Revista americana Forbes cita nosso sócio Felipe Barreto Veiga em matéria sobre privacidade e proteç
This New Toy Records Your Children's Private Moments -- Buyer Beware
Joseph Steinberg , CONTRIBUTOR, FORBES
In February, Mattel announced that it would be releasing a “smart” version of its popular Barbie doll; the new toy can listen to a child speak and respond accordingly. When a child speaks into a microphone on the doll, the doll records the child’s voice and transmits the recording for processing to a cloud-based service called ToyTalk. Once analysis is complete, an appropriate audio response is streamed back to the Doll which then “speaks” to the child.
While this new “Hello Barbie” may sound like a science-fiction dream come true for some kids – providing a digital friend and confidant for children whenever they want one – it is a potential privacy nightmare.
It’s hard to know exactly what children of doll-playing age might “discuss” with their dolls, but it’s not a secret that kids often have private conversations with their dolls and “confide” in them. Would you really want a third party to have recordings of your child discussing fears about upcoming medical procedures, issues that he or she may be having in school, your private conversations that he or she overheard, or other sensitive information? Would you want recordings of their intimate childhood conversations to persist in the hands of unknown parties seeking to “better entertainment experiences?”
So, does the law provide any protection?
In the United States various laws such as The Children’s Online Privacy Protection Act of 1998 might apply, but they seemingly allow the doll to be sold and function as described above as long as parents are told in advance of usage what the doll and related service do vis-à-vis the recordings of their children. As attorney Fernando Pinguelo, whose specialties include data privacy and cybersecurity, pointed out to me, “The key is always informed consent – providing the user enough information about the scope and purpose of the data collection to give the user a clear understanding of what the user is agreeing to without overwhelming the user with a fifty-page consent form.”
Part of the problem is that many parents do not fully understand the risks involved in using smart devices or toys, and, for the sake of convenience, may agree to terms of service whose long-term ramifications they do not fully appreciate. Terms of service often spell out what a service does, but not what the reprecussions of doing so are. Contrast this with the warnings we are used to receiving – think of those on cigarette cartons, on packages of medications about their potential side effects, in don’t-text-and-drive awareness ads, etc. And, from a practical standpoint, unless a warning appears on the outside of a toy’s package, it is somewhat meaningless: how many parents will tell their son or daughter on Christmas morning that he or she cannot play with the doll whose package he or she just opened because the terms of service inside are problematic?
Of course, terms of service can be so long and complicated so as to make many people uncomfortable with reading them. As I mentioned in an article earlier this week, in 2012 a French court found that people can deny that they agreed to terms if the terms are found within terms of service agreements that are overly complicated. In the US, however, that may not be the case.
Privacy laws also differ by nation. Brazilian attorney, Felipe Barreto Veiga, mentioned to me that “Brazil’s Children and Youth Statute provides that children’s privacy and personal life must be respected” – a requirement that seems increasingly vague as technology advances, and has people wondering whether the letter and spirit of the law are truly being respected with the advent of smart dolls and other “Internet of Things” technologies that are used by children.
Perhaps it is time for legislation that requires terms of service to be more concise and clear, and more explicitly spell out potential ramifications to users of agreeing to the terms. When it comes to toys, clear warnings belong on the outside of packages. It seems pretty clear to me that if a doll company told parents on the outside of a package that “Anything your child says to the enclosed doll while pressing the communication button will be recorded and we may keep the recording for as long as we want, and we may give it to whoever we want when we want without telling you” that that toy might not end up under as many Christmas trees as identical toys whose only warnings are located in more complex language printed in small typefaces on pieces of paper found only after the child has opened his or her gift.
The privacy issue with “Hello Barbie” is likely a sign of things to come. Numerous Internet of Things products – including many more children’s toys – are going to enter the market in upcoming years, and many of them are likely to raise similar concerns. (See my article from last year about some problems that have already been detected.)
If you are an entrepreneur working on a new Internet of Things technology, therefore, it may be wise to consider whether your operation will benefit from addressing privacy in the design of your products in a manner that outshines the same as delivered by other offerings. “Better privacy” may become a valuable competitive advantage.