As our modern lives become more conveniently connected by \u201csmart\u201d phones, appliances, toys and the like, it\u2019s worth pausing to consider the privacy and security implications of inviting these devices into our homes.<\/p>\n
Take, for example, the My Friend Cayla doll<\/a>, an interactive toy that engages children in conversation. She connects via Bluetooth to an app installed on a phone or tablet. When children talk to her, Cayla records what they say and converts the audio recording into text. The text is then transmitted over the Internet to a third party database where it is used to look up answers, which are then relayed back to Cayla to speak.<\/p>\n Within Cayla\u2019s app, children are also prompted to give personal information, including their name and their parents\u2019 names, their favorite toy, TV show and food, their school and where they live. Cayla uses this information to chat with children about their day, play games, answer questions and even offer instructions on how to bake a cake.<\/p>\n How secure is Cayla and the data she collects? Not secure enough, according to Germany\u2019s Federal Network Agency, which banned the toy<\/a> earlier this year:<\/p>\n \u201cThere is a particular danger in toys being used as surveillance devices: Anything the child says or other people’s conversations can be recorded and transmitted without the parents’ knowledge. A company could also use the toy to advertise directly to the child or the parents. Moreover, if the manufacturer has not adequately protected the wireless connection (such as Bluetooth), the toy can be used by anyone in the vicinity to listen in on conversations undetected.\u201d<\/p><\/blockquote>\n In the United States, a group of consumer advocates has filed a complaint<\/a> with the U.S. Federal Trade Commission, requesting an investigation into the toy.<\/p>\n \u201cThis complaint concerns toys that spy. By purpose and design, these toys record and collect the private conversations of young children without any limitations on collection, use, or disclosure of this personal information. The toys subject young children to ongoing surveillance and are deployed in homes across the United States without any meaningful data protection standards. They pose an imminent and immediate threat to the safety and security of children in the United States.\u201d<\/p><\/blockquote>\n The BBC also covered the story, talking with security researchers at Pen Test Partners<\/a> to get an inside look at how vulnerable Cayla is to hacking.<\/p>\n