← Kids & Education
F

YouTube Kids

Fail
Google · 🇺🇸 United States
PolicyApp PermissionsNetwork TrafficFirmwareRegulatory
Technical details
App: YouTube Kids
Manufacturer: Google

⚠️ The bottom line

$170 million FTC fine — the largest children's privacy penalty in history. Google knew viewers were children. It tracked them anyway. It targeted ads at them anyway. YouTube Kids was supposed to be the fix. Researchers found the "safe" app still served inappropriate content and still collected data. The apology app has the same disease as the original. A child opened YouTube Kids and watched Peppa Pig drink bleach. It was a fake video the algorithm recommended. Spider-Man urinating on Elsa. Violent cartoons styled to look like children's content. The "safe" app relies on algorithms that can't tell the difference between real Peppa Pig and nightmare fuel designed to traumatise children.

Legal jurisdiction
🇺🇸 United States (headquarters)
CLOUD Act read more →
US govt can demand your data from this company even if stored overseas
FISA §702 / PRISM read more →
NSA collects stored emails, photos, messages without individual warrants
Geofence warrants read more →
Police can demand location data for everyone near a crime scene
Spying
0/4 N/A
Is someone spying on me?
Data Sharing
2/4 MODERATE
Who gets my data?
Kids at risk
Security
0/4 N/A
Is it actually secure?
Honesty
2/4 MODERATE
Can I trust what they say?
Kids at risk
ACCEPTABLE Moderate concerns. Standard privacy hygiene applies.
2Contradictions
2Critical
0High
0Medium
2Sources
Findings by concern
Data Sharing 2/4 MODERATE 1 finding
⚠️ criticalmarketing vs regulatory
$170 million FTC fine — the largest children's privacy penalty in history. Google knew viewers were children. It tracked them anyway. It targeted ads at them anyway. YouTube Kids was supposed to be the fix. Researchers found the "safe" app still served inappropriate content and still collected data. The apology app has the same disease as the original.

What they claim: YouTube Kids promoted as a safe, kid-friendly video experience

What we found: The FTC fined Google $170 million in 2019 — the largest COPPA fine in history at the time — for collecting children's personal data through YouTube to target ads without parental consent. Google tracked children across YouTube to build advertising profiles, then served targeted ads to viewers it knew were under 13. YouTube Kids was created as a response, but researchers found the "kid-safe" app still contained inappropriate content and data collection.

Honesty 2/4 MODERATE 1 finding
⚠️ criticalmarketing vs third party research
A child opened YouTube Kids and watched Peppa Pig drink bleach. It was a fake video the algorithm recommended. Spider-Man urinating on Elsa. Violent cartoons styled to look like children's content. The "safe" app relies on algorithms that can't tell the difference between real Peppa Pig and nightmare fuel designed to traumatise children.

What they claim: YouTube Kids promoted as curated, safe content for children

What we found: Researchers found YouTube Kids served disturbing content including fake Peppa Pig videos showing characters drinking bleach, Spider-Man urinating on Elsa, and violent Minecraft animations. The algorithmic recommendation system promoted increasingly extreme content to children. Despite content moderation, the volume of uploads made comprehensive screening impossible.

What happened to real people
Documented incidents involving Google products and user data.
Jorge Molina jailed 6 days for murder via geofence warrant based on Google Sensorvault location data. Lost job, car, reputation. Charges never filed. [source]
PRISM participant since 2009. NSA collects stored communications. FBI conducts warrantless 'backdoor searches' of American data using names and email addresses. [source]
Google received 180 geofence warrants per week by 2019. Each warrant searches tens of millions of accounts. Supreme Court hearing constitutionality (Chatrie v. United States). [source]
What your data is worth to governments
Google complied with 235,000 government data requests in H1 2024. That's +530% over 10 years. Google has been a confirmed PRISM participant since 2009. Under this programme, the NSA collects stored communications. The company is legally prohibited from telling you. Jurisdiction: US (CLOUD Act, FISA Section 702, Patriot Act).
Documented: Jorge Molina jailed 6 days for murder via geofence warrant based on Google Sensorvault location data. Lost job, car, reputation. Charges never filed.
Documented: PRISM participant since 2009. NSA collects stored communications. FBI conducts warrantless 'backdoor searches' of American data using names and email addresses.
What is PRISM? · What is the CLOUD Act? · Transparency report
Sources