s data almost immediately.

A raft of smartphone apps – all endorsed by schools around Australia – have been found to begin harvesting user data before the app has even been accessed and sharing children’s data within seconds of use.

An audit by the University of New South Wales’ Institute for Cyber Security found glaring issues with almost 200 school-backed apps, with 89.3 transmitting data to third parties before any interaction with the app in question.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

The harvested data, the audit found, includes device identifiers, location metadata and “other sensitive information”.

Dr Rahat Masood, a cyber security expert at UNSW, said even simply opening an app would lead to the transfer of user data.

“Telemetry data, which mainly refers to tracker-related identifiers and used for the automatic collection and transmission of data to remote servers,” Masood said of the data harvested.

“Despite just opening the app and not using any educational feature, it is still transferring a lot of information that is sensitive and can actually identify your device.”

In addition, more than 65 per cent of apps include some form of embedded tracking or analytics tool, such as Firebase, Facebook SDK or Unity Analytics – apps, UNSW said, that have zero educational purpose.

“None of these are needed to actually run the educational apps,” Masood said.

Just as worrying, the vast majority of privacy policies were considered easy to read, with 97 per cent requiring at least a university-level education to understand.

“Nobody will understand these terminologies and jargon,” Masood said.

“Comprehension, readability understandability – all these metrics that we analysed were all very bad.”

Perhaps more damning, many apps that claimed to not collect data were doing so within moments of use.

“We matched the privacy policy with the dynamic analysis – when the app is running, whether it is collecting the data and whether it is mentioned in the privacy policy or not,” Masood said.

“Only one in four were matching. Some of the policies appear to have been generated using AI tools.”

According to Masood, while the various departments of education maintain lists of approved and assessed apps, the level of actual assessment falls far short.

“They look at very high-level details and they don’t download the app – they don’t do the dynamic analysis, they don’t go through the accessibility and readability of the privacy policies,” Masood said.

Masood and the team behind the study – UNSW researchers Sicheng Jin, Jung-Sook Lee, and Hye-Young (Helen) Paik – are working on a “traffic light” system to give parents the information they need to understand how these apps work and what they collect.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.