CHIPS Articles: Cybersecurity checklist for internet-connected toys
Cybersecurity checklist for internet-connected toys
By CHIPS Magazine
December 17, 2019
The seasonal shopping rush is at full throttle, and due to their popularity, no doubt your holiday shopping list includes some sort of internet-connected smart toy or device for the children on your list to help them learn or perhaps for entertainment purposes. However, before you give one of these connected toys, read the list below compiled by the Federal Trade Commission on what to look for with an internet-connected smart toy or device, and how to protect kids’ data.
Understand the smart toy’s full functionality, the data it collects and how it will be used:
- Does the toy come with a camera or microphone? What will it be recording, and will you know when the camera or microphone is on?
- Does the toy let the child send emails or connect to social media accounts?
- Can parents control the toy and be involved in its setup and management? What controls and options does it have? What are the default settings?
- When the child plays with the toy, what kind of information does it collect?
- Where is this data stored, including pictures and recordings, how is it shared, and who has access to it? Does the toy company give parents a way to see and delete the data? Is the information cyber-secure?
- If the toy collects personal information from a child who is under 13 years-old, the toy company must inform parents about its privacy practices, ask for parental consent, protect and secure collected data, and give parents the right to have their child’s personal information deleted.
For more information, visit the FTC’s website Protecting Kids Online.