A smartwatch designed for children, the Enox Safe Kid One, was recalled by the EU over data privacy concerns, as reported by ZDNet. It was discovered that the watch, which is equipped with a GPS, microphone, and speaker to make calls and send SMS texts, could be easily hacked by third parties. It doesn’t appear that the watch was ever sold in North America, and although it’s not the first time that children’s toys have been found to have security holes, this marks the first time that the European commission has stepped in with a product recall.
The smartwatch’s security issues were brought to light in a RAPEX (Rapid Alert System for Non-Food Products) report, which warned that the watch’s companion Android app had “unencrypted communications with its backend server,” which enabled “unauthenticated access to data.” This opened up data like location history, phone numbers, and the serial number to malicious actors, who could easily find and change the data. Once hacked, a stranger could potentially use the watch to make calls to a child, find the child’s location, or conceal their true location from their parents.
Smartwatches for kids have been banned in Germany since 2017, when the country’s telecommunications agency Bundesnetzagentur classified the devices as “prohibited listening devices.” The European Consumer Organisation (BEUC) also published a report in 2017 about the privacy concerns surrounding kids’ smartwatches. Today’s news likely won’t be the last time the European commission sends out another warning about security flaws, or orders for a recall.