Tis the season for toys! We’re shopping for games, stuffed animals and…spying barbie dolls?
People are increasingly aware of online privacy concerns during the holiday season (and every season!), from the importance of securing your Internet connection when shopping online, to the necessity of using a VPN while traveling and connecting over public Wi-Fi networks. But there’s a new concern emerging this holiday season – the security of popular tech toys being bought for children.
Sparked by the recent news that VTech, an electronics learning company, suffered a cyber attack, there’s been increased concern about the safety of tech toys and what information they may be collecting and sharing about the children using them. In the case of VTech, the company announced that “5 million customer accounts and related kids profiles worldwide” were compromised, including information like names and birthdays, mailing and email addresses and details on user behavior. To raise more alarm, it was reported that it was possible to determine family home/address using the compromised information. The information of over 3 million Hello Kitty customers was also breached recently, when an online database including names, birth dates, gender, email and password hints was uncovered. Much of this information likely belongs to children.
A conversation began around the issue of children’s privacy and tech toys, with experts, concerned parents and toy makers weighing in. As reported in the Washington Post, Jeffrey Chester, executive director of the Center for Digital Democracy, outlined the problem: “Toy companies are rushing to cash in on the changing nature of childhood in the Big Data era, where Internet connected toys are linking children to a vast surveillance network.” He continued:
“These playthings can monitor their every move, turning what should be innocent and pleasurable experience into something potentially more sinister.
As technology becomes a pervasive part of our lives, it’s important that we remain aware of how our devices work and the privacy implications of using them. As stated in a Huffington Post article, “As the VTech incident has shown us, those “benign,” Wi-Fi-enabled toys and appliances pitched to consumers with slick marketing by big business have a dark side. If consumers value the privacy inside their homes, they need to think twice before putting one of these clever toys and gadgets in their shopping carts and under the tree.”
We’ve taken a look at a few of this year’s hot tech toys, in an effort to bring some awareness to the issue.
The Tech Toys
Mattel’s newest, high-tech Barbie – and one of the toys causing alarm. Children talk to the doll and it responds back. The conversations travel over WI-Fi, to servers that use AI to analyze them and formulate a response appropriate to the child, which is then sent back. The data is, unsurprisingly, stored. Some concerns about this doll were outlined by the Guardian: “It was the ease with which the doll was compromise that was most concerning. The information stored by the doll could allow hackers to take over a home Wi-Fi network and from there gain access to other internet connected devices, steal personal information and cause other problems for the owners, potentially without their knowledge.”
Smart Toy Bear or Monkey
Similar to the Barbie, this plush toy is marketed as an “interactive learning toy” that talks to kids and remembers what they say. The makers say that it does not send voice data over the Internet. Instead, the device “checks a secure server each day to see if there are new activities for your toy to learn and remembers how engaged a child is with each activity.”
LeapPad Platinum with Imagicard & LeapFrog Epic
These tablets for kids are educational toys that come with apps, plus additional Android titles you can download. As they are Wi-Fi connected devices, they run over your Wi-Fi network. Many other companies make similar products, and some devices compromised in the VTech hack were tablets for children.
How Can You Improve Privacy?
Be Aware: Recognizing that “smart toys” may come with privacy risks is essential, and understanding the privacy implications can help you make a more informed decision about purchasing or using these toys.
Protect your Connection Across Devices: Using VyprVPN to encrypt your Internet connection across devices is a good step to take. Not all smart toys work the same way, but a VPN provides increased privacy and security when connecting to the Internet – and can be instrumental in protecting your privacy when using apps on your smartphone.
Protect your Home: As the IoT (Internet of things) continues to expand, so does the vulnerability of devices in your homes. By protecting your home network you can protect the devices connected to it. Our VyprVPN Router app, for example, will secure the items connected to your home network.
There is certainly a lot to keep in mind when shopping this holiday season, and as always privacy should be considered. Will you be buying tech toys this year? What do you do to protect your privacy across devices? Share your thoughts with us in the comments below.