1 min read

Kids’ Smartwatch Pulled off EU Market for Data Privacy Risks

Luana PASCU

February 06, 2019

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Kids’ Smartwatch Pulled off EU Market for Data Privacy Risks

The IoT privacy nightmare continues, as this week’s spotlight focuses on a smartwatch designed for kids. The gadget has been recalled from end users after the European Commission issued a rapid alert on data privacy, writes The Guardian. Although the watch passed regulatory tests in Germany where it was manufactured, the ENOX Safe-Kid-One failed tests in Iceland. This compelled the country to submit an alert to the EC. Although Iceland is not a member of the European Union, it is a member of the economic space.

Tests in Iceland revealed that, while the watches were designed to help parents better track and communicate with their kids, they were vulnerable to third-parties, allowing unauthorized access to their data. With features such as microphone, GPS and speaker, hackers could easily manipulate the device and even tamper with the child’s real location data. Parents would normally use a smart phone app to track and communicate with their kids.

“The mobile application accompanying the watch has unencrypted communications with its backend server and the server enables unauthenticated access to data,” reads The Rapid Alert System for Non-Food Products (RAPEX).

“As a consequence, the data such as location history, phone numbers, serial number can easily be retrieved and changed. A malicious user can send commands to any watch making it call another number of his choosing, can communicate with the child wearing the device or locate the child through GPS. The product does not comply with the Radio Equipment Directive.”

Developed with low-quality sensors and often rushed to market, IoT gadgets for kids, and smartwatches specifically, are riddled with security flaws. This has led countries such as Germany to ban them due to privacy concerns. When Germany prohibited them in 2017, they were considered “listening devices.” Concerned they might not be able to provide security patches for the devices, Germany’s Federal Network Agency advised parents at the time to go as far as to destroy them.

tags


Author


Luana PASCU

After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats.

View all posts

You might also like

Bookmarks


loader