Children’s toys can spy on them through cameras and microphones, warns FBI

The agency says you should switch them off when they're not being used

Aatif Sulleyman
Wednesday 19 July 2017 14:59
Earlier this year, parents were told to destroy My Friend Cayla
Earlier this year, parents were told to destroy My Friend Cayla

The FBI has issued a warning about internet-connected children’s toys equipped with cameras and microphones.

The agency’s Internet Crime Complaint Center (IC3) division has told parents to be wary of them, and is advising consumers to carry out a series of checks before purchasing one.

It also says you should switch them off when they’re not being used.

Sensors inside the toys could put the privacy and safety of children at risk, according to the IC3, which specifically highlights exploitation risks.

As well as cameras and microphones, such toys could include GPS, data storage and speech recognition components.

“In some cases, toys with microphones could record and collect conversations within earshot of the device. Information such as the child’s name, school, likes and dislikes, and activities may be disclosed through normal conversation with the toy or in the surrounding environment,” it says.

The IC3 warning continues: “Personal information (e.g., name, date of birth, pictures, address) is typically provided when creating user accounts. In addition, companies collect large amounts of additional data, such as voice messages, conversation recordings, past and real-time physical locations, Internet use history, and Internet addresses/IPs.

“The exposure of such information could create opportunities for child identity fraud. Additionally, the potential misuse of sensitive data such as GPS location information, visual identifiers from pictures or videos, and known interests to garner trust from a child could present exploitation risks.”

The data collected from children’s interactions with such toys can be sent to the manufacturer and a third-party company responsible for the software.

“Voice recordings, toy Web application (parent app) passwords, home addresses, Wi-Fi information, or sensitive personal data could be exposed if the security of the data is not sufficiently protected with the proper use of digital certificates and encryption when it is being transmitted or stored,” says the IC3.

Earlier this year, an official German watchdog told parents to destroy an internet-connected doll because hackers can use it to spy on children.

My Friend Cayla was found to be equipped with an insecure Bluetooth device, which cybercriminals could hijack, in order to steal personal data and listen and talk to the child playing with it.

The IC3 has published a list of checks for people to perform before buying internet-connected toys, which includes staying up to date with software updates and switching toys off when they're not being used. The full list can be found here.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in