By Raunak Haldipur
Germany’s telecom regulator, the Bundesnetzagentur, has banned smartwatches and has asked parents of children who own these devices to destroy them due to security concerns. The watches are aimed at children between the ages of five to twelve and have been flagged for their potential use in spying. The smartwatches contain a SIM card with some telephone functionality, which is controlled via apps. According to the Federal Network Agency, these apps can be used to make the watches call a desired number without the wearer’s knowledge, allowing someone to remotely eavesdrop on conversations. Such activity is prohibited in Germany.
Security flaws revealed in Norwegian tests
Germany is not the only country that is concerned about the security issues raised by smartwatches. There was an analysis on children’s smartwatches done in October 2017 by the Norwegian Consumer Council, Forbrukerradet, called #WatchOut. As a part of their work on the Internet of things (IoT) the council analysed four children’s smartwatches in light of consumer rights concerns. The devices tested were Gator 2, Tinitell, Viksfjord, and Xplora. These smartwatches function as wearable mobile phones that allow parents to use an app to keep in touch with and track the location of their children. Since the main purpose of these type of watches is for use by children and to give parents peace of mind, it is crucial that the technology maintains security and privacy standards.
The Norwegian report uncovered critical security flaws in three of the devices. Two of the devices have flaws which could allow a potential attacker to take control of installed apps, which would give access to the user’s real-time and recent locations as well as personal details. The flaws would also enable a hacker to contact the children directly. Several of the devices also transmit personal data to servers located in North America and East Asia, in some cases without any encryption. One of the watches also functions as a listening device, allowing the parent or a stranger with some technical knowledge, to monitor audio from the surroundings of the child, without the watch giving any indication that this is taking place.
Precautions buyers should take
Only one of the services used by the tested watches asks for permission from the users before collecting data, and none of them notifies any changes in the terms and conditions. There is also no way to delete user accounts from any of these devices. At least one of the companion apps, Xplora, allows children’s personal data to be used for marketing purposes, while the other three are unclear about how the collected information may be used. Finally, one of the services, Gator, transmits unencrypted location data to China. These issues constitute several breaches of European data protection and consumer protection laws.
Buyers should be aware of what they are signing up for before using such devices or giving them to their children for use. With privacy being a major threat, it is essential to take precautions when buying new technology devices. Until two years ago applications installed on Android OS were given access to the user’s contacts, cameras, microphone, location etc. It is only after Google changed the settings that users were first asked to give permission before installed apps could be used.
Impact of the German decision
This month, after the German case, a UK consumer rights group also raised concerns about poorly secured IoT toys which it said could enable strangers to talk to children. The group called for devices with known security flaws to be banned from sale in the UK. In February, the commissioner for justice, consumers and gender equality, expressed concern, telling the BBC: “I’m worried about the impact of connected dolls on children’s privacy and safety.” The German ban and pressure for a ban in the UK may push the European Commission to consider EU-wide regulation.
These precautions are being taken in the interest of users by governments and technology companies. In the same way, it is important that users also be aware of what they are signing up for when they use new technology.
Featured Image Source: Pixabay
Stay updated with all the insights.
Navigate news, 1 email day.
Subscribe to Qrius