The annual Toy Fair took place this past weekend – the biggest event of the year for the toy industry, where vendors showcase thousands of new toys before they hit retail shelves and Amazon wish lists.
The toy industry is worth $22 billion annually in the US alone, but the big toy companies are clearly not content to keep churning out the analog toys that I remember growing up.
Many of the new toys getting the biggest buzz at the Toy Fair are internet-connected, artificially intelligent, and ready to knock your kids’ socks off – if they don’t get totally freaked out.
Some of these toys are intended for very young children, such as the app-connected smart duck named Edwin, a “learning toy” that guides kids through games, plays lullabies, and measures water temperature for a safe (but interactive) bath time.
Once your kids can talk, there are toys that can keep up a conversation, too.
There’s a Wi-Fi enabled stuffed bear hooked up with microphone and speaker that allows parents to communicate with their children from anywhere using a smartphone app (the iChanter bear, which is being funded through Kickstarter).
Already there’s a talking stuffed bear on the market, by Fisher-Price.
The Smart Toy Bear uses machine learning and voice recognition – accessed through a Wi-Fi connection – to remember a child’s favorite activities, respond when spoken to, tell jokes, and “help your child grow socially and emotionally.”
Admittedly, that sounds pretty cool, but there’s a lot that could go wrong with an internet-connected talking toy.
Security researchers discovered that Fisher-Price’s Smart Toy Bear (recently discounted from $100 to $85) had security vulnerabilities that could reveal a child’s name, gender, birthdate and other personal data.
Another Wi-Fi connected toy that made a splash at the Toy Fair is the voice activated Barbie Dream House, a perfect home for the talking Hello Barbie.
The Hello Barbie model has a Wi-Fi connection that hooks her up to Mattel’s servers, where voice recognition software interprets speech and answers back from more than 8000 lines of pre-programmed responses, allowing kids to carry on a two-way “conversation.”
Back in December, security researchers discovered multiple security bugs in Hello Barbie, including the POODLE bug that attackers could exploit to intercept Barbie’s communications over the internet.
There’s no evidence that these security flaws were exploited by hackers to steal kids’ data.
Yet there is reason to worry that kids’ data stored by toy companies could be stolen or leak out accidentally.
In November 2015, hackers breached the servers of toy maker VTech and stole millions of personal records from users of VTech’s Kid Connect, a service that allows parents to chat with kids through an app connected to a child’s tablet.
Among the stolen data: email addresses, names and passwords of over 4 million accounts, which an attacker could have used to access pictures of parents and kids, chat logs and audio recordings of kids’ voices.
Parents are accustomed to thinking about safety and health when making decisions about their children, and it can seem like there are dangers lurking everywhere.
You just have to ask yourself – is a talking smart toy worth the risk?
Image of listening bear courtesy of Shutterstock.com.
Mahhn
If I was still a kid, given a choice, I would rather have a friend or dog than any electronic device as a pseudo friend. Even a parent would do. Never mind about the data theft. These modern toys are more limited/specific (in options for development) as they get higher tech, while the low tech toys allow for more creativity. If you want a robot for a kid, buy one, don’t breed them.
Laurence Marks
Sure, VTech was hacked, but the hackers were probably looking for credit card numbers. That’s why nothing was dine with the info. This is all much ado about nothing, journalists playing off fearful helicopter parents, the same ones who won’t let their children walk two blocks unaccompanied to elementary school.
douglaskarr
What are they going to do? Open a Tinder account under your baby’s email address? Does a baby have an email address? Good God this is a ridiculous fear-mongering article. You know where I can get your kid’s name, birthday, and home town? From your birth announcement on Facebook.
Mark Stockley
Toys that are connected to the internet are computers and should be subject to the same standards of security as my other computers; phone, laptop, router, server, thermostat, CCTV camera…
Data that’s held about the users of those computers, or the people who purchased them, should be subject to the same data privacy laws and norms no matter what. It shouldn’t matter if the computer looks like a teddy bear or a beige box, if the user is five years old or twenty five years old.
George
Software will always have bugs; what I look for is the response. VTech…nope. Fisher Price? Great job. My daughter is playing with her (monkey) Smart Toy right now!