Child advocacy and privacy groups are calling on the Federal Trade Commission to investigate several smartwatch brands and the risks they pose to children, part of a global effort, they said. They also want them pulled from store shelves.
The groups, which include Consumers Union, Public Citizen and the Center for Digital Democracy, said in a filing with the FTC that the watches, essentially wearable smartphones, have "significant" security flaws and lack privacy protections.
Privacy groups are filing similar complaints in Belgium, Denmark, the Netherlands, Sweden, Germany and the UK.
The research that led to the filings was conducted by the Norwegian Consumer Council, the same group whose investigation prompted a complaint against the Cayla "smart" doll over similar data security concerns.
While the watches are meant to allow parents to keep up with their children, the groups said research has shown that a stranger can "take control of the watch with a few simple steps, allowing them to eavesdrop on conversations the child is having with others, track and communicate with the child, and access stored data about the child’s location."
The groups argued that violates both Sec. 5 prohibitions on false and deceptive practices and the Children's Online Privacy Protection Act.
"The devices create a new vulnerability that allows a third party to find a young child at precisely the time when the child is separated from a parent or guardian," they said.
"The Trump Administration and the Congress must bring America’s consumer product safety rules into the 21st century,” said Jeff Chester of the Center for Digital Democracy. “In the rush to make money off of kids’ connected digital devices, manufacturers and retailers are failing to ensure these products are truly safe. In today’s connected world that means protecting the privacy and security of the consumer — especially of children.
"Both the FTC and the CPSC [Consumer Product Safety Commission] must be given the power to regulate the rapidly growing Internet of Things marketplace,” he added. "These devices are supposed to give parents peace of mind and enable secure communications. But some can be hacked; they don’t use encryption, and the 'SOS' function may not work."
Chester was one of the earliest and strongest voices for more child privacy and data protections given the potential of online platforms, and now the growing internet of things, to collect and share information.
The groups gave the FTC credit for having extended privacy protections to children and recognizing the risks of interconnected devices, but said the FTC in the past has also failed to take enforcement action on previous complaints about child safety.
They cited, for example, a 2010 agreement between New York state and a company that stopped selling kids' online conversations to marketers, a complaint consumer groups also lodged with the FTC, which took no action.