A study from the International Computer Science Institute has shown that more than 3000 different Android apps aimed at children have collected and transmitted all kinds of data. That data went to advertisers, for example, turned out to be.
Not only did these apps send all kinds of user data, but in almost all cases a link was made with Facebook. That is wrong, because Facebook has a minimum limit of 13 years when it comes to children and there was no check-up at all. That makes those links if they are done for children under the age of 13, in fact illegal. That is not immediately a reason to remove the apps, crazy enough.
In total, almost 6000 apps were viewed and so more than half seemed to be doing something that was not up to scratch. There was only a small fraction (almost 300) who gathered location and contact data without asking for permission from the parents, but more than 1000 shared tracking data and almost 3000 shared the same data to the same party that had the identifiable data of a user. That is not allowed by Google, because you know who someone is and you can follow and target them.
Google cannot solve the problem, with the relentless stream of new apps (more than 2700 every day) on the Google Play Store. The automated tools that the researchers used would come in handy because manual checking is simply not possible. Moral of the story is that you have to be very careful what apps you let your children use on Android. There is no study done on iOS apps, but it is not clear if that means that the problems do not play there or less (plausible if that is allowed) or that there is simply chosen for Android.