Experts warn smart toys could put children at risk from 'predators'

10 December 2019, 10:22

Smart toys are expected to be popular this Christmas. Picture: PA

By Maddie Goodfellow

Several of the most popular 2019 Christmas toys are leaving children vulnerable to being contacted by "predators," a data privacy expert has told LBC News.

Security flaws have been found in a number of "smart toys", including Vtech's KidiGear Walkie Talkies, and Tenva's Karaoke Microphone.

Christmas favourites including internet-connected cuddly toys and Bluetooth connected karaoke machines could actually be putting children at risk, Which? has warned.

LBC News spoke to a privacy expert who said the types of plastic used in toys is more heavily regulated than technology security, he warned, "some of Britain's biggest retailers are creating an open door for predators to approach children."

In an investigation ahead of Christmas into seven smart devices sold by major retailers including Amazon, Argos, John Lewis and Smyths, three were vulnerable to being hacked.

Which? found that a security flaw in Vtech's £30 KidiGear Walkie Talkies means that anyone can start a two-way conversation with a child from up to 200 metres away.

A predator would need to initiate pairing within 30 seconds of the child switching on their device in order to start talking to them.

Smart toys are replacing traditional presents. Picture: PA

Another popular toy this Christmas is children's karaoke machines.

Karaoke Microphone, sold online by relatively unknown brand Xpassion/Tenva, and Singing Machine SMK250PP made by Singing Machine both have weak Bluetooth security levels which could allow someone to send recorded messages to any device within 10 metres.

Which? warned that personal data of those who own the Singing Machine, as well as AI-powered Boxer Robot, board game Mattel Bloxels, or coding game Sphero Mini is at risk, as the toys do not force users to create strong passwords.

Singing Machine responded saying it follows "best practices" and "testing standards".

Bloxels and Sphero Mini also have no filter protections to prevent explicit language or offensive images being uploaded and sent via their platform.

Which? has recommended that toys must contain unique passwords before use, data encryption and consistent security updates.

Natalie Hitchins, Which? head of home products and services said: "While there is no denying the huge benefits smart gadgets can bring to our daily lives, the safety and security of users should be the absolute priority.

"The next government must ensure manufacturers design connected tech products with security as paramount if it is going to prevent unsecured products ending up in people's homes."

Jamal Ahmed of Kazient Privacy Experts, told LBC News: "As a Data Privacy expert, I'm very concerned that our children are being handed toys with no statutory security or privacy controls.

"In fact, toys are some of the least secure electronic devices around - and are being handed to our most vulnerable people, who often play with them unsupervised."

He continued: "Just as the type of plastic used in toys is heavily regulated, so must the tech security of these toys. Unfortunately, toy safety regulation is stuck in the 20th century.

"Some of Britain's biggest retailers are creating an open door for predators to approach children. Closing this door must be a priority for the next government - starting first thing this Friday."