“Smart” toys raise privacy and safety concerns for kids

Kids’ privacy and safety may be jeopardized by toys that connect to the internet. Parents should pay attention to toys with speech recognition, GPS, microphone, camera, or data storage capabilities. Such devices may ask for a child’s name, age, address, phone number, or other personal information. This is information parents may not want in the hands of an unscrupulous hacker, if it is intercepted or otherwise obtained.

The Federal Bureau of Investigations (“FBI”) issued a consumer notice in July 2017 explaining the potential risk: “The exposure of such information could create opportunities for child identity fraud. Additionally, the potential misuse of sensitive data such as GPS location information, visual identifiers from pictures or videos, and known interests to garner trust from a child could present exploitation risks.” See FBI Alert No. I-071717(Revised)-PSA (July 17, 2017).

The Children’s Online Privacy Protection Act (“COPPA”), 15 U.S.C. §§ 6501–6506, limits data collection and disclosure for kids under 13 years old. However, many of COPPA’s protections do not apply where a parent has given consent. As a result, parents need to use care when setting up internet-connected toys. It is easy to unwittingly grant consent while clicking through the setup screens for a new toy. Also be alert to situations where a child may have indicated there was “parental consent” without your knowledge.

Cotchett, Pitre & McCarthy, LLP believes the safety of children is a paramount concern. Joe Cotchett and Gwendolyn Giblin are leading the firm’s investigation into privacy and data collection matters, including toys that improperly collect or disclose kids’ personal information.