Hello Barbie, CogniToys Dino and other toys connected to the internet can joke around with children and respond in surprising detail to questions posed by their young users. The toys record the voices of children who interact with them and store those recordings in the cloud, helping the toys become “smarter.”
As Wi-Fi-enabled toys like these compete for attention in the home, a new analysis finds that kids are unaware of their toys’ capabilities, and parents have numerous privacy concerns.
University of Washington researchers have conducted a new study that explores the attitudes and concerns of both parents and children who play with internet-connected toys. Through a series of in-depth interviews and observations, the researchers found that kids didn’t know their toys were recording their conversations, and parents generally worried about their children’s privacy when they played with the toys.
“These toys that can record and transmit are coming into a place that’s historically legally very well-protected ― the home,” said co-lead author Emily McReynolds, associate director of the UW’s Tech Policy Lab. “People have different perspectives about their own privacy, but it’s crystalized when you give a toy to a child.”
The researchers presented their paper May 10 at the CHI 2017 Conference on Human Factors in Computing Systems.
Though internet-connected toys have taken off commercially, their growth in the market has not been without security breaches and public scrutiny. VTech, a company that produces tablets for children, was storing personal data of more than 200,000 children when its database was hacked in 2015. Earlier this year, Germany banned the Cayla toy over fears that personal data could be stolen.
It’s within this landscape that the UW team sought to understand the privacy concerns and expectations kids and parents have for these types of toys.
The researchers conducted interviews with nine parent-child pairs, asking each of them questions ― ranging from whether a child liked the toy and would tell it a secret to whether a parent would buy the toy or share what their child said to it on social media.
They also observed the children, all aged 6 to 10, playing with Hello Barbie and CogniToys Dino. These toys were chosen for the study because they are among the industry leaders for their stated privacy measures. Hello Barbie, for example, has an extensive permissions process for parents when setting up the toy, and it has been complimented for its strong encryption practices.
The resulting paper highlights a wide selection of comments from kids and parents, then makes recommendations for toy designers and policymakers.
Most of the children participating in the study did not know the toys were recording their conversations. Additionally, the toys’ lifelike exteriors probably fueled the perception that they are trustworthy, the researchers said, whereas kids might not have the tendency to share secrets and personal information when communicating with similar tools not intended as toys, such as Siri and Alexa.
“The toys are a social agent where you might feel compelled to disclose things that you wouldn’t otherwise to a computer or cell phone. A toy has that social exterior which might fool you into being less secure on what you tell it,” said co-lead author Maya Cakmak, an assistant professor at the Allen School. “We have this concern for adults, and with children, they’re even more vulnerable.”
Some kids were troubled by the idea of their conversations being recorded. When one parent explained how the child’s conversation with the doll could end up being shared widely on the computer, the child responded: “That’s pretty scary.”
At minimum, toy designers should create a way for the devices to notify children when they are recording, the researchers said. Designers could consider recording notifications that are more humanlike, such as having Hello Barbie say, “I’ll remember everything you say to me” instead of a red recording light that might not make sense to a child in that context.
The study found that most parents were concerned about their child’s privacy when playing with the toys. They universally wanted parental controls such as the ability to disconnect Barbie from the internet or control the types of questions to which the toys will respond. The researchers recommend toy designers delete recordings after a week’s time, or give parents the ability to delete conversations permanently.
A recent UW study demonstrated that video recordings that are filtered to preserve privacy can still allow a tele-operated robot to perform useful tasks, such as organize objects on a table. This study also revealed that people are much less concerned about privacy ― even for sensitive items that could reveal financial or medical information ― when such filters are in place. Speech recordings on connected toys could similarly be filtered to remove identity information and encode the content of speech in less human-interpretable formats to preserve privacy, while still allowing the toy to respond intelligibly.
The researchers hope this initial look into the privacy concerns of parents and kids will continue to inform both privacy laws and toy designers, given that such devices will only continue to fill the market and home.
“It’s inevitable that kids’ toys, as with everything else in society, will have computers in them, so it’s important to design them with security measures in mind,” said co-lead author Franziska Roesner, a UW assistant professor at the Allen School. “I hope the security research community continues to study these specific user groups, like children, that we don’t necessarily study in-depth.”
Other co-authors are Sarah Hubbard and Timothy Lau of the Information School and Aditya Saraf of the Allen School of Computer Science & Engineering.
The study was funded by the Consumer Privacy Rights Fund at the Rose Foundation for Communities and the Environment and by the UW’s Tech Policy Lab.