Leveraging Knowledge to Manage Your Data Risks
On September 3, 2025, the Department of Justice (DOJ) filed suit against Apitor Technology, which makes robotic toys, alleging that Apitor’s app “enabled a third party in China to collect geolocation information from children without parental consent.”
The DOJ filed suit following a referral from the Federal Trade Commission (FTC) that Apitor did not comply…
We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet.
The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present…
On February 27, 2017, news reports disclosed a major security breach involving Spiral Toys, the seller of the CloudPets brand of internet-connected stuffed animals. The Bluetooth-connected CloudPets toys allow users to exchange voice messages between the toys and applications on smartphones or tablets. An investigation by cybersecurity researcher Troy Hunt revealed that customer data for over 800,000 registered accounts, including over two million voice recordings, was stored in an unprotected database on the public internet. While the company has denied that any voice recordings were stolen, reports indicate that hackers accessed the open database and attempted to ransom the data.
Continue Reading Data Breach Involving CloudPets “Smart” Toys Raises Internet-of-Things Security Concerns
In the wake of the holiday season, it seems that even toys are not immune from privacy and security pitfalls. Two “connected” toys, Genesis Toys’ My Friend Cayla and i-Que robot, have been accused of violating U.S. and European privacy, security and advertising laws.
The toys at issue provide children with an interactive experience via…
