Parents who purchase electronic toys for their kids this holiday season should keep in mind the privacy and security risks associated with toys that are connected to the internet.
Virginia Tech’s cybersecurity expert Aaron Brantly explained that internet connected toys often collect substantial information on children and their families. To avoid these cyber risks, Brantly offers the following advice:
“Toys or devices that connect to the internet are always hackable and collecting data on your child. While it doesn’t mean it will happen, the possibility exists,” Brantly said. “A hacked toy can provide a window into your private home life with audio and video access. Insecure devices on a home Wi-Fi network can also provide a portal to potentially access other devices within the network.”
Brantly explains that internet connected toys often collect substantial information on children and their families. “From internet enabled dolls to video games and smart TVs, toys can collect data on what a child likes or dislikes, and track behavioral patterns and responses to given prompts. Information can also include financial information of the parents, particularly for those devices that have games that are pay as you go.”
To avoid these cyber risks:
- Use complex passwords for toys that require it and two-factor authentication is available.
- If a payment option for recurring expenses is required, use a payment service such as ApplePay, GoogleWallet, or PayPal vs. a credit card.
- Read the terms of service for a toy or device.
- Understand what data the toy or device collects and where that data goes.
- Safeguard your personally identifiable information.
- Do not provide credit cards or other financial data.
- Help your child use the toy and monitor access.
- Disable geolocation access to prevent location specific information from being intercepted.
- Keep in mind that smaller toy companies are often unable to provide the best digital security for their products or their corresponding databases.
- No apps are free! Applications (apps) that are free make their money by collecting and selling personal information.
(Brantly is an assistant professor in the Department of Political Science and an affiliated faculty member at the Hume Center for National Security and Technology at Virginia Tech. He is a Cyber Policy Fellow at the Army Cyber Institute and non-resident Cyber Fellow at the Combating Terrorism Center at West Point. His research focuses on national security policy issues in cyberspace including big data, terrorism, intelligence, decision-making and human rights.)