Are Data Privacy and the Internet of Things on Your Holiday Wish List?

By on

Make sure the gift you give isn’t doing undercover work without your permission. 

Hello Barbie NY Times

Learn more about author Cathy Nolan.

Have you heard about the new artificially intelligent Hello Barbie doll that talks to your child? You download an app to your phone or computer that allows the doll to get on your home Wi-Fi. Then your son or daughter can talk to Barbie and she responds with one of 8,000 messages pre-recorded and based on the question your child asked. Sounds innocent? Not so much when you know that the conversations are recorded and Mattel has a contract with Toy-Talk to review all responses. The idea of this Internet of Things toy is to develop more responses based on the questions asked, but unlike a “true” friend, Barbie spills whatever she hears to many ears. If an adult is near Hello Barbie, their conversations are also recorded. You can even access recordings of conversations with Barbie through the app. But what happens when your child finds out you have been spying on her private conversations with Barbie? Isn’t this snooping of the worst kind? Also, Toy-Talk’s privacy policy says your personal information is their business asset. They track where you go on the web through cookies and like every other online broker, they sell that information to third parties. Hello Barbie has been called a miniature surveillance device when all your child wanted was a cute little Barbie doll to dress and have pretend dates with Ken.

Hello Barbie isn’t the only toy that has privacy issues. Any electronic toy that has an embedded system is capable of tracking your child’s identity through location data, which can be communicated to many other entities including other web and/or mobile services and servers. This sharing of sensitive location data opens up the question not only of a child’s privacy but also of their safety.

One of the most popular Internet of Things holiday gifts is Fitbit and other wearable wrist-band devices that track tons of data. Do you want to track your weight, steps taken, sleep quality, heart rate, sexual activity, calories burned? These devices allow you to keep track of your health, but are able to send the information to various websites and apps. Currently Fitbit, Garmin, and Nike all say they don’t sell personally identifiable information collected from fitness devices, but the Federal Trade Commission and other privacy advocates warn that the policies of these firms could allow them to sell data if they decide to do so and your sensitive, personal data could end up in the hands of corporations looking to target your with advertising, get credit ratings, or determine insurance rates. Senator Charles Schumer (D-NY) has called activity trackers a “privacy nightmare”.

Thinking of giving someone in your family an iPhone? Just be aware that a recent survey found that 80% of the apps available have some type of security issue. Apple just removed 250 apps from the iTunes Store because a Chinese company was downloading personal email addresses and iPhone serial numbers. Over 1 million people had downloaded the apps before Apple removed them. I’ve written previously about other apps that spy on you and you can access lists of the worst apps by searching on the internet.

Kind of discouraging isn’t it. Here you just wanted to buy the latest “hot” gift or toy and now you have to worry about privacy issues. Even some of the new appliances and televisions are listening in on your conversations. The Internet of Things (IoT) can be wonderful, but we all have to be aware of the consequences of being connected to “everything”. Obviously being connected to medical devices can allow consumers with serious medical conditions to work with their physicians to manage their diseases. In the home, smart meters can enable energy providers to analyze energy use, identify issues with home appliances, and enable customers to be more energy-conscious. On the road, sensors on a car can notify drivers of road conditions and issues with their car’s operating system. It’s the other side of the IoT that is worrying. None of us want our information shared with strangers or sold to advertisers.

We all know that privacy laws have not kept up regarding the sharing of data. Some things you can do include finding out how well protected your data is while being transmitted or stored—is it encrypted? Just like the safety rules for financial data, don’t use unsecured networks to send personal information from your new device. And lastly, when you are shopping this holiday season remember to look for privacy statements. You can always “google” the company name and check out their privacy policy before you buy that fabulous new gadget.

Leave a Reply

We use technologies such as cookies to understand how you use our site and to provide a better user experience. This includes personalizing content, using analytics and improving site operations. We may share your information about your use of our site with third parties in accordance with our Privacy Policy. You can change your cookie settings as described here at any time, but parts of our site may not function correctly without them. By continuing to use our site, you agree that we can save cookies on your device, unless you have disabled cookies.
I Accept