Parents should turn off the cameras and automatic tracking devices in their children’s Christmas presents because of the risk of hacking, the Information Commissioners’ Office has warned.
With a rise in the number of ‘smart’ toys and devices gracing the wish list this year, parents should consider the safety of them being connected directly to the internet before giving them as gifts, according to the data regulator.
When adults are not going to personally use cameras in toys to view what is happening remotely then they should consider turning the function off all together, Deputy Commissioner Steve Wood said.
The warning comes amid growing concerns about the ability of criminals to hack into toys containing sensors, microphones, cameras, data storage and other multi-media capabilities.
In a blog on the regulators website Mr Wood wrote: “You wouldn’t knowingly give a child a dangerous toy, so why risk buying them something that could be easily hacked into by strangers?
“In the same way that safety standards are a primary consideration for shoppers buying toys, we want those buying connected items in the coming weeks to take a pause and think about both the child’s online safety, and also the potential threat to their own personal data such as bank details, if a toy, device or a supporting app is hacked into.
“Unlike Santa, those looking to hack into your devices don’t care whether you’ve been naughty or nice.”
Parents are advised that they should ensure that they are buying products from a reputable source, that all passwords and usernames are changed from the default option and to use two-step identification where available.
Mr Wood continued: “Some toys and devices are fitted with web cameras. The ability to view footage remotely is both their biggest selling point and, if not set up correctly, potentially their biggest weakness, as the baby monitor hacking issue of a few years ago demonstrated.
“If you have no intention of viewing footage over the internet, then turn the remote viewing option off in the device’s settings, or else use strong, non-default passwords.”
He added: “One of the main selling points of children’s smart watches is the ability for parents to know where their children are at all times. However, if this isn’t done securely, then others might have access to this data as well. Immediately get rid of default location tracking and GPS settings and set strong, unique passwords.”
Parents are also advised to turn off Bluetooth or set strong passwords to protect their child’s data from hackers.
The Deputy Commissioner concluded: “If you aren’t convinced a smart toy or connected/wearable device will keep your children or your personal information safe, then don’t buy it. If consumers reject products that won’t protect them, then developers and retailers should soon get the message.”