This blog has been reproduced by kind permission of ReadWrite.  This blog post, originally posted here on by Amanda Razani, discusses the opportunities and risks when integrating connectivity into toys.

In an age where it seems anything and everything can benefit from connectivity, the future of toys is changing rapidly. Toys are becoming more intelligent, more connected and important assets among the Internet of Things. U.S. domestic toy sales, according to industry association data, hit close to $22 billion in 2014, and that number has been growing steadily ever since, especially with the new connected opportunities for manufacturers.

Mattel, Fisher-Price and Sphero cashing in now

blog2With the advent of sensors, chips, phones, apps and the cloud, the possibilities for what toys can offer is almost limitless.  Just look at Mattel’s Hello Barbie doll that works the same way Samsung voice operators do, sending children’s conversations into the cloud and returning verbal responses through a speaker in the doll.  Fisher-Price makes a WiFi-enabled stuffed animal, and Sphero has introduced an awesome little app-enabled droid toy, called the BB-8, that has an adaptive personality and evolves as an individual plays with it.  It can even create and display holographic recordings.   This toy can also connect with one’s phone, allowing for movement control.

As consumers change the way they are interacting with the connected world, all these IoT products enable toy manufacturers to leverage real-time data, collecting insights about customers to create more interactive and personalized devices that continue to impress and entertain.

But awesome toys present security issues

However, all these connected toys create concerns about security.  There are many gadgets these days that can be used to eavesdrop.  Part of the problem is that many hardware manufacturers offer poor security, and often times consumers are left vulnerable because of all the information they are sharing.

“One of my technologists has a phrase: ‘internet of other people’s things’,” says Lee Tien, senior staff attorney at the Electronic Frontier Foundation said. “Even if you bought it, it’s not necessarily truly yours – it may need to talk to the vendor’s machines to work, handing over data about you or those around you (if it has sensors); it may have features you don’t know about or don’t know how to control, or can’t control.”

The internet of things is quite helpful to eavesdroppers, both official and hacker types, for several reasons, with the main one being regular data leaks.

“One helpful feature for surveillance is that private sector IoT generally blabs a lot, routinely into some server, somewhere,” states Tien. “That data blabbing can be insecure in the air, or obtained from storage.”

To further complicate things, just look at video games, which require televisions and game systems.  New smart systems are equipped with cameras and voice monitors that are connected online and constantly sending information to the cloud.

But is someone watching through Barbie’s eyes?

Many people are concerned about what that can mean.  Can smart televisions spy on them? The US director of national intelligence says that is obvious. The ever-increasing variety of “smart” web-enabled devices, most recently dubbed the Internet of Things, is a blessing to intelligence officials and law enforcement, according to director James Clapper.

“In the future, intelligence services might use the Internet of Things for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” Clapper tells the Senate in public testimony.

Unfortunately, intelligence officials are not the only ones wanting to hack into hi-tech devices. Being aware of when people are home, what they own and where they store it is valuable knowledge for thieves.

A cyber-attack on toymaker VTech released the personal data of 6.4m children last year, and it was a scary reminder of the vulnerability of children on the internet. A similar thing happened to Sony, when hackers from North Korea stole users’ credentials, and online playing came to a halt during a major holiday.

However, even though a lack of privacy and security breaches are major concerns, it looks like connected toys are here to stay as long as consumers continue to happily purchase them.

Secure connected consumer devices is a priority for IoTSF and is one of the five established working groups click here to find out more.

About the Publication: ReadWrite is the leading media platform dedicated to IoT and the Connected World. In 2015, Forbes named ReadWrite one of the top 100 websites for entrepreneurs. We work with the industry’s top technologies, thinkers, and companies to tell the stories that drive this world forward. We strive on a daily basis to answer the critical questions on your minds – about the data, privacy, security, and platform issues, and how all these ecosystems come together for you. Our content lives at the intersection of entrepreneurs and enterprise, the birthplace of these new technologies that will impact every industry they touch.


The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of the IoT Security Foundation.