The German government agency that regulates telecommunications — “Bundesnetzagentur” aka the Federal Network Agency — has banned the sale of children’s “smartwatches” in the country and urged parents to smash the ones they already own.
According to the BBC, the agency has identified multiple brands of smartwatch aimed at kids between the ages of 5 and 13 that send data back and forth without encryption, making them vulnerable to hacking and spying attempts.
“Via an app, parents can use such children’s watches to listen unnoticed to the child’s environment and they are to be regarded as an unauthorised transmitting system,” said Jochen Homann, president of the Federal Network Agency.
“According to our research, parents’ watches are also used to listen to teachers in the classroom,” Jochen continued.
“Poorly secured smart devices often allow for privacy invasion,” said Pen Test Partners security expert Ken Munro. “That is really concerning when it comes to kids’ GPS tracking watches – the very watches that are supposed to help keep them safe.”
“There is a shocking lack of regulation of the ‘internet of things’, which allows lax manufacturers to sell us dangerously insecure smart products,” Munro said. “Using privacy regulation to ban such devices is a game-changer, stopping these manufacturers playing fast and loose with our kids’ security.”
So-called smartwatches contain a SIM card and limited telephonic abilities. The devices are set up and controlled by an app that parents control.
“It meant that strangers, using basic hacking techniques, could track children as they moved or make a child appear to be in a completely different location,” the BBC explained.
The German government has also banned a model of talking doll for the same reason.
According to Endgadget, “Devices and apps geared towards kids have become a focus of concern when it comes to protecting children’s privacy. In 2015, VTech, a maker of a number of kid’s toys, was hacked, exposing some 6.4 million customers’ data as well as children’s photos and chat logs. The manufacturer of an internet-connected teddy bear also mismanaged its customers’ data, making it easily accessible online.”