Two weeks ago some nutcase attempted to kidnap a 9 year old girl at Gelson’s in Rancho Mirage. He didn’t succeed when the store employees and the mom held onto the girl. He was caught after a police chase. That’s just downright crazy and very scary.
Where am I going with this?
As we are now approaching the advertising ramp-up for the holidays and ensuing sales for them, they might be experiencing peer pressure to be like their friends and have the coolest, latest toys.
The constant advertising of the latest and greatest toys targeted to children creates a demand for that toy/device and potential very unhappy kids who don’t necessarily understand why they cannot have the toys they see on T.V. and in their friend’s possession. I’m not even talking about the money end, only the security and safety end of the conversation.
It’s important to set boundaries now and have an understanding of how these “toys” can compromise safety.
Normal conversation such as the child’s name, school, likes and dislikes and even where they live can be disclosed. Some of these “toys” have microphones so that the child can speak to it and it will respond. What about then the toy is not being used? Does it turn off? What if it’s left on?
As they record the conversations that are happening around your child/grandchild/niece/nephew and divulge information within earshot of that microphone to third parties, there is also the ability to look up IP addresses (we get them from our cable/FIOS/satellite service providers) and your general neighborhood can be found. Added to that are the names of your family members and even a last name that might have been recorded, and you are now exposed through one of these devices. This is a major cause for concern.
The FBI issued a Public Service Announcement (PSA) for Smart Toys that are connected to the internet. The PSA can be found here (https://www.ic3.gov/media/2017/170717.aspx)
Here’s a quote from the PSA: “The collection of a child’s personal information combined with a toy’s ability to connect to the Internet or other devices raises concerns for privacy and physical safety. Personal information (e.g., name, date of birth, pictures, address) is typically provided when creating user accounts. In addition, companies collect large amounts of additional data, such as voice messages, conversation recordings, past and real-time physical locations, Internet use history, and Internet addresses/IPs. The exposure of such information could create opportunities for child identity fraud. Additionally, the potential misuse of sensitive data such as GPS location information, visual identifiers from pictures or videos, and known interests to garner trust from a child could present exploitation risks.”
(Wow, can we just go back to Slinky’s, Hot Wheels and the regular Barbie Dolls? Anyone remember Tonka?)
When the toy is registered with an account for internet usage, it can connect through Bluetooth, Wi-Fi, or through an Android or iOS device that is connected to the internet. Some of these toys will ask to be paired with a tablet or phone, and again, with the connection to that device, lots of personal information can be compromised.
As a consultant for many families with young children, and having a background in security, if you do buy a toy, make sure that you can use the toy without the internet, and read every disclosure prior to agreeing to it if you do connect it to the web. Why? You might unknowingly agree to have this data sent and collected, if you agree to it. Don’t just blindly accept all of the agreements.
If you use your regular passwords when creating this account for your child, you can place your other accounts at risk, should the data be breached or if the companies recording the data sell it or otherwise divulge it. Use a password that is only for this account.
If a manufacturer of that toy can couple all of the information about your child from the microphone and the account, including internet usage, past and present conversations, passwords and addresses, they can sell that data to third parties or if they get hacked, your child and your safety as well is at serious risk.
My suggestions are as follows:
- If you can avoid the purchase of these toys, find a plain ole stuffed teddy bear that does not require batteries, three hours of tech support to connect and four hours of heartburn when it won’t work;
- If you do purchase one of these toys, ensure that you do not use the same passwords creating the account online that you normally use;
- Make are that the usage of this toy is under supervision, much like any electronic device that can put a child’s safety at risk – including tablets and phones;
- Read over the PSA for further details and suggestions;
- Read the the entire agreement before you accept it when creating the accounts and connections;
- Create the boundaries now around your child’s device and toy usage and enforce them;
If you need assistance with this or any of your devices, please call. I am always happy to help!!
Scott (760) 550-9496