Could toys play with data from your children?
Little Sister’s toys are watching you.
That at least was the cry this spring, when toymaker Mattel unveiled Hello Barbie, an Internetlinked doll that converses with children.
“I’m a parent of a 6-year-old, and my daughter can play with a doll for hours,” said Josh Golin, the executive director of Campaign for a Commercial-Free Childhood. “The
idea that a company might be recording and analyzing that data is just really creepy.”
Kids may not agree. The chance to talk to Barbie is “the single-most requested thing kids have asked [for],” said ToyTalk CEO Oren Jacob, whose company developed Barbie’s voice-recognition software. But Hello Barbie, which goes on sale this holiday season, may be introducing families to a future in which everything is wired to the Internet. Your home may soon include not just dolls that converse with your kids, but TV sets that tell advertisers when you’re watching “Game of Thrones,” and cars that monitor how you drive to work.
Hello Barbie, for its part, records a child’s utterances when the child holds down a button: The words are wirelessly uploaded online, where algorithms process them and compose a response. ToyTalk notes that parents can review and delete — or share with friends — the dialogue Barbie stores. Voice data is encrypted to foil hackers, the company pledges, and is stored solely to help improve the toy’s language performance.
“We expressly make the commitment that we won’t use the information for marketing to children,” Mr. Jacob said.
Such Internet-enabled everyday devices are collectively called the “Internet of Things.” By 2020, some observers believe, 50 billion such devices will be in use. But while such devices can save energy and time, privacy advocates say they come with a cost.
“This stuff is all shiny little toys, and we haven’t started to think about what they could mean,” said Scott R. Peppet, a University of Colorado law professor who studies the legal implications of the devices. “If your garage knows when it’s opened and closed, then it knows when you come and go. It may even know if you’re being faithful to your spouse” — who could use the data in a divorce.
Helping to create the Internet of Things are firms like San Francisco-based Cognitive Networks, which boasts of its ability to “personalize the viewing experience.” The firm did not respond to requests for comment, but its marketing materials say it offers “enhanced advertising opportunities” by tracking what viewers watch and placing ads accordingly.
“Companies, because they know more about you, will market to you,” said Lee Tien, a senior staff attorney with the privacy-rights group Electronic Frontier Foundation. “Some people don’t mind that. But they are also compiling dossiers [in] places that everyone looks for information about you, whether it’s your employer or the FBI.”
And data garnered for one purpose can be used for another. Mr. Peppet cited the fact that a smart oven “will record how often you cook. And whether you have time to cook could turn out to predict your socioeconomic status” — which might affect, say, the mortgage rate offered by your bank.
Such scenarios may seem far-fetched, but data is already often used in surprising ways. This summer, for example, a consumer advocacy group found that automobile insurers frequently raise rates on widows, because changes in marital status can alter driving habits.
There have been few legislative efforts to limit the use of Internet of Things data, with at least one exception. Some 17 states have laws concerning Event Data Recorders, which record vehicle speed and other information in an accident, and which are required in new cars. In Pennsylvania, state Sen. John Wozniak, D-Cambria, and state Rep. Ted Harhai, D-Westmoreland, have sponsored bills giving drivers notification about, and some control over, the data recorded.
Even some tech-sector entrepreneurs favor more government intervention.
“We want regulation, we want [privacy] protections to be legally required,” said Ben Waber, CEO of Bostonbased Humanyze.
The company makes employee badges equipped with microphones and sensors that track an employee’s movements and even posture. They can also detect when badge wearers speak to each other.
Mr. Waber says the badges can improve productivity by encouraging higher-quality interactions with co-workers and customers. (He cites one company that improved performance by installing larger cafeteria tables so lunchtime conversations were more inclusive.) But, he added, “There’s a creepiness factor here; I get it.”
Last month, in fact, the Atlantic magazine cited the badges as an example of “office equipment that can spy on workers.”
Mr. Waber countered that the badge records a speaker’s volume and intonation, not the words themselves. More importantly, he said, employees must volunteer to wear the badge, and they alone control the data. The employer only gets aggregate information, and doesn’t know who is wired. (Non-participants get dummy badges.)
Still, Mr. Waber worried that without legislation, “a bad actor might say, ‘I can track everything your employees are doing.’ And then all this stuff will be legislated out of existence.”
In January, the Federal Trade Commission reported that it “does not believe that the privacy and security risks, though real, need to be addressed through IoT-specific legislation at this time.” In March, though, it opened a new division to carry out “investigative research on technology issues” including the Internet of Things.
The Electronic Frontier Foundation’s Mr. Tien, meanwhile, is wary of government fixes, especially when little public awareness exists about how data is used.
“Legislation can be imprecise or inaccurate,” he said. “It’s important to get not just the technology right but people’s interests, too.”
Doing so, he said, requires consumers to pay more attention: “Stop saying, ‘I don’t care what they know about me.’ Because that indicates you don’t understand the problem.”