The issue with toys and security vulnerabilities has come from the University of Washington. Here researchers have explored the concerns of both parents and children in relation to Internet-connected toys. It became apparent, from the interviews, that many people were unaware that several leading toys record conversations. Where and how this data is used raises issues of security and privacy.
The types of toys of concern include ‘Hello Barbie’ and ‘CogniToys Dino’. These, and many other toys, are connected to the Internet. These toys are designed to interact with children and respond to posed to them. One feature of such toys is that they record the voices of the children who interact with them. These Wi-Fi-enabled toys take the voice recordings and store these in a cloud. The aim of storing the recordings is tied with machine intelligence, designed to aid the computers in the toys to become “smarter.”
The survey reveals that both children and parents are generally unaware of the cloud connections, together with the privacy and security concerns. In an interview, lead researcher Emily McReynolds notes: “These toys that can record and transmit are coming into a place that’s historically legally very well-protected? The home.”
She adds: “People have different perspectives about their own privacy, but it’s crystalized when you give a toy to a child.” A further factor comes down to psychology. Many toys are designed to emotively appeal to children: they look lifelike and children see the toys as trustworthy. This leads to some children sharing secrets with the toys, which the toy then records. This could be at a more intimate level than a child would enter into compared to speaking with platforms like Siri or Alexa.
As well as privacy, there are security concerns. In 2015, a company called VTech, which produces tablets for children, was hacked. Information relating to 200,000 users was compromised. In relation to both security and privacy concerns the researchers are recommending that greater controls and checks are put in place. One suggestion is for toys to be designed to notify children when they are recording.
The new concerns have been presented in a paper published in the conference proceedings for the CHI 2017 Conference on Human Factors in Computing Systems. The paper is succinctly titled “Toys that Listen.”
