In 2015, Mattel released a new “Hello Barbie” that can talk back to users. After a pressing a button and talking into an embedded microphone, a user’s question or statement goes into the cloud where it is processed by ToyTalk, a third-party voice-recognition company. The doll responds and, over time, learns to better communicate with the user based on prior interactions.
The concern that so many recordings would sit in the cloud prompted Mattel and ToyTalk to promise that the information would be kept safe and not be sold to marketers.
Meanwhile, a smart teddy bear manufactured by Spiral Toys was hacked during the 2016 holiday season, exposing nearly 800,000 emails and passwords.
In 2015, a hacker broke into Vtech’s systems and took data from users who had registered accounts on the company’s “Learning Lodge” app store. Complicating the problem was that Vtech didn’t directly notify parents that the company was storing data from users—i.e. their children—and did not obtain the parents’ consent to do so.
The Department of Justice, on behalf of the Federal Trade Commission, sued the company for violating online privacy laws for children, the first such case involving internet-connected toys. In January, Vtech agreed to pay a $650,000 fine as part of a settlement with the FTC.
See our cover story: The Dangers of Digital Things
Attribution: Text by Victor Li; photo by Shutterstock.com.