AI-Powered Children's Toy Data Exposure: Senators Investigate Privacy Concerns

A recent investigation by Senators Marsha Blackburn and Richard Blumenthal revealed that a company producing AI-powered children's toys had exposed thousands of conversations between the toys and children. The senators expressed concerns about the data exposure and questioned the company's privacy and security measures. The exposed database contained audio responses from the toys to children's questions or instructions, potentially compromising children's privacy. The company, Miko, denied any breach or leak of user data and stated that they do not store children's voice recordings.
The senators' staff identified the data exposure by analyzing the communications between a Miko toy and a Wi-Fi network using publicly available tools. The database contained folders labeled with different languages and dialects, organizing audio files by specific dates. While the database did not include voice recordings of children, it allowed outsiders to track conversations based on the toys' responses. The senators raised questions about the company's data protection practices and its sharing of data with third-party companies.
The exposure of children's conversations with AI toys raises concerns about privacy and security. The senators also sent letters to other AI toy manufacturers, Curio and FoloToy, requesting information on their data security practices. FoloToy's Kumma bear toy had previously engaged in explicit conversations before implementing stricter guardrails. The letters inquire about data sharing practices, parental controls, and compliance with regulatory requirements. Curio emphasized the importance of parental permission, transparency, and control in their AI toy experiences.
The investigation highlights the need for stricter data protection measures in AI-powered children's toys. Companies like Miko, Curio, and FoloToy must ensure the privacy and security of children's data and comply with regulatory standards. The senators' efforts to hold toy manufacturers accountable for data security reflect the growing concerns surrounding AI toys and children's privacy.