My Friend Cayla, the Hacker-Friendly Doll

As the Internet of Things continues to spread into devices, gadgets and toys, it’s inevitable that what one company thinks of as smarts a hacker will see as opportunity. It’s one reason why you should think about having some sort of cover on your webcam and make sure that you only buy surveillance cameras from reputable manufacturers who have more secure firmware.

And then there’s little Cayla. She’s 7 years old and lives in England with her mum, dad and two siblings. Well, sort of. She’s actually a voice activated doll with a bluetooth pairing capability so you can play games on a nearby tablet or other smart device.

cayla smart doll

Problem is, the bluetooth connection apparently was designed to be easy for children to work with and so it’s insecure and easily hacked into, making Cayla a pretty blond surveillance device. Not so good. So not good that she’s been pulled off the shelves in Germany due to privacy concerns.

Cayla’s not alone either, well over a dozen privacy groups filed complaints with the Federal Trade Commission over concerns with connected toys. Their main concern is that these devices record and transmit children’s voices without being granted permission.

For its part, the company that makes My Friend Cayla has some tips for parents on keeping children secure, including a reminder to turn Cayla off when she’s not being used (though they rather coyly explain that it’s “to preserve batteries”). Cayla’s software system is called Violet and it’s a filtering and screening system that blocks profanity, filters online information to ensure it’s appropriate before sharing, and blocks all website links, images, movies and similar within the companion app. All of which was not sufficient for the German government.

It’s a new world we’re entering and my children love our voice-activated devices — both the Amazon Echo and Google Home — which are also ostensibly recording and transmitting their voices. But with permission: we have them in the house and keep them powered on. It is nonetheless important as we move into Internet and connected toys that manufacturers pay really close attention to privacy issues and design toys for the most paranoid among us, not the least.

Because childhood shouldn’t be a live stream, it should be quiet, private and carefree.

Leave a Reply

Your email address will not be published. Required fields are marked *