Germany’s telecommunications watchdog has ordered parents to destroy or disable a “smart doll” because the toy can be used to spy on children.
The My Friend Cayla doll, which is manufactured by the US company Genesis Toys and distributed in Europe by the England-based Vivid Toy Group, allows children to access the internet via speech recognition software, and to control the toy via an app.
However, Germany’s Federal Network Agency announced this week that it classified Cayla as an “illegal espionage apparatus”.
As a result, retailers and owners could face fines if they continue to stock it or fail to permanently disable the doll’s wireless connection.
Under German law it is illegal to manufacture, sell or possess surveillance devices disguised as another object.
According to some media reports, breaching that law can result in a jail term of up to two years.
The ruling comes after Stefan Hessel, a student at Saarbrücken University, raised concerns about the device, which was voted one of the top 10 toys of the year in 2014 by the German toy trade association.
“Access to the doll is completely unsecured,” Mr Hessel told Saarbrücker Zeitung. “There is no password to protect the connection.”
The student said hackers could access the doll via its bluetooth connection from a distance of up to 15m.
He said hackers could listen in on conversations as well as speak directly to the child playing with the doll.
The German ruling could potentially have EU-wide consequences for toymakers.
Privacy concerns
The EU's commissioner for justice, consumers and gender equality, Vera Jourova, said: "I'm worried about the impact of connected dolls on children's privacy and safety."
Vivid Toy Group has not responded to a request for a comment on the German ruling.
Previously, the company has said examples of hacking were isolated and carried out by specialists, but that it was looking into upgrading the app used with the doll.
Guardian service