Internet-connected toys subject children to hidden marketing messages and allow strangers to converse with them from a distance, consumer rights groups say.
The groups highlighted breaches of security and basic consumer rights in two toys in particular, the i-Que robot and the My Friend Cayla doll.
The toys connect via Bluetooth to smartphone apps that record children speaking and transmit the recordings to a voice recognition service provider in the U.S., Nuance Communications, allowing the toys to appear to converse with the children.
But, the consumer groups say, there is no authentication or pairing of the Bluetooth connections, allowing strangers within radio range of the toys to detect them and connect with them to carry on a conversation with the children directly. Furthermore, they say, voice recordings that could contain personal information are transmitted to Nuance without explicit consent, and the toys inject messages into their conversations repeatedly endorsing Disney products.
The flaws were uncovered by the Norwegian Consumer Council, and raised with authorities in other countries by organizations including the Union Fédérale des Consommateurs - Que Choisir in France and the Center for Digital Democracy in the U.S.
The European groups recommend that people should think twice before buying the toys. For those who have already bought one of the eavesdropping toys, they recommend turning it off when it is not in use, and suggest returning it to the store or manufacturer. Consumer rights laws in the European Union countries allow a 14-day "cooling-off" period for online purchases, they point out.
In the U.S., the Center for Digital Democracy, the Electronic Privacy Information Center and others have filed suit against Nuance and toy manufacturer Genesis, calling on the U.S. Federal Trade Commission to investigate the companies' practices and to halt the product placement and the collection of personal information.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.