Haber, Eldar, Toying with Privacy: Regulating the Internet of Toys (December 8, 2018). Ohio State Law Journal, Forthcoming. Available at SSRN: https://ssrn.com/abstract=3298054: “Recently, toys have become more interactive than ever before. The emergence of the Internet of Things (IoT) makes toys smarter and more communicative: they can now interact with children by “listening” to them and respond accordingly. While there is little doubt that these toys can be highly entertaining for children and even possess social and educational benefits, the Internet of Toys (IoToys) raises many concerns. Beyond the fact that IoToys that might be hacked or simply misused by unauthorized parties, datafication of children by toy conglomerates, various interested parties and perhaps even their parents could be highly troubling. It could profoundly threaten children’s right to privacy as it subjects and normalizes them to ubiquitous surveillance and datafication of their personal information, requests, and any other information they divulge. While American policymakers acknowledged the importance of protecting children’s privacy online back in 1998, when crafting COPPA, this regulatory framework might become obsolete in face of the new privacy risks that arise from IoToys. Do fundamental differences between websites and IoToys necessitate a different legal framework to protect children’s privacy? Should policymakers recalibrate the current legal framework to adequately protect the privacy of children who have IoToys? Finally, what are the consequences for children’s privacy of ubiquitous parental surveillance through IoToys — allegedly granted to safeguard children from online risks? And how might children’s privacy be better framed and protected in this context?
This Article focuses on the privacy concerns that IoToys raise. Part I briefly outlines the evolution of IoToys while examining their capacity to collect and retain data. Then, in reference to the legal framework chosen to protect children from online datafication twenty years ago, the next part discusses the American perception of children’s privacy, focusing on COPPA. Through this analysis, this part will show how key market players currently comply with COPPA regulation, and evaluate whether such compliance is relevant to IoToys’ dangers and challenges. Part III revisits COPPA, challenges it, and in calling for its recalibration offers some practical solutions to IoToys’ privacy threats. Thereafter Part IV normatively evaluates children’s conception of privacy and argues that IoToys’ monitoring practices could jeopardize the parent-child relationship and calls for recalibrating children’s privacy in the digital era. The final part summarizes the discussion and concludes that children’s privacy matters today perhaps more than ever before, and that the potential movement toward a ubiquitous surveillance era should not lead to its demise. [h/t Mary Whisher]
- See also the Tech Policy Lab’s paper, Toys That Listen (2016): – “Hello Barbie, Amazon Echo, and the home robot Jibo are part of a new wave of connected toys and gadgets for the home that listen. Different than the smartphone, these devices are always on, blending into the background until needed by the adult or child user. We do not yet know all the information our new toys are collecting, storing, or disclosing. With an intended audience of designers and regulators, this project brings an interdisciplinary group of experts together to build a set of consumer protection best practices for design and user control of connected devices in the home.” View PDF »