FREE GDPR Helpline
Call +44 (0) 208 133 2545
This article was amended on 24 November 2017 to add additional material.
By Steve Wood, Deputy Commissioner (Policy).
In an increasingly digital world, more and more toys and devices aimed at children now have internet-connected technology. As the Christmas shopping season begins, many parents will be considering buying them for their children.
The ICO supports innovation and creative uses of personal data, but this cannot be at the expense of people’s privacy and legal rights, whatever their age. Concerns have been raised in recent months, not only in the UK but in Europe and the USA, that the growth in toys containing sensors, microphones, cameras, data storage and other multi-media capabilities could put the privacy and safety of children at risk.
There have also been data protection concerns relating to some products over what data is collected, by whom, where it is stored and how it is secured.
The Information Commissioner’s Office (ICO) wants parents, guardians and others to consider data protection and privacy issues in the same way they would check on the safety of presents they are planning to give to their children.
You wouldn’t knowingly give a child a dangerous toy, so why risk buying them something that could be easily hacked into by strangers?
In the same way that safety standards are a primary consideration for shoppers buying toys, we want those buying connected items in the coming weeks to take a pause and think about both the child’s online safety, and also the potential threat to their own personal data such as bank details, if a toy, device or a supporting app is hacked into.
Unlike Santa, those looking to hack into your devices don’t care whether you’ve been naughty or nice, so the ICO has the following advice for grown-ups considering buying smart toys and devices this Christmas:
The ICO and other stakeholders are also working with manufacturers, wholesalers and retailers through the Secure By Default project, which aims to encourage data protection considerations from the outset in product development and commercial purchasing decisions, providing better protection for consumers in future.
Steve Wood is Deputy Commissioner for Policy and responsible for the ICO’s policy position on the proper application of information rights law and good practice, through lines to take, guidance, internal training, advice and specific projects.
This post was originally published by ICO.org