Major tech companies such as Facebook and more have special apps designed for kids which work around the premise that children should not interact with people who have not been approved by their parents. Now recently, a bug has been discovered in the Facebook Messenger Kids app which lets unauthorised users bypass security filters allowing children to enter group chats with strangers.
Facebook has been aware of this flaw for a few weeks, as per The Verge, and it is quietly closing down those group chats and alerting users. However, there has been no official statement from the company regarding the matter.
In a statement to The Verge, a Facebook representative said that “We recently notified some parents of Messenger Kids account users about a technical error that we detected affecting a small number of group chats. We turned off the affected chats and provided parents with additional resources on Messenger Kids and online safety.”
As to the bug, it would appear that there is a flaw in the permissions which are required for group chats. When multiple users are involved the permissions to initiate a chat becomes complex. So if a child was authorised to chat with one user and that user creates a group in which the child is added, the child can chat with users in the group who have not been authorised by the parents. This is a gross violation of what Facebook Messenger Kids.
Currently, it is not clear if this bug has been present on the app since its launch back in 2017. Under Children’s Online Privacy Protection Act (COPPA) applies to Messenger Kids app since it is targeted for an audience under 13 years old. The app has already been accused by some privacy group for violating COPPA earlier, as per The Verge and this new revelation is only going to add more fuel to the fire.