Dec 02, 2015

    Privacy activists slam high-tech Barbie doll


    THE new Barbie doll is "intelligent" and connected. Too connected for some privacy activists.

    The high-tech US$75 (S$106) Hello Barbie doll unveiled earlier this year by toy giant Mattel and likely to be a holiday hit allows children to speak and get a response from their favourite toy.

    But to make that happen, conversations travel over Wi-Fi networks to Internet cloud servers that use artificial intelligence to deliver a personal reply.

    For the activist group Campaign for a Commercial-Free Childhood, the privacy risks of the intelligent Barbie outweigh the benefits.

    "Children confide in dolls and reveal intimate details about their lives, but Hello Barbie won't keep those secrets," the group said in a statement.

    "When Barbie's belt buckle is held down, everything your child says is transmitted to cloud servers, where it will be stored and analysed by ToyTalk, Mattel's technology partner.

    "Employees of ToyTalk and their partner corporations listen to recordings of children's conversations - and ToyTalk won't even say who their partners are."

    The consumer group says the new Barbie could become a marketing tool, even though the makers have pledged not to do that. And it argues that the high-tech toy could undermine creativity.

    "Children should use their own initiative and creativity to hold conversations with a doll, impart a personality and build their relationships," the statement said.

    "With Hello Barbie, Mattel and ToyTalk's programmers and algorithms drive the conversation, undermining the creative play that is so critical to children's development."

    To make matters worse, the organisation says Hello Barbie "could be a tempting target for hackers, who could access data stored by your family on home devices and networks through the doll".

    The group is urging parents to shun the new doll and earlier last month, launched an online campaign with the hashtag #HellNoBarbie.

    Mattel did not respond to requests for comment. But ToyTalk pointed in a blog post last week to the "many safety features that have been integrated" into the design of Hello Barbie.

    "We are not aware of anyone who has been able to access your Wi-Fi passwords or your kid's audio data," the company said.

    ToyTalk says passwords are stored in a hardware-encrypted section of the doll, and no conversation history is stored on the toy.

    It added that stored data "is never used for advertising purposes" and that the doll has been certified as compliant with the Children's Online Privacy Protection Act in the United States.

    To address security concerns, Mattel and ToyTalk have launched a "bug bounty programme", where security researchers are rewarded for responsibly disclosing potential vulnerabilities.

    ToyTalk said it expects kids to warm to the new connected doll.

    "Mattel and ToyTalk built this doll because the No. 1 request from kids is to talk to Barbie," the company said.