German regulators ban the My Friend Cayla doll fearing it is a surveillance device

German regulators have banned ‘My Friend Cayla,’ an internet-connected doll that can chat with our children, it can be abused for surveillance activities.

German regulators have banned ‘My Friend Cayla,’ an internet-connected doll that can chat with our children. The authorities believe the device is a “spying device”.

The Federal Network Agency is inviting parents to turn off the My Friend Cayla due to the ban on surveillance devices.

“Items that conceal cameras or microphones and that are capable of transmitting a signal, and therefore can transmit data without detection, compromise people’s privacy,” said the agency’s head, Jochen Homann.

“This applies in particular to children’s toys. The Cayla doll has been banned in Germany. This is also to protect the most vulnerable in our society.”

How does My Friend Cayla work?

Every time a child asks a question to the doll, it sends his audio question wirelessly to an app on a digital device that converts it into text and queries online search engines for an answer, then sends back a response that is voiced by the doll.

Of course, such kind of behavior is illegal, the German regulators in a statement warned that anything it said in the surrounding environment could be recorded and transmitted without parents’ knowledge.

“A company could also use the toy to advertise directly to the child or the parents,” it said.

“Moreover, if the manufacturer has not adequately protected the wireless connection, the toy can be used by anyone in the vicinity to listen in on conversations undetected.”

The manufacturer of The Cayla doll, the company Genesis Toys, published a statement on its website to say that it “is committed to protecting your and your family’s personal information.”

“Our objective is to ensure that our products and services are safe and enjoyable for our customers.” reads the statement.

[The Cayla doll] “is programmed to not utter, display or say words or images that would be inappropriate for children to see or hear”.

Just to be clear, the German regulators are not accusing the company of espionage, but they fear that hackers could abuse its abilities to spy on the owners.

The company confirmed that it is aware of such kind of risks and regularly reviews “encryption and physical security measures” to protect its customers.

“unfortunately no method of transmission over the Internet, or method of electronic storage, is 100 percent secure”. wrote the company on the website.

The German regulators announced that it would “inspect other interactive toys and, if necessary, will take further action”.

“if connected toys, such as this speaking doll, can be hacked to spy on or talk to children, they must be banned.” said Monique Goyens, the European Consumer Organization. “EU product laws need to catch up with digital developments to deal with threats such as hacking, data fraud or spying”.

Pierluigi Paganini

February 20, 2017

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

11th Anniversary Exclusive Top Global CISO Conference & Innovators Showcase - October - 2023