Technologist - The FindLaw Legal Technology Blog

IoT Kids' Toys Privacy Breach Case Settles

The FTC and VTech Electronics have reached a settlement related to the 2015 data breach that exposed millions of children's and their parents' personal information. The data breach resulted from internet-connected devices for kids, including handhelds, smartwatches, and a variety of apps and media. VTech reported is paying $650,000 to settle the FTC's case.

One significant problem involved VTech collecting information from kids without the consent of their parents in the first. And while the company did store much of this information in an encrypted format, the decryption keys were readily available to the hacker. The company did not know about the hack until it was reported online through a major tech publisher. As a result of the FTC settlement, VTech's data protection policies will undergo review every two years for the next two decades.

IoKT: Internet of Kid Things

When it comes to the IoT, these new devices can provide quite a bit of convenience and peace of mind. However, the dangers of hackers targeting these devices (and the services that support them) is real, and companies need to be on top of cybersecurity to avoid liability (not to mention the PR nightmare) for data breaches.

This is especially true for IoT device makers that focus on tech for kids, as the privacy of children is considered more sensitive than adults. Shockingly, as reported by Courthouse News Service, VTech collected the information on the children without even providing a direct notice that the data was being collected. For some parents, this sort of scandal might be enough to scare them away from giving their kids any IoT devices, but that's likely an overreaction.

IoT Spy

One big problem with hackers targeting IoT devices is the level of privacy violation these devices enable, as well as the risk of damage or injury. For instance, having internet connected security cameras means that a hacker could potentially gain access to your camera feed.

When it comes to law firm, and even personal cybersecurity, knowing how much you need is difficult. With the increasing number of attorneys using IoT devices, you may want to limit what devices you allow to access the firm's network.

Related Resources: