The 2023 "
Trouble in Toyland" report, which focuses on safety hazards in traditional children's toys and is annually produced by the U.S. Public Interest Research Group (PIRG), emphasized warning parents of new threats on smart toys that pose a privacy risk to children and families. According to the 38th yearly report, toys with microphones, cameras and trackers, recalled toys, water beads, counterfeits and Meta Quest VR headsets, could spy on kids and collect kids' iris scans, fingerprints, vital signs and more.
"The riskiest features of smart toys are those that can collect information, especially without our knowledge or used in a way that parents didn't agree to," Teresa Murray, Consumer Watchdog at the U.S. PIRG Education Fund and author of the report said via a press release. "It's chilling to learn what some of these toys can do." She told
Defender they are also watching for
developments with artificial intelligence (AI) built into toys. PIRG added that smart toys include stuffed animals that listen and talk; devices that learn their habits; games with online accounts; and smart speakers, watches, play kitchens and remote cars that connect to apps or other technology.
As the season of gift-giving is just around the corner, Deputy Director of Kids in Danger Dev Gowda also alerted that adults should be careful in gifting kids with toys that connect automatically to unsecured Wi-Fi networks or pair automatically with other devices through Bluetooth as these may share information through a toy’s microphone, camera, or video camera. "
AI-enabled toys with a camera or microphone may be able to, for example, assess a child's reactions using facial expressions or voice inflection. This may allow the toy to try and form a relationship with the child and gather and share information with others that could risk the child's safety or privacy," PIRG further stated. "Some [smart toys] can collect data on your child and transmit it off of the toy to a company's external servers."
As for where sensitive data may end up, Murray said, "It goes wherever the companies that collect it want it to go," adding that while the data collected should not be used in a way that is not necessary for "playtime," or kept for longer than needed or that deviates from what parents agreed to. "But it often is, unfortunately," she lamented.
According to Research and Markets, the global market for smart toys grew to $16.65 billion in 2023, from $14.11 billion in 2022, and is expected to exceed $35 billion by 2027. A big bulk of the earnings may come from monetizing their private information and manipulating them to achieve marketing objectives, which has been what Big Tech has been doing recently, California-based attorney Robert Barnes said.
Information about children often is used for marketing: to try to sell the kids things they don't need or the parents don't want to buy," Murray said. "The information can also be sold or shared with data brokers and can endanger a child's safety, especially if there's geolocation information, and it can be used to defraud or scam a family." Apart from targeted marketing, Murray also warned about identity theft. "Even if the databases aren't shared, they're often hacked, and this is part of the reason that millions of people become victims of fraud and identity theft every year," she said. (Related:
Millions of UK students are using BIOMETRICS for school-related activities without parental consent.)
VR headsets may expose 10- to 12-year-old children to explicit content
Among the highlighted smart toys in the report is Meta's new virtual reality (VR) headset, the Quest 3, which targets the 10 to 12 age bracket. "We found using Meta's new junior accounts greatly
increases parental controls … but we also found these new additions fail to eliminate some real concerns," the PIRG report included. "Playing games often requires agreeing to different third-party companies' data practices wholesale. VR headsets also can gather sensitive motion data, which can be used to infer health or demographic details about you, and there's virtually no regulation controlling how companies or other actors use this data."
The report identified the headsets' risks including the potential exposure to sexually graphic content and headsets not designed to fit still-developing young bodies. This will violate the Children's Online Privacy Protection Act of 1998 (COPPA), a federal law that regulates online services targeted to children under age 13, including services that collect personal data. The law is enforced by the Federal Trade Commission (FTC).
Samuel Levine, director of the FTC's Bureau of Consumer Protection, told PIRG that if the toy is directed to children under 13 years, COPPA requires the toy company to ask for adults' consent before it collects the child's personal information.
In one example, earlier this year, e-commerce giant Amazon faced charges from the FTC and U.S. Department of Justice (DOJ) for violations stemming from allegations it illegally collected and used children's data collected via its Alexa-powered smart speakers. Amazon "kept sensitive voice and geolocation data for years, and used it for its own purposes, while putting data at risk of harm from unnecessary access," the FTC found. In July, Amazon reached a $25 million settlement and agreed to a permanent injunction requiring the company to "identify and delete inactive child profiles," to "make disclosures" and avoid representations regarding "its retention and deletion practices regarding Alexa App geolocation information and voice information."
Surveillance.news has news about how Big Tech companies' innovations
invade Americans' privacy.
Sources for this article include:
PIRG.org 1
ChildrensHealthDefense.org
PIRG.org 2