NP Privacy Partner
Search Nixon Peabody's Data Privacy and Cybersecurity blog  Nixon Peabody on Twitter Nixon Peabody on YouTube
Subscribe:Nixon Peabody's Data Privacy and Cybersecurity blog  Nixon Peabody's Data Privacy and Cybersecurity blog
Share Print View
FBI issues warning on internet-connected toy privacy risks
The Internet of Things has been a hot topic in recent years, with internet-connected toys forming a growing piece of our ever-connected world. And as with all such devices, “smart” toys have privacy and security risks that consumers need to be aware of. On July 17, 2017, the FBI issued a consumer notice warning that internet-connected toys could present such risks for children. In particular, the FBI noted the opportunities for child identity fraud and exploitation that these toys create. Containing sensors, microphones, cameras, data storage components, speech recognition software and GPS, internet-connected toys have the capability to collect detailed personal information about a child—such as names, schools, location, likes and dislikes.  Combined with the information consumers provide as part of creating user accounts as well as the more conventional photos and videos that may be taken while interacting with the toy, internet-connected toys could become a rich source of information for hackers.

Accordingly, the FBI is urging consumers to be proactive in investigating a company’s privacy and data security policies before purchasing and using an internet-connected toy. Understanding how your data is collected, transmitted and stored is a vital piece in protecting your personal information.  For example, all of the communication connections involved with an internet-connected toy, including connections from the toy to the internet, between partner applications and to servers where data may be stored, present vulnerabilities that could be exploited to the point where eavesdropping on conversations could occur. 
The FBI recommends that parents research how and where data collected by the toy is stored and used, any security issues a company has previously faced and to carefully read disclosures and privacy policies. Further, parents should monitor their children’s activity with “smart” toys, ensure that toys are turned off when they are not being used and to follow basic cybersecurity precautions such as having a strong password and providing only minimal personal information.

Finally, the FBI notes that the Children’s Online Privacy Protection Act is in place to provide certain protections to children under the age of 13 and that the FTC has recently updated its guidance with respect to internet-connected toys and associated services. Parents should understand what protections are in place and be vigilant in ensuring they are being followed as well as the limits of these protections.


There are no comments yet for this post.
Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.
* indicates a required field


Body *

Date *


Privacy Policy | Terms of Use and Conditions | Statement of Client Rights
This website contains attorney advertising. Prior results do not guarantee a similar outcome. © 2018 Nixon Peabody LLP
Sort by AttachmentsParentCategory