An Experimental Evaluation of Smart Toys’ Security and Privacy Practices

Smart toys have captured an increasing share of the toy market, and are growing ubiquitous in households with children. These toys can be considered as a subset of Internet of Things (IoT) devices, often containing sensors and artificial intelligence capabilities. They may collect personal information, and frequently have Internet connectivity directly or indirectly through companion apps. Recent studies have found security flaws in many smart toys that have led to serious privacy leaks or allowed tracking a child’s physical location. Some well-publicized discoveries of this nature have led governments around the world to ban some of these toys. To complement recent efforts in analyzing and quantifying security and privacy issues of smart toys, we set out to create two thorough analysis frameworks that are specifically crafted for smart toys. The first framework is designed to analyze legally-binding privacy policies and terms-of-use documentation of smart toys. It is based on a set of privacy-sensitive criteria that we carefully define to systematically evaluate selected privacy aspects of smart toys. We augment our work with a static analysis for the companion Android apps, which are, in most cases, essential for intended functioning of the toys. We use our framework to evaluate a representative set of 11 smart toys, along with 11 companion apps. Our analysis highlights several instances of unnecessary collection of privacy-sensitive information, the use of over-privileged apps, incomplete/lack of information about data storage practices and legal compliance. The proposed framework is a step towards enabling a comparison of smart toys from a privacy perspective, which can be useful to parents, regulatory bodies, and law-makers. The second framework is used to investigate security and privacy practices - based on experimental analysis - of those specific kinds of IoT devices. In particular, we inspect the real practice of smart toys to determine the personal information they collect and security measures used to protect them. We also investigate potential security and privacy flaws in smart toys that can lead to leakage of private information, or allow an adversary to control the toy to lure, harm, or distress a child. Smart toys pose risks unique to this category of devices, and our work is intended to define these risks and assess a subset of toys against them. We perform a thorough experimental analysis of five smart toys and their companion apps. Our systematic analysis has uncovered that several of these toys may expose children to multiple threats through physical, nearby, or remote access to the toy. The presented frameworks unite and complement several existing adhoc analyses, and help comprehensive evaluation of other smart toys

Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA

Increased concern about data privacy has prompted new and updated data protection regulations worldwide. However, there has been no rigorous way to test whether the practices mandated by these regulations actually align with the privacy norms of affected populations. Here, we demonstrate that surveys based on the theory of contextual integrity provide a quantifiable and scalable method for measuring the conformity of specific regulatory provisions to privacy norms. We apply this method to the U.S. Children's Online Privacy Protection Act (COPPA), surveying 195 parents and providing the first data that COPPA's mandates generally align with parents' privacy expectations for Internet-connected "smart" children's toys. Nevertheless, variations in the acceptability of data collection across specific smart toys, information types, parent ages, and other conditions emphasize the importance of detailed contextual factors to privacy norms, which may not be adequately captured by COPPA.Comment: 18 pages, 1 table, 4 figures, 2 appendice

Designing the Health-related Internet of Things: Ethical Principles and Guidelines

The conjunction of wireless computing, ubiquitous Internet access, and the miniaturisation of sensors have opened the door for technological applications that can monitor health and well-being outside of formal healthcare systems. The health-related Internet of Things (H-IoT) increasingly plays a key role in health management by providing real-time tele-monitoring of patients, testing of treatments, actuation of medical devices, and fitness and well-being monitoring. Given its numerous applications and proposed benefits, adoption by medical and social care institutions and consumers may be rapid. However, a host of ethical concerns are also raised that must be addressed. The inherent sensitivity of health-related data being generated and latent risks of Internet-enabled devices pose serious challenges. Users, already in a vulnerable position as patients, face a seemingly impossible task to retain control over their data due to the scale, scope and complexity of systems that create, aggregate, and analyse personal health data. In response, the H-IoT must be designed to be technologically robust and scientifically reliable, while also remaining ethically responsible, trustworthy, and respectful of user rights and interests. To assist developers of the H-IoT, this paper describes nine principles and nine guidelines for ethical design of H-IoT devices and data protocols

Security Analysis and Evaluation of Smart Toys

During the last years, interconnectivity and merging the physical and digital technological dimensions have become a topic attracting the interest of the modern world. Internet of Things (IoT) is rapidly evolving as it manages to transform physical devices into communicating agents which can consecutively create complete interconnected systems. A sub-category of the IoT technology is smart toys, which are devices with networking capabilities, created for and used in play. Smart toys’ targeting group is usually children and they attempt to provide a higher level of entertainment and education by offering an enhanced and more interactive experience. Due to the nature and technical limitations of IoT devices, security experts have expressed concerns over the effectiveness and security level of smart devices. The importance of securing IoT devices has an increased weight when it pertains to smart toys, since sensitive information of children and teenagers can potentially be compromised. Furthermore, various security analyses on smart toys have discovered a worryingly high number of important security flaws. The master thesis focuses on the topic of smart toys’ security by first presenting and analyzing the necessary literature background. Furthermore, it presents a case study where a smart toy is selected and analyzed statically and dynamically utilizing a Raspberry Pi. The aim of this thesis is to examine and apply methods of analysis used in the relevant literature, in order to identify security flaws in the examined smart toy. The smart toy is a fitness band whose target consumers involve children and teenagers. The fitness band is communicating through Bluetooth with a mobile device and is accompanied by a mobile application. The mobile application has been installed and tested on an Android device. Finally, the analyses as well as their emerged results are presented and described in detail. Several security risks have been identified indicating that developers must increase their efforts in ensuring the optimal level of security in smart toys. Furthermore, several solutions that could minimize security risks and are related to our findings are suggested, along with potentially interesting topics for future work and further research

Discursive constructions of the internet of toys

The Internet of Toys (IoToys) refers to the small subset of the Internet of Things often marketed to children and their caregivers as smart toys. These toys include many of the affordances of screen-based, networked technologies, packaged as children’s everyday playthings. Thus, Hello Barbie uses voice recognition and cloud-based computing combined with artificial intelligence procedures to craft meaningful responses to children’s statements and engage them in quasi-naturalistic conversation. Other IoToys also include image recognition and geo-locational data collection. Such toys can also be constructed in different ways that represent the perspectives of the speaker and circumstances of use. Thus Germany’s Federal Network Agency announced in February that it classified the My Friend Cayla doll (a competitor to Barbie) as an ‘illegal espionage apparatus’ because ‘under German law it is illegal to manufacture, sell or possess surveillance devices disguised as another object’. The IoToys facilitates both commercial relations and income streams for the manufacturers and/or associated organisations, such as marketing agencies, software providers and voice analytics services. These streams of income can include advertising to children through the connected toy, the collection, analysis and monetisation of children’s data and the sale of the toy itself. Buying the toy also involves long-term contractual agreements that transfer legal responsibility for the collection, analysis and distribution of children’s data onto their parents. This effectively gives commercial entities the authority to continue and conceivably expand upon data-collecting and data-sharing procedures. This article analyses the discursive construction of the future IoToys using textual analysis of media resources that provide stakeholder perspectives on this emerging field. It argues that, given their status as an emerging category of human–computer interaction devices, objects that can be classified as part of the IoToys currently occupy a controversial and contested media industries space, raising many regulatory and policy questions that children themselves are not equipped to consider or take into account

Medijska reprezentacija dječje privatnosti u kontekstu upotrebe „pametnih” igračaka i prikupljanja podataka u komercijalne svrhe

The growing use of “smart” toys has made it increasingly important to understand the various privacy implications of their use by children and families. The article is a case study of how the risks to young children’s privacy, posed by the commercial data collection of producers of “smart” toys, were represented in the media. Relying on a content analysis of media coverage in twelve European countries and Australia collected during the Christmas season of 2016/2017, and reporting on a follow-up study in selected countries during the Christmas season of 2017/2018, our article illustrates how the issue of children’s privacy risks was dealt with in a superficial manner, leaving relevant stakeholders without substantive information about the issue; and with minimum representation of children’s voices in the coverage itself.Zbog sve veće upotrebe „pametnih” igračaka sve je važnije razumjeti kakve posljedice njihovo korištenje ima na privatnost djece i obitelji. Ovaj rad predstavlja studiju slučaja o medijskoj reprezentaciji rizika korištenja „pametnih” igračaka i otkrivanja privatnosti djece od strane proizvođača koji prikupljaju komercijalne podatke. Oslanjajući se na analizu sadržaja medijskih objava u dvanaest europskih zemalja i Australiji, prikupljenih za vrijeme božićnih blagdana u sezoni 2016./2017., te na daljnju analizu sadržaja medijskih objava u odabranim zemljama, prikupljenih za vrijeme božićnih blagdana u sezoni 2017./2018., ovaj rad pokazuje kako su teme dječje privatnosti obrađene na površan način, pri čemu dionici ostaju bez nužnih informacija o toj temi, a dječji izvori u samim objavama minimalno su zastupljeni

A Literature Survey on Smart Toy-related Children\u27s Privacy Risks

Smart toys have become popular as technological solutions offer a better experience for children. However, the technology used increases the risks to children\u27s privacy, which does not seem to have become a real concern for toy makers. Most researchers in this domain are vague in defining their motivations due to lack of an expert survey to support them. We conducted a literature survey to find papers on smart toy-related children\u27s privacy risks and mitigation solutions. We analyzed 26 papers using a taxonomy for privacy principles and preserving techniques adapted from the IoT context. Our analysis shows that some types of risks received more attention, especially (a) confidentiality, (b) use, retention and disclosure limitation, (c) authorization, (d) consent and choice, (e) openness, transparency and notice and (f) authentication. As for solutions, few were effectively presented; the vast majority related to data restriction -- (a) access control and (b) cryptographic