Android OS Leaves Kids Unprotected By Default
Why is Android on the 2026 Dirty Dozen List?
Google’s Android OS fails to prioritize prevention, leaving millions of teens exposed to sextortion, predatory messaging, and early encounters with pornography. By relying almost entirely on optional parental tools like Family Link, Android fails to provide built-in, proactive safeguards, forcing children to navigate high-risk digital environments on their own. Apple’s default settings show it’s possible to do better. It’s time for Android to step up.
"An Android device used by a minor looks and behaves like a regular adult device, with no automatic content filters, app-rating restrictions, or communication protections on at setup."
- NCOSE Researcher
The Problem
Android and Apple phones now sit on opposite ends of the spectrum when it comes to default safety for minors. Apple assumes minors deserve built-in safety from the moment a device powers on. Android assumes parents will proactively configure everything themselves, and that kids without involved caregivers can do without protection.
After years of advocacy by parents, NCOSE, Protect Young Eyes, and other organizations, Apple has moved toward a “protect first” model, where entering a child’s or teen’s age at setup automatically turns on a suite of safeguards — including enabling nudity blurring in iMessages and turning on the “limit adult websites” filter in the Safari browser for all minors ages 0-17. With Apple’s latest updates, there is now a safer baseline for minors, especially those who don’t have the privilege of involved, tech-savvy parents who have the time to pour over parental controls.
But when it comes to prevention, Google’s Android is falling behind.
Android is essentially Google’s open-source mobile operating system that acts as the core foundation for all Android phones. It runs pure and unmodified on devices like the Google Pixels, while companies like Samsung build their own versions on top of it (like One UI for Galaxy phones) and still uses a significant amount of Google’s built-in apps and services. This means that if Google’s Android implemented improved defaults safety settings for child accounts, those improvements would reach Samsung users through automatic updates, benefiting the vast majority of the Android ecosystem. But unfortunately, Google has refused to implement this common sense measure.
Hundreds of Millions of Minors Could Be Protected
While Apple phones are culturally dominant in America, Android runs on the vast majority of smartphones worldwide.
Android runs on roughly 70–75% of the world’s smartphones, giving it a larger global footprint than any other mobile OS. Major vendors such as Samsung, Xiaomi, Oppo, Vivo, and Motorola, and many other regional brands, ship Android devices worldwide, meaning OS‑level safety defaults would affect a huge and diverse ecosystem of phones. There are approximately 3.9 billion active Android users in 190 countries as of late 2025.
A single OS-level update would ripple across an ecosystem that touches billions of users.
This underscores both the opportunity and responsibility Google has: one proactive change could protect children on millions or hundreds of millions of devices worldwide.
Minors Over 13 Years Old Still Deserve Protection
Kids are not adults when they turn 13. Unfortunately, Big Tech often treats them that way.
The 1998 Children’s Online Privacy Protection Act (COPPA) has been repeatedly misused as a justification to treat teens as “digital adults,” stripping them of protections that research shows they desperately need. Age alone does not erase risk, and the early teen years are precisely when children are most exposed to online harms.
Consider sextortion: a 2024 study from Thorn found that the majority of victims are 14- to 17-year-old boys. Sextortionists manipulate children into sending nude images, which are then used for blackmail. The very age group most at risk is left totally exposed to these harms by Android’s current default policies.
The same problem exists with web content. Studies show that most children first encounter pornography in their early teen years, yet Android’s default web content filters leave them on their own. Denying safeguards to teens is reckless: it leaves them navigating sexualized content without tools to protect themselves. Protecting minors over 13 is not about infantilizing them; it’s about aligning protections with real-world risk.
Further, if a family decides that they don’t want the settings turned on by default, they can always proactively choose to change them. This approach prioritizes prevention by default while still respecting family choices.
Let us be clear: Apple’s child protection features are a solid starting point, but they are certainly not perfect. Android has a golden opportunity to not only match that baseline but to surpass it. Android OS should step up to lead the industry in safeguarding young users and setting a new standard for digital safety that inspires trust worldwide.
Proof: Evidence of Exploitation
WARNING: Any pornographic images have been blurred, but are still suggestive. There may also be graphic text descriptions shown in these sections. POSSIBLE TRIGGER.
Side-by-Side: Apple vs Android Safety Defaults
Apple’s default safety settings for minors are more proactive and built into the OS. They are automatically applied when a child’s age is entered and include content filtering, app restrictions, and communication safety that work across system apps.
Android’s parental controls are also useful but they are opt-in — requiring the Google Family Link setup to take effect. Without it, the device behaves much like a standard Android phone. Only certain defaults (like SafeSearch) kick in based on age when using a supervised Google account.
Apple’s systems are far from perfect, but Android should strive to at least meet their minimum standard if not raise the bar on child protection to become an industry leader.
| Feature | Apple (iOS) | Android (Google) |
|---|---|---|
|
Age-based automatic safety defaults during device setup |
⚠️ Applied automatically when a Child Account is set up (typically parent-led) for under 13; teens 13–17 get fewer automatic protections unless enabled. |
❌ Requires parent intervention — must set up Family Link to activate age-based supervision. |
|
Web content filtering (Safari & apps) |
✅ ⚠️ Available and often prompted during Child Account setup, though not universally automatic for all minors; depends on Screen Time/content settings. |
⚠️ Only active with Family Link supervision; not automatic. |
|
App purchase / download approvals |
✅ Ask to Buy — automatic for Child Accounts under 13; teens 13–17 require parent to enable. |
⚠️ Only active with Family Link; without it, minors can download apps freely. |
|
Communication safety features (nudity blurring & warnings in messages) |
✅ ⚠️ Built-in and can be enabled during setup for child accounts; not always universally auto-on in all configurations. |
❌ Not built into OS; dependent on app-level features or supervision tools. |
|
Screen time controls |
⚠️ Available within Screen Time; not on by default and requires parent setup to enforce limits. |
⚠️ Only available with Family Link. |
|
Parental management app / interface |
❌ Managed within device settings; no separate app required. |
✅ Family Link app — required for remote management. |
|
Search filtering & SafeSearch |
⚠️ Not OS-level default; depends on browser and Screen Time/content restriction settings. |
✅ SafeSearch on by default for supervised accounts under 13; otherwise opt-in via Family Link. |
Android OS Fails to Prioritize Prevention
Google’s Android does provide parental supervision features, but has not adequately prioritized prevention.
Google continues to lean on Google Family Link, a separate, opt-in parental-supervision system. While Google has rolled out some limited default settings, like SafeSearch for supervised accounts and a few under-18 protections tied to Google services, nearly all meaningful controls still require parents to know about Family Link, set it up, and keep it active.
Without that extra work, an Android device used by a minor looks and behaves like a regular adult device, with no automatic content filters, app-rating restrictions, or communication protections kicking in at setup.
The difference reflects a philosophical divide. Should the largest manufacturers of smart phones and their operating systems provide built-in safety settings for minors the moment they power on their device? Or should the burden to navigate and protect children on these complex and constantly changing computer systems fall solely on parents and caregivers? What about children without active and engaged caregivers? Apple has finally recognized that it is their responsibility to default their products to safety for child users. Yet, Android assumes parents will proactively configure everything themselves, and that kids without involved caregivers can do without protection. That assumption does not hold true in the real world, where many families never realize their child is unprotected because the right app wasn’t installed or a setting wasn’t flipped.
In an era of escalating online risks, this reactive model leaves Android behind. To meet modern expectations, and to protect the many kids without guardians who can complete multi-step supervision flows, Android needs to shift toward automatic, age-based safety defaults that activate at setup.
The tools are already built into Android phones. Google simply needs to turn them on by default.
NCOSE Investigation into Android v16 as a 15-year-old Finds Web Filtering Failed
A NCOSE OSINT investigator set out to test the child safeguards and controls on Android v16 as a 15-year-old.
The investigation found that web filtering did not work. With safety controls on for a minor’s Google account, they are still able to access sensitive websites such as Pornhub and other explicit pornography websites.
Further, in the Google Play store, app ratings were misleading. Several apps were rated Teen that contained soft porn material and access to Character.ai alternatives that would engage in inappropriate conversations with minors on the device. Many of these apps were AI story telling apps that allowed you to direct the AI in a particular direction that led to inappropriate material and conversation.
The full OSINT report is available to journalists or policymakers.
The Importance of Google’s Android OS in the Global Smartphone and Tablet Ecosystem
Savvy technologists may ask why we didn’t put just “Google” on the Dirty Dozen List for this issue. This question makes sense because, ultimately, Google develops and controls the core Android operating system, the underlying SafetyCore AI services, Google Messages (the default messaging app), Chrome browser, SafeSearch, and Family Link parental controls. However, Google is a massive conglomerate with countless devices, brands, and features, and so our advocacy is focused on targeting Android OS because it’s the piece of the puzzle that would make the greatest difference.
Android OS is the operating system that powers most of the world’s smartphones and tablets. Think of it as the software brain that runs your phone, controlling everything from how apps open to how the internet works on the device. Unlike iOS, which only runs on Apple devices, Android is used by hundreds of brands — from Samsung and Xiaomi to regional and budget phone makers. This makes it the most widely used mobile operating system in the world, with billions of active devices globally.
Android OS is a central part of Google’s ecosystem. Google develops Android, and it integrates tightly with other Google services, like Gmail, Google Search, YouTube, and the Google Play Store for apps. Many of the features we think of as “Google features” on Android, from account management to app permissions, are built into the operating system itself. Because Google owns Android, it has the power to push updates and default settings that apply across millions of devices worldwide, influencing what users see and how their devices behave.
The importance of Android OS for default safety settings is huge. Since Android runs on so many phones globally, any default protections Google builds into the OS, such as web content filtering or nudity-blurring in messages for minors, would instantly reach billions of users, across thousands of phone models and hundreds of brands. Right now, many Android devices rely on parents manually setting up tools like Google Family Link to provide these protections. By building them into the OS as default settings, Google could ensure that every child starts with a safer baseline experience online, no matter which brand of Android phone they are using.
Requests for Improvement
Android OS should adopt built-in Communications Safety features that automatically detect and blur sexually explicit images across messaging apps, video calls, file transfers, and shared contact content for all minor accounts.
Ideally, this would also include preventing minors from sending nude imagery, to reduce the risk of creating or distributing child sexual abuse material (CSAM).
Android should implement OS-level web content filtering that proactively limits minors’ exposure to inappropriate content, including pornography, across browsers and apps controlled or influenced by Google (e.g., Chrome, WebView, and apps using Google services).
Fast Facts
There are 3.9 billion Android OS users in the world, capturing 73.9% of the mobile OS market.
In a sample of young people who had created AI-generated pornography or AIG-CSAM of another person, 70% said they downloaded the app they used to make deepfakes from their device’s app store (e.g., Apple’s App Store or Google’s Play Store).
Among young people who experienced sexual extortion as a minor, 39% said sextortionists communicated threats via text message or iMessage.
Resources
Protect Young Eyes: The Complete Guide to Android Parental Controls
Defend Young Minds: Teach kids to reject porn before it becomes a problem
Report suspected child exploitation to the National Center on Missing and Exploited Children (NCMEC) Cyber Tipline
The App Danger Project: Check user reviews from app stores that raise concerns about dangerous experiences for children
Building a Safe Internet
Recommended Reading
Share!
Help educate others and demand change by sharing this on social media or via email!
Spread the word to hold Big Tech accountable. Use these free resources to post on social media or share via email. Your voice can create change!
