Internet Toys - Akademia NASK
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
internet
of Toys
A Support or a Threat
.
to Child’s Development
,
Anna Rywczynska
Przemyslaw
- Jaroszewski
1
internet
of Toys
A Support or a Threat
.
to Child’s Development
1. Introduction
Toys integrating technologies are not world of toys. Communicative compa-
new. Embedding advanced techno- nions—while ensuring an attractive
logical functions, including micropro- way of spending their time, suppor-
cessors which ensure interactivity dur- ting education, and teaching tech-
ing play, already has a long tradition. nologies—also introduce considera-
Talking dolls or remote-controlled ble challenges, mainly in the context
racing cars are widely known. Such of privacy, data protection, as well as
toys (as, for instance, AIBO dog-robot taking into account the social context.
or Tamagotchi) were created as ear- Since toys based on the Internet in-
ly as at the end of the 20th century. frastructure and mobile technologies
However, smart connected toys ap- are potentially susceptible to all pro-
pearing in recent years, as a natural blems, involving cybercrime, they
continuation of the Internet of things create new challenges relating to
(IoT), may revolutionise the children’s children’s cognitive development.
Internet of Toys constitutes one of the most dynamically develo-
ping sectors of economy. According to the Juniper Research re-
port1, in 2017 the total number of commercial parcels including
smart toys was respectively (in millions):
118.2 America
52.5 Europe
53.3 the rest of the world
In China an increase by 47% is expected annually, on average,
until 2022, which will correspond to 18% share in the global
smart toy parcel market.
1 Juniper Research, Smart Toys: Market Summary 2017.
2
The problems related to Internet of In July 2017 the FBI’s Internet Crime
things were initially related mostly to Complaint Centre issued a warning
security of ICT networks. It was due to on its web page. It was aimed to en-
the Internet of toys that it they became courage consumers to consider cy-
applicable to children’s safety on-line. ber safety before introducing smart,
In December 2016 FOSI (Family On- interactive, Internet-connected toys
line Safety Institute) published the to their homes. In case of smart
document titled Kids and the Con- toys, many questions still should be
nected Home: Privacy in the Age of answered, including: how the safety
Connected Dolls, Talking Dinosaurs, of data (frequently sensitive data)
and Battling Robots in which the land- collected by devices looks like? What
scape of the smart toy world is ana- happens to them? How are they pro-
lysed from the viewpoint of safety and tected? Who can access them? How
the grounds to apply the rights pro- can another person take control of
vided for in COPPA (Children’s On- them? Taking into account potential
line Privacy Protection Act) towards threats that may result from the fact
toy manufacturers and suppliers of that you have a smart toy, it seems
technologies implemented in them. important to make a conscious de-
The said report also presents an cision when buying it. We hope this
initial typology of interactive toys guidebook will help you. Its content is
dividing them into three categories: the result of a project realised within
• smart toys—toys containing ele- the framework of the NASK Nation-
ments of ‘artificial intelligence’, i.e. al Research Institute titled ‘Internet
ability to learn, process information of Toys—a Support or a Threat to
received from a child, etc.—but Child’s Development.’
conducting all local analyses with-
out sending any data to an external The project included:
service centre;
• connected toys—sending data • a pilot qualitative study in the form
(e.g. photos, audio files) to an exter- of interviews concerning various
nal service centre, but not containing attitudes and practices typical for
elements of ‘artificial intelligence’; people with various levels of capi-
• connected smart toys combining tal (economic, cultural), relating to
the features of both abovemen- the use of digital devices belong-
tioned groups; using resources ing to the category of the Internet
of external service centre (where of things (IoT), in particular con-
the data collected by a device nected smart toys;
are sent) to communicate with the • a pilot quantitative study checking
user. the level of smart toys popularisa-
3
tion and the level of knowledge correct implementation, as well as
about their safety; the availability and efficacy of pro-
• tests involving selected products tection against undesirable content.
from the viewpoint of cyber threats
and precautions implemented by The aim of our guidebook is to famil-
the vendor, iarise potential purchasers with the
- including information on privacy problems concerning smart toys. The
and safety provided by manufac- presented definitions of notions and
turers before purchase and in the phenomena, descriptions of function-
inside packaging, alities and recommendations should
- in technical terms: the types of facilitate the use of IoT technologies
transmitted data, place where they at home, including interactive con-
are stored and processed, their nected toys.
protection (e.g. encryption) and its
4
2. Children—first consumers
of new technologies
Digital technology nowadays —the most quickly developing in the
constitutes an inseparable part of entertainment sector, but more and
everyday life and accompanies more frequently used in education—
almost all activities we undertake, or AI (Artificial Intelligence) which
either in our professional or private is anticipated to revolutionise the
life. It is used for shopping, making industrial world. The IoT solutions are
payments, booking holidays, becoming more and more popular.
communication, and keep- They make it possible to collect,
ing in touch with our friends. It is also process, and exchange data between
part of our work, and is used to acquire items through the computer network.
information and knowledge. Children
grow up in the environment of digital The digital revolution phenomenon is
technology virtually from their birth considered in the social, as well as
and the average age they start to use educational and economic aspects,
the Internet on their own is 9–10 years and the global economic situation is
of age. Over 93% of Polish teenagers simply conditioned by the information
stay practically non-stop on-line2, and society development. Complex and
almost 80% households have access attentive approach to synergization
to broadband Internet3. Over the last of technology with other spheres of
few years a dynamic growth in using life, and development of digital com-
mobile technologies by children and petences based on solid educational
teenagers has been observed. Tab- foundations may bring about equali-
lets and smartphones increasingly of- sation of opportunities and standards
ten replace desktop computers. More of living in the society. It is thus ex-
than 30% stay on-line almost all the tremely important to implement tech-
time through their mobile phones4. nologies to children’s life in such
Social media are developing, strong- a manner so as they could use them
ly embedded in the mobile Internet to satisfy their developmental and
sphere, as well as robotics, VR/AR social needs—while growing up sur-
(Virtual Reality/Augmented Reality) rounded by digital devices. The de-
2 Survey: Nastolatki 3.0, NASK, December 2016.
3 GUS [National Statistical Office] report: Information Society in Poland in 2017.
4 Survey: Nastolatki 3.0, ibid.
5
velopment of global network involves in the brain. Nevertheless, results of
not only opportunities, but also chal- studies5 are alarming: over 40% of
lenges concerning safety of its us- 1-year and 2-year olds in Poland use
ers. The Internet, which gives a vast tablets or smartphones, and among
space for relationships and data ex- these every third child uses mobile
change, may also expose users to devices every day or almost every
such threats as: loss of privacy, ex- day and much longer than recom-
posure to dangerous contacts, harm- mended. In the context of recommen-
ful content, including those calling for dations issued by the World Health
risky behaviour and those dissemi- Organisation, stating that children be-
nating false information (the so-called low two years of age should not have
fake news). Internet-related risks in- any access to devices equipped with
clude also issues concerning dys- screens, it is clearly observed that
functional use of the network, among digital world enters children’s lives in
others, leading to Internet-addiction. a revolutionary manner, and frequent-
Even properly selected information ly this process lacks conscious man-
from the Internet may negatively im- agement on the part of their parents.
pact child’s development, if it is in-
troduced to their world too early or The guidebook covers a new phe-
too intensely. Children whose cogni- nomenon in the context of children’s
tive experiences are limited only to safety in the Internet—the interactive
screen-equipped devices that begin to connected toys and ‘machine learn-
replace their regular plays and differ- ing’. The issues may be divided into
ent interactions with others and per- two main groups:
ception of the real world with all sens-
es, are even exposed to disorders in The intersection of the groups in-
the development of neuron structures volves the area relating to privacy,
1. aspects rela- 2. aspects
ting to technolo- relating to
privacy
gical threats, social threats.
5 The Use of Mobile Devices by Small Children in Poland, Millward Brown Poland for FDN, 2015.
6
since it may be the subject of ac- Alone together6.
tions undertaken by cyber criminals, At the same time, it is worth taking
who are able to create a false identity note of an additional aspect of chil-
by accessing data recorded in chil- dren’s privacy, connected with the
dren’s toys and use it for illegal pur- development of the Internet of things,
poses. On the other hand, the toys namely the so-called wearable tech-
themselves are recording various nologies—that is clothes and acces-
interactions, including conversations sories with embedded computer and
between the child and the toy, and advanced electronic technologies7.
make them available to parents (or Many experts believe that8 such prod-
other users of the application) without ucts, which seemingly are to increase
knowledge or consent of the users child’s safety, may as a consequence
(i.e. the children). The perspective of restrict children’s privacy and person-
parents’ entering their child’s privacy al freedom, at the same time encour-
zone was discussed during the Inter- aging them to accept supervision.
net Governance Forum in 2016 by On the one hand, it is natural that
a world-famous expert in the subject, parents want to take every opportu-
John Carr. In his speech he indicat- nity to protect their children, but too
ed the possible impact of connected much developed surveillance, aware-
toys on relationships inside families ness of permanent monitoring on the
through the use of toys as substitutes part of the parents and teachers may
of real participation in child’s life. have a significant impact on young
This problem is also emphasised by people’s behaviour and development.
Professor Sherry Turkle in her book
We should remember that children
have the right to privacy.
They need a private space to play
and develop without feeling they
are constantly monitored.
zdj. Fotolia.com
6 Turkle Sherry, Alone Together, Basic Books 2011.
7 Acquired from: https://pl.wikipedia.org/wiki/Wearables. Access from 10.02.2018.
8 Acquired from: https://www.theguardian.com/sustainable-business/2016/feb/05/big-mother-gps
-tracking-technology-threat-privacy-childhood. Access from 12.02.2018.
7
A very interesting perspective con- were very interesting; they wondered
cerning privacy in children’s interac- how they could make use of them at
tion with smart toys and parents’ ap- all. They thought that they would be
proach to the opportunity to listen to able to learn about their children’s
and monitor children’s conversations possible problems, the ones that
was described in the pilot studies a child did not want to talk about di-
conducted by experts from Wash- rectly, or to hear the words they did
ington University ‘Toys that Listen: not want them to use. However,
A Study of Parents, Children, and on the other hand, they started to
Internet-Connected Toys’. The study imagine their own reaction, how they
involved eight interviews with par- personally would feel, if they were
ents and children (aged 6–10), dur- recorded without their knowledge.
ing which they were introduced to the The web account for parents which
workings of Hello Barbie and Cogni- accompanies Hello Barbie even en-
Toy Dino. The parents’ observations ables them to publish their chilldren’s
concerning the purport of recording recorded conversations in a social
talks their children have with the toys portal. And all this can happen when,
Fig. 1. Parents’ panel. On the right there are icons that enable them to publish recordings in the
social media
8
in the majority of cases, the children robot as a social being, who you can
do not realise at all that their conver- make friends with, share secrets with,
sations with toy friends are recorded. who has got its own intelligence. 33%
Most of the children participating in of the children would like to give the
the interviews did not know that their robot voting rights, and 54% of them
parents could listen to their conver- thought it was not fair to close the ro-
sations with Barbie. One child, when bot in the box if the robot does not
found out that the doll recorded the like it. Children aged 9–12 showed
conversations, became even scared. a much higher tendency to personal-
One of the recommendations from ise the robot than 15 year olds.
the study involved the suggestion
that children should be able to listen The studies indicated a strong ten-
to their recordings directly from the dency on the part of children to build
doll’s ‘interface’. Everybody agreed an emotional relationship with smart
that manufacturers and parents had devices and trust them. Hence, there
to notify children about all functionali- is an enormous threat that the child
ties of the toys. may potentially interact with some-
body who is able to take control over
Social aspects of smart toys are also the toy, using a remote communi-
related to the impact smart toys may cation protocol, such as Bluetooth.
potentially have on the ability to build A stranger might also learn about
authentic interpersonal relationships the secrets that the child shared with
by children (the ones based on, inter a digital friend. On top of that, chil-
alia, empathy, sensitivity, responsive- dren may be exposed to hidden
ness, attentiveness, self-knowledge, commercials implemented in the toy
reciprocity, interest) and9 on children’s (e.g. Cayla doll mentions popular
cognitive development. An extremely snacks and sweets in its interactions
interesting perspective for these con- with children). That is why it is very
siderations was presented in the stud- important that parents are careful
ies10 based on an experiment involv- when introducing smart toys to their
ing ninety children aged 9–12 and 15. children’s world, take care about
The study used a Japanese Robovie the proper balance in their social
robot. The majority of children taking activities and protect their children’s
part in the experiment recognised the privacy.
9 Kahn Peter H. Jr,, Shen Solace, NOC NOC, Who’s There? A New Ontological Category (NOC)
for Social Robots, in: Nancy Budwig, Elliot Turiel, and Philip David Zelazo, eds., New Perspectives
on Human Development, Cambridge University Press, 2017, p. 114.
10 Ibid., p. 106–123
9Balance is crucial
Potential consequences for Potential consequences for
zdj. Fotolia.com
cognitive development11: identity development:
F support in learning: • impact on the perception
• knowledge personalised of human–human relation-
for the child, ships in the context of man
• incessantly updated by –robot relationship
a self-learning teacher (Shanyang 2006)12,
but • transcendence: smart toys
F risk of an educational as a new ontological
bubble: category (Kahn et al. 2013),
• fragmentation of knowl- • changes in the perception
edge, being lost in afflu- of privacy,
ence, algorithmic learning, • smart robots/toys as super-
• risk of hidden marketing vising devices.
effect on children
Potential consequences for relationship development:
compensation for unsatisfactory relationship in the real world (e.g. Kahn et al. 2013),
functional diversification of relations,
teaching the child the master–servant relationship (e.g. Kahn et al. 2013),
loss of relationship authenticity (Turkle 2007).
11 Influence tables on children’s development presented at the Safer Internet Forum 2017 by dhr.
prof. dr. J. (Jochen) Peter from the Amsterdam School of Communication Research/AscorR
12 Shanyang Zhao, ‘Humanoid social robots as a medium of communication’, New Media & Soci-
ety, 2006 (3), p. 401–419.
103. Internet of Things
The so-called Internet of Things (IoT) Vehicles also become part of the
is a concept in which devices of every- Internet of Things (often connected
day use are connected with one an- with fleet-management systems), as
other, usually in a wireless way. This well as traffic lights, buildings and
allows them to exchange data and their individual sub-systems, such
often provides remote control mecha- as alarms or air-conditioning… Each
nisms in a full or restricted scope. of the groups is completely different.
In case of industrial systems, the pri-
Such definition is obviously very gen- ority will be uninterrupted operation,
eral and consequently somewhat since a failure of a power plant block
problematic in use. First of all, the or a sewage treatment plant may
spectrum of ‘things’ included in the cause serious consequences. For the
Internet of Things is very wide. On the manufacturers of TV-sets or toys the
one hand, we have devices used in in- most important element will involve
dustrial systems: robots, smart gaug- the implementation of new functions
es or switches. On the other hand, which may attract purchasers, and
there are gadgets for individual con- make it possible to build a competi-
sumers: watches, TV-sets, washing tive advantage.
machines or, finally, toys.
Very diverse are as well the techno-
logical solutions used by smart de-
vice manufacturers—starting from
designs and computing platforms,
through operating systems and ra-
dio communication protocols, as well
as ways to store and transmit data.
For instance, for an initial configura-
tion many consumer solutions use
Bluetooth Low Energy, Wi-Fi Direct
or NFC (and traditional Wi-Fi during
normal operation), most often with
zdj. Fotolia.com
the use of a smartphone.
11Finally, the borderline of the Inter- Components re-use such elements
net of Things is rather symbolic and as network cards, BLE cards, video
fluid. Smartphones may be a good cameras, etc. are usually used in
example here. Basically, they should many similar devices manufactured
be included into the group of IoT de- by various vendors. The same ap-
vices (as, nomen est omen, ‘smart plies to programming libraries used
telephones’). On the other hand, they in the device’s software. In case of
constitute such mature solutions and some cheap smart devices, products
are equipped in enormous computing of various brands may differ from
power that we learnt to treat them as one another basically only with cas-
a new class of portable computers, ings and visual elements of the user’s
where using the GSM network for interface. Hence, finding that a fea-
voice calls is just one of all the avail- ture is vulnerable in one of the typical
able functions. elements has effects on many prod-
ucts.
Consequently, treating the Internet
of Things as a whole makes limited Firmware updates: In order to fix an
sense in particular when talking about error in the device’s software, a new
its technical problems. Nevertheless, version must be published by the
below we made an attempt to high- manufacturer, and then downloaded
light the most important classes of and installed by the consumer. This
problems common for smart connect- update process may be either auto-
ed devices. matic or manual. In the latter case,
users have to periodically check the
Limited resources at the production manufacturer’s webpages for firm-
stage: when designing the IoT de- ware updates and install them on
vices, it is usually necessary to take their own. In any case, the manu-
care about their compact size and en- facturer must ensure that consum-
ergy efficiency. It may lead to a com- ers can verify the patch comes from
promise between security (for exam- a trusted source, and was not modi-
ple, using security strong cryptographic fied in any way. Another significant
algorithms) and implementation of problem involves the fact that the
additional functions. From the manu- availability of possible software up-
facturer’s perspective, time is also dates after product purchase depends
a vital resource. Any delay in marketing on the time the producer will support
a new model of a product may mean the product. In case the producer
losing a market share. They may be thinks such support is not profitable, it
thus tempted to limit the tests, includ- may turn out that we are left with the
ing the ones related to IT security. product that will not be repaired at all.
12It is worth noting that such problems
basically refer to all smart devices,
regardless of whether they are Inter-
net-connected (i.e. they are elements
of IoT) or not.
zdj. Fotolia.com
134. Perception and popularity
of smart devices in Poland.
Quantitative and qualitative
studies
Almost 25 billion IoT devices are
expected to be in use globally by
202013, and in the opinion of experts
over 70% of households will be
equipped with such devices by
202514.
This dynamically developing branch
of technology becomes more and
more popular in Poland. In order to
zdj. Fotolia.com
determine a current distribution of
Internet of Things, defined as
a next stage of digital
revolution, enters every part of
everyday life and industry. smart devices in Polish households,
We speak about IoT, among with a particular attention to the
others, in terms of smart popularisation and knowledge about
economy, smart city, smart the Internet of Toys, quantitative and
transportation, smart health qualitative studies were conducted
or smart home. in mid-2017 which gave a broader
overview of the perception and
spread of IoT technologies.
13 https://www.gartner.com/newsroom/id/2905717.
14 https://www.forbes.com/sites/forbestechcouncil/2017/06/06/best-smart-home-devices-and
-how-iot-is-changing-the-way-we-live/#578e929b43bd.
14Quantitative studies
The study performed with the use of Ariadna panel involv-
ing Polish Internet users across the country, composed of
N=1051 people. Quotas reflecting population aged 18 and
over, grouped by sex, age, and town size. Period of study:
8–11 September 2017. Method: CAWI,
and
The study performed with the use of Ariadna panel, involv-
ing Polish Internet users across the country, composed of
N=1047 people. Quotas reflecting population aged 18 and
over, grouped by sex, age, and town size.
Period of study: 15–11 September 2017. Method: CAWI.
Qualitative studies
The study performed with the use of an in-depth interview
(IDI) between July and September 2017. The interviews were
conducted in places of respondents’ residence or their tem-
porary stay. It was particularly important in order to conduct
observation studies, confront the provided information with
the situation accompanying the interview, take into account
the information concerning popularisation and use of elec-
tronic devices resulting from interior designs, presence of
devices within sight during the interview etc.
24 interviews were performed with families selected accord-
ing to the guidelines of the matrix, assuming diversification
according to the place of residence, education level, number
of children, and number of parents in the family (both par-
ents/sole father/mother)
15Is my fridge smart? ring to specific functions of an appli-
ance (e.g. fast cooling of beverages),
The quantitative studies were con- make their owners believe they are
ducted twice. The first study showed part of Internet of Things.
the respondents had difficulties to de-
fine items belonging to the Internet of An example is shown in the below
Things. It seems that marketing cam- chart presenting answers to the first
paigns and rhetoric describing the question asked in the first edition of
devices as ‘smart’, when in fact refer- the studies.
Which of the following devices are in your household and have an Internet
connection or can be connected to the Internet, i.e. they are ‘smart’ devices?
60.0%
50.0%
40.0%
30.0%
20.0%
10.0%
0.0%
t
e
ne
o
en
s
g
r
s
em
as
ng
e
r
r
se
te
he
ne
ht
y
dg
di
tin
ov
to
er
hi
ov
ni
ea
ra
lig
st
ot
itu
TV
a
ab
fri
ac
tio
m
he
sy
th
pl
ca
m
di
e
am
e
m
th
on
m
g
ar
in
of
ho
rc
al
sh
ne
ai
wa
no
16The obtained answers and high pos- in which the first question was divided
session ratios of smart devices re- into two complementary questions:
quired another study to be performed,
Which of the following devices are in your household?
90.0%
80.0%
70.0%
60.0%
50.0%
40.0%
30.0%
20.0%
10.0%
0.0%
o
r
ne
e
en
em
ys
s
g
ng
as
e
t
r
se
te
ne
ht
di
dg
in
ov
to
er
ni
hi
ov
ea
ra
lig
at
st
itu
ab
TV
fri
tio
ac
m
sy
he
th
pl
ca
di
m
e
am
e
m
th
on
m
g
ar
in
of
ho
rc
al
sh
ne
ai
wa
no
And which of the devices in your household are connected to the Internet?
60.0%
50.0%
40.0%
30.0%
20.0%
10.0%
0.0%
o
r
e
ys
ne
en
em
s
g
s
ng
e
t
r
se
te
ne
ht
ra
di
dg
in
ov
to
hi
ov
ni
ea
ra
lig
at
st
e
u
ab
TV
fri
ac
tio
m
t
sy
he
h
i
pl
ca
t
m
di
e
am
e
m
th
on
m
g
ar
in
of
ho
rc
al
sh
ne
ai
wa
no
17As it can be observed, after ask- relation between the fact of having
ing directly whether a given device a smart device and having knowledge
is Internet-connected, the obtained about other IoT devices.
data indicated a much lower distri-
bution of IoT devices in households
than resulted from the first panel. Who buys and who makes
When analysing the data, how- decisions?
ever, one should also take into ac-
count the possibility indicated by Toys are purchased by virtually all so-
the qualitative studies—namely, cial groups, of any age. Almost 80%
that there is a situation in which re- respondents declared that they pur-
spondents have a smart device chased toys, out of which 95% people
(it mainly concerns TV-sets), but they were aged 25–34.
do not connect it to the Internet, and
use it only as a traditional TV-set. In
some cases the respondents had the Do you buy toys for your children?
most modern smart TV on the wall of
their flat, but it was not connected to
the Internet.
90.0%
Moreover, the study showed that the
80.0%
most common holders of smart TV
(the most common smart appliance
70.0%
in Polish households) are persons
belonging to the age group 45–55,
60.0%
living in small and medium-sized
towns. People living in medium-sized
50.0%
towns (20–99 thousand inhabitants),
aged 25–44, are also the most com- 40.0%
mon holders of smart alarm systems.
Smart toys are rather rare at present 30.0%
and their holders are most frequently
people with higher education level, 20.0%
aged 35–45, and living in big cities.
10.0%
Interviews with the families confirmed
the fact that people who have smart 0.0%
devices very often are not aware
what it means. There is also no cor-
s
No
Ye
18Women buy toys relatively more often for digital appliances shopping. Chil-
(80.3%) than men (76.4%), however, dren are their advisers and motiva-
it may change with regard to digital tors in the majority of cases. Women
toys in the future since men tend to are mentioned as decision-makers
treat their voice more important in only during interviews with sole moth-
the decision-making process when ers. Additionally, there occur disput-
purchasing electronic devices. The able situations: the spouses do not
quantitative studies confirm obser- agree on who makes decisions about
vations from the qualitative studies. purchases. Eventually, the argument
In the majority of cases, fathers are to resolve the dispute was usually:
quoted as decision-making persons who pays for the device.
Who in your household has a decisive voice when buying electronic devices?
it's hard to say
others
children
mother
father
wife/husband/
partner
myself
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0%
19I decided How we evaluate IoT
technology development
80.0%
in the context of children?
70.0%
How do you rate the fact that more
60.0% and more appliances can be connect-
ed to the Internet, and can be remote-
50.0%
ly managed from applications on your
40.0% smartphone, tablet, or computer?
30.0%
20.0%
40.0%
10.0%
35.0%
0.0%
30.0%
e
e
al
al
m
m
fe
25.0%
Another aim of the study was to
20.0%
check how the respondents feel
about development of the smart toys
15.0%
market. The most positive attitude
towards IoT development was shown 10.0%
by citizens of big cities; they gave
10% more of ‘positive’ answers to 5.0%
the question: How do you perceive
the fact that more and more toys 0.0%
can be connected to the Internet?
po y
ive
ne al
e
Neutral and positive attitudes are
sa
tiv
r
ut
sit
ga
predominant, though almost 30%
to
ne
rd
show great concerns.
ha
20The below chart shows that the attitude towards smart toys hope that
greatest concern involves unautho- they will have a positive influence
rised access to data. Interestingly, on children’s development, particu-
respondents thought that the lowest larly in the educational context, and
risk involved direct loss of money, e.g. they believe that it is a natural con-
a bank account compromise or stolen sequence of digital revolution. Nev-
credit card information. ertheless, they also have certain
concerns, mainly related to overuse
The qualitative studies also indicated of devices by children and the use
a rather neutral attitude towards the of Internet as a time killer for young
development of Internet technologies people. The negative evaluation of
in the context of toys, whereas almost smart toys involved mainly concerns
all of the answers were marked with about surveillance, loss of privacy,
certain doubts. The parents most and killing children’s creativity. Both
often paid attention to the issues in- in the qualitative studies and in the
volving the protection of children’s quantitative studies it can be noted
privacy, a risk of access to personal that concerns about loss of funds
data; they were afraid that such toys (i.e. potential interception of account
may provide false emotions to their data, logins, passwords) are not
children and that potentially each mentioned as the main risk associ-
child may be exposed to dangerous ated with IoT devices.
contacts. People showing a positive
What worries you the most about devices connected to the Internet?
that someone may access
my data without authorisation 27.1%
that devices may collect 23.7%
data without my knowledge
that someone may take over control 20.3%
of the device without authorisation
that the device will stop 16.5%
working due to an error
that someone may steal
my credit card details
8.5%
other 3.9%
21The objective of the study was also are not always willing to guarantee
to determine the properties which are a longer period of toy operation.
the most important for parents when
choosing a toy. It was a multiple The question is to what extent atten-
choice question. As presented in the tion paid to safety refers to physical
chart, most respondents (65.5%) re- aspects of toys (the risk of swallow-
garded safety as the most important, ing by small children, no adequate at-
along with a large group (63.4%) who testations), and to what extent it will
thought its adjustment to age is de- also include the problems relating to
cisive. Price and child’s preferences Internet security. It should be noted
were given the subsequent places. that the interviews were conducted
Almost 50% are guided by durabil- in Polish, where ‘security’ and ‘safety’
ity when shopping, thus, it is worth are described by the same word. It is
paying attention to this aspect in the therefore hard to determine which of
context of smart toys since producers the two the respondents had in mind.
Which features of the toy are most important to you when deciding
about purchase?
80.0%
70.0% 65.5%
63.4%
60.0% 54.6%
52.6%
50.0% 47.9%
40.0%
30.0%
20.0%
10.0%
10.0%
5.1%
0.3%
0.0%
ity
e
ice
e
y
s
r
tio t
he
ilit
nd
ag
nc
ec rne
n
ur
pr
b
ot
re
tre
ec
's
ra
nn te
fe
ild
co f In
du
/s
nt
e
ch
ty
pr
rre
o
fe
to
's
y
cu
sa
ilit
ld
fit
to
sib
i
ch
fit
s
po
22Based on answers to the question with the technology. It seems like the
concerning the frequency of talks known proverb: ‘All I know is that I
conducted with children about In- know nothing’—the more we get to
ternet security, it may be stated that know the Internet, the more we are
this subject is still not mentioned in aware of the potential challenges ac-
many households (15.1%), or it is companying the virtual world.
very rare 38.5%). Frequent talks
with children about on-line safety
are declared more frequently women How often do you talk with your child
(51.3%), than by men (39.1%), how- or children about the Internet safety
ever, women are considerably rarely and the potential online threats?
decision-makers and initiators of
digital device purchases. During the
interviews, parents very often replied
that they had not talked with their
children about safety in the Internet
as they thought children knew more 38.5%
about new technologies and parents 46.4%
rarely
did not keep up with it. Parents ad- often
mitted they could not conduct such
talks, and that they should know
more about the subject and adjust 15.1%
never
the scope of the talk to their children’s
age. At the same time, the majority
of respondents thought that parents
should be more responsible for their
children’s education and protection An alarming fact consistently
against on-line threats than school. It showing in responses is that the
seems very interesting that the less parents pay little or no attention
the respondents knew about technol- to terms and policies regarding
ogies and digital activities of children, products and online services they
the higher personal responsibility buy. Most respondents unanimously
and role they saw, whereas persons answered that—when buying digital
well familiarised with the digital world devices, downloading applications,
and personally active Internet users using social media or other on-line
thought that school should lead the services—they read neither their
way in shaping digital competences, regulations nor the privacy policy.
explaining that they could see per- Regulations are read only in cases
sonally that parents did not keep up when people have concerns that
23a given on-line service may involve
terms and conditions payments, but
still it is not a rule. That is why all
parents expressed the need to be
clearly informed about any function-
alities and privacy policies concern-
ing smart toys directly on the packag-
ing or even on the toys themselves.
It is worth noting that the data confirm
conclusions from the previously quot-
ed studies conducted by the Wash-
ington University during which all par-
ents who took part in the interviews
had clicked a button to agree to their
children’s use of the Hello Barbie doll
and associated services without any
hesitation or familiarising themselves
with the privacy policy.
Fig. 2 Parents’ consent app for having their
Respondents would like manufac- child playing with Hello Barbie
tures to feel responsible for adequate
notifications to their potential cus- of IoT technologies into child’s life,
tomers and protection of their data starting from conscious purchase, as
required to operate the devices. well as subsequent consistent care
Parents also appreciate all sorts of about children’s safety in the context
guidebooks which could help them to of protecting their privacy and social
take care about their children’s safety development.
in the context of digital media.
Results of the studies clearly show
the need for awareness campaigns
explaining the ideas, workings,
and challenges of the Internet of
Things. Consequently, the aim of this
guidebook is primarily to describe
the technological issues of smart
devices, to present risks specific to
smart connected toys, and to offer
parents and carers tangible advice
concerning conscious introduction
245. Smart toys under scrutiny.
Tests and analysis of the issues
As we have underlined above, this on the server. Thanks to the fact that
guidebook is focused mainly on smart the analysis is made outside the toy,
toys connected to the Internet. The the toy itself does not need a high
connection usually means a certain computing power. Nevertheless, as
type of interaction with the services it can be easily figured out, such a
available on the server belonging model may pose a potential threat to
to either the manufacturer or to a our privacy.
cooperating third company. In case
of each toy, the details concerning In order to check how secure such
the interaction may look completely toys are in practice, we played the
differently. Usually, however, the role of consumers and bought smart
majority of raw data collected from the connected toys for testing.
environment are sent to be processed
Hello Barbie—a doll advertised as equipped with the function of interactive talk
and voice recognition. It is equipped with a microphone. The child’s statements
are sent to the cloud. The application on the server tries to recognise from
a list of several such as ‘yes, ‘no’, conversation topics and provides an ‘answer’
from a list of several thousands recorded phrases. The doll is recommended
for children aged 6–15.
Fig. 3 Hello Barbie doll
25Barbie Hello Dreamhouse—a smart doll house. It uses mechanisms similar to
those of Hello Barbie in order to use voice commands to activate various func-
tions of the doll house (e.g. playing the music or switching the lights on). The
toy is recommended for children aged 3–10.
Fig. 4 Barbie Hello Dreamhouse
Fisher Price Smart Toy Monkey—uses microphone, video camera, and ac-
celerometer for interactive play, responding to key words, activity cards (recog-
nition with the use of video camera) or movement (e.g. tossing up). The toy is
recommended for children aged 3–8.
Fig. 5 Fisher Price Smart Toy Monkey
26CogniToys Dinosaur—sends user’s voice messages to the server, the ap-
plication in the cloud is powered by the IBM Watson system which generates
answers in the form of natural conversations, quoting encyclopaedic data, tell-
ing jokes, singing, etc. Recommended for children over 5.
Fig. 6 Dinozaur CogniToys
Before we discuss possible prob- Toy configuration is usually made
lems in more detail, let us describe with the use of a smartphone. During
the manner of operation of ‘smart this process, we will have to provide,
connected’ toys. For all the toys we at least, a wireless network configu-
tested it is possible to distinguish sev- ration (name and password) which
eral stages, important from the point will be used by the toy to establish
of view of understanding the core of a connection in the future. The informa-
their operation: tion will be recorded in the toy’s mem-
ory, though it may happen that they
Registration in the manufacturer’s/ will be then sent to the manufacturer
service provider’s server. We are (at least one of the toys we tested
usually asked to create a user’s profile sent the name of the wireless network
before the toy’s first use. The scope of it used). In this way, a specific toy is
data provided at this stage varies—at connected with the user’s profile.
least it is an e-mail address, but we
may also be asked to state the child’s During normal use, the toy operates
name and age. The profile data is in the following cycle:
stored on the manufacturer’s server.
27Collecting data from the user. The
toy records the sound, image or ac-
celerometer readings and sends
them to the server (sometimes par-
tially processed).
Data processing on the server.
Depending on the particular toy, for
instance, a graphic symbol analysis
or full voice recognition may be per-
formed. The software on the server
generates a response (e.g. a voice
zdj. Fotolia.com
message, a command for the toy to
perform a certain action that the script
version of the story told) and sends it
to the toy. So, this is what the ‘smart-
ness’ of the toy is embedded in.
Presentation of result. Playing re-
corded voice response, music, per-
forming an action etc. line shop. What is important, all toys
require a smartphone application
to be configured. The application
We are buying a smart toy may be unavailable for Polish users.
Fortunately, the seller clearly informs
None of the toys we tested was about the fact on the packaging (see
available on the Polish market. We below the last line on the application
purchased them in an American on- accompanying Hello Barbie).
Fig. 7 Hello Barbie Application
28From the description of the toys you • How does the toy exactly operate?
learn that they are interactive and We may ask the seller for more
smart and that they need to be con- information, asking for a demon-
nected to the Internet (thus they are stration. We may also search the
‘smart connected’). However, it is not Internet for consumer reviews,
easy to understand what their ‘smart- test results, demonstrative videos,
ness’ precisely involves, or which etc. It is worth remembering that
data are used by them. Some de- descriptions of smart toys and un-
scriptions refer the user in small print derstanding of some phrases (for
to the privacy policy on the manufac- instance, an ‘interactive talk’) may
turer’s page. So, this is to some ex- be different for people responsi-
tent ‘a pig in a poke’. ble for marketing and for us.
• What data does the toy collect?
Where are they stored?
Who has access to them?
We should find the answers in
the privacy policy on the manu-
facturer’s web page. There may
be an exact reference link on the
box or in the instruction manual
(often available to download from
the web page) to the document
or, at least, the main web page
address of the manufacturer.
As a last resort, we may look for
Fig. 8 Privacy issues of the Hello Barbie doll the technical support section on
the web page and ask them for
more information.
When we unboxed the toys, we con- • How are the data sent between
cluded that, after all, we were in a bet- the toy and the manufacturer’s
ter situation than the consumers who server protected?
decided to buy the toy after seeing it in By default we should expect the
the shop. There is hardly any informa- data to be encrypted. However,
tion on the packaging on how the toy this is not always the case. Be-
operates, not to mention the details sides, the encryption itself does
about technological solutions used. not guarantee that the data will not
be intercepted. Unfortunately, it is
What questions should be asked, in no use looking for exact informa-
our opinion, before we buy such toys? tion in any documentation provid-
29ed with the toy. It is worth sending
a question to the manufacturer’s
technical support department,
and searching for tests of the toy
on in the Internet. Maybe some-
one has already proved that it is
insecure? And maybe just the op-
posite?
• How can the software be updat-
ed?
All toys tested by us automatically
checked for updates each time Fig.9 Information on the toy updates
they were switched on. However,
we did not find any information
If we manage to collect all, or—at
about that in the instruction man-
least—most of the answers, we
uals. Thus, it is worth asking the
should consider possible risks, and
technical support team before we
decide whether we consciously want
buy the toy.
to purchase the toy.
• How long will the product be
supported?
The producer may stop providing We have the toy
updates any time, which means
that any possible errors will not Some toys process only a very limited
be removed. Worse still, the set of data. In this case, we may only
server itself, which is responsible be afraid that somebody may modi-
for the toy ‘smartness’, may be fy the software in such a way that a
switched off, which will make the video camera, a microphone or a mo-
toy almost useless. In the case tion sensor may record more than the
of one of the toys we bought, producer assumed (Is the toy sec-
such information can be found ond-hand? Do we trust the seller?).
in its marketing materials. How- Some other toys send a complete set
ever, it is easy to be overlooked. of records of conversations between
We even did not find it on the the child and the toy to the manufac-
box! turer, and—apart from the record-
ings—also their transcriptions are
stored that may be used for machine
analyses. In such a scenario, it is ex-
tremely important to encrypt the data
for transmission, as well as to protect
30them against unauthorised access necessary to create an account on
by third parties while stored. In other the manufacturer’s web page at the
words, we need to have confidence in first use. At this stage we had to ac-
the service provider contents and in cept all terms and conditions includ-
his technical competences. ing the privacy policy. Though we tend
to skip such messages with a quick
It is worth noting that all toys we ‘Next’, in this case we recommend to
tested were addressed for English- read the documents carefully. They
describe what data are collected,
who can process them and for what
purpose. In the most extreme cases,
the manufacturer declared disclosing
of all data (including recordings of the
child’s conversations with the toy) to
third parties, almost without any limi-
tations. You will find a wide analysis
of this issue further in this guidebook.
The installed application is used to
zdj. Fotolia.com
pre-configure the toy. In particular, to
set the access data to a wireless net-
work and to connect the toy with the
user’s account. Wi-Fi Direct or Blue-
speaking customers. It is very tooth are most often used to connect
important in particular in the scope the toy. In both cases the connection
of the voice recognition function. is established without any authorisa-
In our tests the algorithms did tion on the part of the toy; it does not
not cope very well with this task require any PIN or password. Con-
(even during ‘conversations’ with sequently, we recommend that the
a native speaker). It may pose even initial connection and setup shall be
a greater problem of children’s frus- performed in a place where there is
tration as their pronunciation is natu- no risk that an unauthorised person
rally less clear and the language— will intercept the connection for ill pur-
less correct. poses. It should be noted that the use
of application is usually only required
The first task we had to complete be- to configure and reconfigure the toy
fore we started using each of the toys (e.g. when adding a new Wi-Fi net-
was to install and start the dedicated work). Once configured, a toy will op-
application on a smartphone. It was erate independently as long as it can
31connect to a known Wi-Fi network. the software for the doll. Unfortunate-
The place where the toy is used is ly, in one of the toys the encryption
also of importance, exactly due to the was poorly implemented and not all
Wi-Fi networks that the toy ‘remem- the data were protected. In particular,
bers’ since the toy will connect to any it was possible to install a fabricated
Wi-Fi network which will have identi- update. On the other hand, a properly
cal configuration (name, security pro- used and adequately strong encryp-
tocol, password)—even if it is broad- tion prevents us from checking what
casted e.g. by a malicious neighbour. data are collected by the toy only on
Anyone in control of a Wi-Fi device the basis of the analysis of traffic bet-
to which the toy gets connected may ween the toy and the server.
redirect the communication between
the toy and vendor’s server, poten- All the toys we tested are equipped
tially eavesdropping or modifying it. with the automatic updating mecha-
The same risk applies when we con- nism. When connected to the Wi-Fi
sciously use public networks if we network, they check the manufac-
do not know who administers such turer’s website for the most recent
networks, or whether they have been available software updates, down-
intercepted. load, and install them if required.
As we mentioned above, it is extreme-
In order to protect the user’s priva- ly important that the cryptographic
cy and ensure that the data is sent mechanisms ensure that updates
to the proper server, manufacturers are actually a safe source. An unau-
may apply cryptography, for instance thorised change in the toy’s software
by using the popular SSL/TLS proto- might result in any use of periph-
cols. During the tests we checked if eral devices the toy is equipped with
this is the case. The majority of toys (i.e., first of all, a microphone or
passed the test with no reservations, a video camera) and transfer of data
not only encrypting the transfer, but to any server, without any control.
also verifying whether the other party
indeed belongs to the manufacturer It is worth emphasising that all toys we
and, consequently, refusing to com- tested collect data only in response to
municate with the substitute server the user’s conscious interaction (typi-
we provided. It was also the case with cally a push of a button). This is good
Hello Barbie doll which was declared news since it means that the toys are
in 2013 as susceptible to such a type not ‘listening’ all the time and they do
of attacks. It means that producers not send data to the manufacturer if
have obviously removed the problem we do not wish so, or if we are not
and ensured an adequate update of aware.
32toy is not connected to the network
We also posed a question whether (for instance, the messages greeting
the ‘smartness’ of the toys may be the child or notifying about errors).
used against the child, for example,
by teaching them an aggressive or ‘Smart’ toys are nothing more than
vulgar behaviour. In case of the ma- electronic devices adjusted to com-
jority of the toys, the answer turned municate with the outer world through
out to be very simple, due to their lim- embedded sensors (e.g. a micro-
ited ability to interact and no possibil- phone or a video camera), as well
ity to generate messages outside the as with the Internet through standard
scope of pre-defined scripts (even if network interfaces (e.g. Wi-Fi, Blue
the script included over 8000 phras- Tooth).
es, as was the case of Hello Barbie).
As far as CogniToys Dino is con- One of many aspects concerning the
cerned, the potential seemed to be broadly understood safety of ‘smart
higher because it uses the IBM Wat- toys’ is the possibility to get a physical
son system and generates responses access to elements responsible for
based on an extended (and probably communication or data storage. This
constantly broadened) knowledge is especially applicable when such
base. However, the producer took a toy originates from the secondary
care of unsuitable content filters, ei- market. On the other hand, when
ther by limiting access to undesirable
content or responding adequately to
any attempts of the testing persons’
‘unsuitable behaviour’.
Physical safety of the toy
Another way of ‘attacking’ a smart
toy is through a physical access to its
systems and an attempt to recover or
zdj. Fotolia.com
modify data and software. The data
recorded by the toy include names
and passwords to Wi-Fi networks or
the user’s account data. In turn, apart
from the software itself, the elements
such as audio messages may be
modified that are available when the
33the toy has been lost or stolen, the functional elements (see Fig. 11):
new owner might retrieve sensitive A wireless network module—Azure-
data from the device. There is also Wave AWCU300E 802.11 b/g/n,
a possibility that somebody may 1. Memory storing the software and
insert additional functions to the all data—Gigadevice GD25Q16
toy, enabling—for instance—to 16Mbit SPI Flash,
eavesdrop children during their play 2. An audio module responsible for
or household members who are processing signals from the micro-
within the scope of the embedded phone and sound reproduction—
video camera or microphone. Nuvoton NAU8810 24bit.
Hello Barbie
It seemingly does not differ from the
other dolls of the producer, however,
Fig. 11 Opened Hello Barbie doll
Should anyone unauthorised have
physical access to the doll, the most
exposed element is the memory
because all its content can be read.
During the analysis it was shown that
in order to read the whole memory
content, it is enough to solder out the
element and read it with the use of
a reader. The memory is divided into
sections due to its functional areas.
Fig.10 Hello Barbie with accessories. • Section no. 1 includes the so-
called Boot loader which enables
it is equipped with a docking station the toy’s software to run.
and a charger (see Fig. 10). • Section no. 2 contains configu-
When we undress and open ration of the toll with relevant
the doll, we can see a printed credentials for a Wi-Fi network.
circuit board and identify all It is worth noting that it was not
34to purchase it—they should check
possible to read the data, be- whether the doll had not been opened
cause they were encrypted. before. In the case of Hello Barbie doll,
• Section no. 3 contains the soft- the majority of physical interference
ware to control the doll. attempts should leave some traces.
• Section no. 4 contains software The easiest way to check it is by
for a Wi-Fi module. looking at the cracks where two parts
• Section no. 5 contains all audio of the doll come into contact with each
files used offline. other. Since the doll is to a certain
degree glued inside, the access to its
We do not have an easy access to interior part requires some physical
sensitive data recorded in the doll’s strength which normally leaves
memory. Difficult, onerous, and re- traces on the edges (see Fig. 12).
quiring specialised knowledge modi-
fication of the software or audio files Photos of Hello Barbie were taken form: https://
fccid.io/PIYDKF74-15A5W and
recorded in the memory is still pos- http://somersetrecon.com/s/HelloBarbieSecuri-
sible. tyAnalysis.pdf.
Doll users should be forewarned that Dream House
they should be very careful when
buying the toy on the secondary A smart home made by the same
market, and—if they still decided producer as the Hello Barbie doll. Af-
ter opening we can see two printed
circuit boards out of which the green
one is worth analysing (see Fig. 13).
At the first glance, it looks similarly as
the circuit board from the Hello Bar-
bie doll.
We can identify the same functional
blocks on the board as in the case
of the Hello Barbie doll. Figure 14
shows the individual modules:
1. A wireless network module,
2. Memory storing the software and
all data—Winbond W25Q128FV,
Fig. 12 Traces left when a Hello Barbie doll has 3. An audio module responsible
been opened for processing signals from
35You can also read
