These watches allow parents to communicate with their child through their mobile phone function and stay up-to-date about the child’s location via the app.
The findings again showcase that the growing presence of internet-connected products may come with new and very serious risks for consumers’ security. They also often disregard basic consumer and data protection rights.
The research in particular revealed:
Security flaws: in a few simple steps, a stranger can take control of the watch and track, eavesdrop on and communicate with the child. They will be able to track the child as he or she moves or make it look like the child is somewhere else. The data is transmitted and stored without encryption.
False sense of security: the SOS button is unreliable and hackers can circumvent the requirement to be on the list of trusted phone numbers.
Illegal or non-existent terms and conditions: some of the apps associated with the watches lack terms and conditions.
Personal data protection flaws: it is not possible to delete your data or user account.
Monique Goyens, Director General of BEUC, commented:
“These watches should not find their way into our shops. Parents buy them to protect their children. However, they are probably unaware that instead of protecting them they are making their children more vulnerable.
“The EU urgently needs to regulate mandatory security standards for connected products. Producers should immediately fix these flaws or they should find their products withdrawn from the market.
“Products which are connected to the internet are everywhere. Unfortunately, some producers seem to turn a blind eye to basic security and privacy standards in their rush to market such products. Market surveillance authorities should make sure that such products never reach the market in the first place.”