The high-tech 'Hello Barbie' doll unveiled earlier in 2015 by toy giant Mattel allows children to speak and get a response from their favorite toy. But to make that happen, conversations travel over Wi-Fi networks to Internet 'cloud' servers that use artificial intelligence to deliver a personal reply. The activist group Campaign for a Commercial-Free Childhood has suggested that the privacy risks of the intelligent Barbie outweigh the benefits.
The group said, "Children confide in dolls and reveal intimate details about their lives, but Hello Barbie won't keep those secrets."
ToyTalk, Mattel's technology partner, said, "When Barbie's belt buckle is held down, everything your child says is transmitted to cloud servers, where it will be stored and analyzed by employees of ToyTalk and their partner corporations listen to recordings of children's conversations - and ToyTalk won't even say who their partners are."
The statement said, "Children should use their own initiative and creativity to hold conversations with a doll, impart a personality and build their relationships. With Hello Barbie, Mattel and ToyTalk's programmers and algorithms drive the conversation, undermining the creative play that is so critical to children's development."
"To make matters worse, the organization says that 'Hello Barbie' could be a tempting target for hackers, who could access data stored by your family on home devices and networks through the doll."
The group is urging parents to shun the new doll and earlier in November 2015 launched an online campaign with the hashtag #HellNoBarbie.
Mattel did not respond to requests for comment. But ToyTalk pointed in a blog post last week to the many safety features that have been integrated into the design of Hello Barbie. The company said, "We are not aware of anyone who has been able to access your WiFi passwords or your kid's audio data."
ToyTalk said, "Passwords are stored in a hardware-encrypted section of the doll, and no conversation history is stored on the toy. Stored data is never used for advertising purposes and that the doll has been certified as compliant with the Children's Online Privacy Protection Act."
To address security concerns, Mattel and ToyTalk have launched a 'bug bounty program', where security researchers are rewarded for responsibly disclosing potential vulnerabilities. ToyTalk said, "We expects kids to warm to the new connected doll. We built this doll because the number one request from kids is to talk to Barbie."