18 Feb 2017

German parents told to destroy 'spy' doll

7:49 am on 18 February 2017

A talking doll named Cayla has been banned by German authorities because the software inside her could be hacked, posing a security risk and allowing personal data to be revealed.

The talking doll -  pictured here at the DreamToys toy fair in central London -  has been banned by German authorities.

The talking doll Cayla has been banned in Germany because of the risk it could be hacked and compromise privacy. Photo: AFP

The Federal Network Agency (Bundesnetzagentur) recommended that parents who bought the doll for their children destroy it.

The software in the toy, created by US company Genesis Toys, allows a child to have a conversation with the doll.

The Cayla doll can respond to a user's question by accessing the internet. For example, if a child asks the doll "what is a little horse called?" the doll can reply "it's called a foal".

The agency, which oversees telecommunications, said there was a risk of espionage and the doll could ve used to compromise privacy.

"The Cayla doll is banned in Germany," agency head Jochen Homann said. "This is also about protecting the weakest members of society."

Germany has strict privacy laws to protect against surveillance. The issue is a sensitive one in the country where Nazi era Gestapo and East Germany's Stasi secret police kept a close watch on the population.

Under German law, it is illegal to sell or possess a banned surveillance device. A breach of that law can result in a jail term of up to two years, according to German media reports.

The warning came after researcher Stefan Hessel, who had examined the toy, alerted the agency. He said hackers could use an unsecure bluetooth device embedded in the doll to listen and talk to the child playing with it.

"In a test, I was able to hack the toy even through several walls. It lacks any security features," Mr Hessel told the German website Netzpolitik.org.

The German distributer, Vivid GmbH, could not be reached for comment.

The UK Toy Retailers Association said Cayla was " no special risk" and there was "no reason for alarm" .

The Vivid Toy group, which distributes the doll has previously said that examples of hacking were isolated and carried out by specialists. However, it said the company would take the information on board as it was able to upgrade the app used with the doll.

But experts have warned that the problem has not been fixed.

EU Commissioner for Justice, Consumers and Gender Equality, Vera Jourova, told the BBC: "I'm worried about the impact of connected dolls on children's privacy and safety."

The Commission is investigating whether such smart dolls breach EU data protection safeguards.

- BBC / Reuters