Pixalate’s Q2 2025 Report Uncovers 240 US-Registered Mobile Apps Across Apple, Google App Stores Likely Violating COPPA, Jeopardizing Up to 15 Million Children’s Privacy Rights
According to new research from Pixalate, 88% of likely child-directed apps with ads share personal information in the advertising bid stream; 191 apps failed to provide the requisite ‘children’s privacy’ disclosure as specified under the COPPA Rule
London, Aug. 19, 2025 (GLOBE NEWSWIRE) -- Pixalate, the leading ad fraud protection, privacy, and compliance analytics platform, today released the Q2 2025 State of Children’s Privacy Risk Report for Mobile Apps. The analysis reveals significant privacy gaps found in mobile apps available to download on Google Play Store and Apple App Store, potentially violating the Children’s Online Privacy Protection Act (COPPA) by unlawfully collecting, using and sharing children’s personal information in the advertising bid stream.
Pixalate’s data science and legal teams evaluated 24,561 mobile apps classified as likely child-directed pursuant to Pixalate’s COPPA Methodology, and identified 240 U.S.-registered, advertising-enabled apps (e.g., with app-ads.txt, open programmatic ad traffic) that are likely violating COPPA, placing the online privacy and safety of up to 15 million lifetime app users– majority likely children–in jeopardy.
Key Findings Raise Concerns About Children’s Data Privacy
- Privacy Policy Deficiencies. 191 (80%) of 240 covered apps that are likely violating COPPA failed to provide adequate disclosures regarding their collection, processing, or use of children’s personal information
- Data Transmission Practices. 15 (88%) out of 17 likely child-directed covered apps that did not have privacy notices/policies and transmitted children’s Device IDs in the advertising bid stream, as measured by Pixalate
- Platform Distribution. 240 U.S.-registered apps that are likely non-compliant under COPPA across the Google Play and Apple App Store have collectively accumulated over 15 million Lifetime App Users
- Advertising Network Integrations. Google Ad Exchange appeared in the app-ads.txt files of 200 (83%) covered apps identified as likely non-compliant under COPPA
Understanding COPPA and Children’s Personal Information
The COPPA Rule regulates the online collection of personal information from children under 13 years old. Under COPPA guidelines, personal information encompasses individually identifiable data collected online, including:
- Location
- Home or other physical address
- Contact information and security numbers
- Persistent identifiers such as IP addresses and device identifiers
- Photographs, videos, or audio recordings containing a child’s voice or image.
Top 5 US-Registered Likely Non-Compliant Mobile Apps under COPPA - Apple App Store
| Rank | App | Developer | Developer Country | Lifetime App Users (US) |
| 1 | Magic Jigsaw Puzzles-Games HD | XIMAD, Inc. | UNITED STATES | 1.2M |
| 2 | 7 Little Words and More | Blue Ox Family Games, Inc. | UNITED STATES | 596K |
| 3 | Monkey Wrench - Word Search | Blue Ox Family Games, Inc. | UNITED STATES | 139K |
| 4 | Art of Puzzles - Jigsaw Games | XIMAD, Inc. | UNITED STATES | 106K |
| 5 | Dog Game - The Dogs Collector! | MinoMonsters Inc. | UNITED STATES | 98K |
Top 5 US-Registered Likely Non-Compliant Mobile Apps under COPPA - Google Play Store
| Rank | App | Developer | Developer Country | Lifetime App Users (US) |
| 1 | Mini Block Craft | StartourMobs | UNITED STATES | 1.9M |
| 2 | Magic Jigsaw Puzzles-Games HD | ZiMAD | UNITED STATES | 1.9M |
| 3 | 7 Little Words | Blue Ox Family Games, Inc. | UNITED STATES | 902K |
| 4 | Addons for Minecraft | Kayen Works | UNITED STATES | 852K |
| 5 | Sailor Cats | Platonic Games | UNITED STATES | 774K |
Methodology
Pixalate’s data science and legal teams analyzed 24,561 mobile devices using the following criteria:
- Platform Availability. Apps downloadable from the Google Play Store and the Apple App Store during Q2 2025
- Classification. Apps identified as likely child-directed, determined by Pixalate’s COPPA Methodology
- Advertising Integration. Apps with programmatic advertising traffic impressions targeted towards consumers within the United States. Apps with ads may also contain app-ads.txt files as detected by Pixalate’s technology or one of Pixalate’s third-party licensors
- Policy Analysis. Privacy policies were primarily crawled during Q2 2025 96%), while Pixalate crawled the remaining 4% of apps during Q1 2025
The complete methodology and detailed findings are available in the full report, which is available for download here.
About Pixalate
Pixalate is a global platform specializing in privacy compliance, ad fraud prevention, and digital ad supply chain data intelligence. Founded in 2012, Pixalate is trusted by regulators, data researchers, advertisers, publishers, ad tech platforms, and financial analysts across the Connected TV (CTV), mobile app, and website ecosystems. Pixalate is accredited by the MRC for the detection and filtration of Sophisticated Invalid Traffic (SIVT). pixalate.com
Disclaimer
The content of this press release, and the Q2 2025 State of Children’s Privacy on Mobile Apps Report (the ‘report’) - including all content set forth herein, reflect Pixalate’s opinions with respect to the factors that Pixalate believes can be useful to the digital media industry, inclusive of advertisers, advertising technology companies, developers of mobile applications, professional advisors, non-governmental entities, and regulators. Pixalate is sharing this report’s data–and opinions relating thereto–not to impugn the standing or reputation of any entity, person, or app, but, instead, to report opinions and suggest trends pertaining certain apps available for download via the Apple App Store & Google Play Store during the time period studied. Any data shared is grounded in Pixalate’s proprietary technology and analytics, which Pixalate is continuously evaluating and updating. Any references to outside sources should not be construed as endorsements. Pixalate’s opinions are just that, opinions, which means that they are neither facts nor guarantees.
It is important to note that the mere fact that an app appears to be directed to children or is deemed likely child-directed (e.g., data subjects under 13 years of age, as defined by COPPA), does not mean that any such app, or its operator, is failing to comply with COPPA. Further, with respect to apps that appear to be directed to children and have characteristics that, in Pixalate’s opinion, may trigger related privacy obligations and/or risk, such assertions reflect Pixalate’s opinions (i.e., they are neither facts nor guarantees); and, although Pixalate’s methodologies used to render such opinions are derived from automated processing, which at times is coupled with human intervention, no assurances can be – or are – given by Pixalate with respect to the accuracy of any such opinions.
Nina Talcott ntalcott@pixalate.com
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
