Menu Close

It’s far too easy for abusers to exploit Smart toys and trackers

By Saheli Datta Burton, UCL and Madeline Carr, UCL

The wearable technology market is booming, with half a billion wearables sold globally in 2020. Apps on these devices, or the devices themselves, often claim to monitor our health to spot illnesses, track our workouts to help us reach our fitness goals, or keep an eye on our children’s whereabouts to enhance their safety.

But they’re also divisive. Supporters of wearable technology claim that health trackers should be prescribed by the NHS and could even deliver an early warning of a possible COVID-19 infection. GPS tracking devices designed to be worn by children, meanwhile, are seen as a safety asset for parents.

Yet studies have found fitness trackers to be too inaccurate and misleading to be used by medical professionals, and that, because they’ve been rushed to market, wearables of all kinds are an insecure “Wild West” region of technology that requires urgent regulation.

In a recent report, we looked at the security risks associated with wearable devices, as well as “smart toys” that can record children in their homes. We found a concerning lack of security – especially for devices aimed at children – which lack even the most basic cybersecurity precautions, leaving them open to abuse.

Fitness trackers and personal data

One key issue with wearables is the data they generate and share. For instance, many fitness trackers rely on data on a person’s location to map their workouts. That’s great if you’re keen to track the distance of your jogs, but it’s not especially sensible if you’re embarking on those jogs from a military base in hostile territory.

Beyond that specific example, which caused some embarrassment for the US military in 2018, it’s clear that sharing your location publicly, even in a safe civilian setting, comes with significant risks.

And it’s not just the real-time tracking of your running route that could expose your whereabouts. Because these trackers upload your workouts to an app and share them publicly, it’s possible for predators to use historic running, biking or hiking routes to predict where you might be at a given time. This safety issue isn’t only restricted to workouts. Even something as innocuous as sharing a photo through your Apple watch can give away your geolocation.

Are trackers safe for children?

Even more concerning are devices designed to be worn by children, sales of which are expected to reach $875 million (£620 million) by 2025. These watches are marketed as wearable tech to keep kids safe, tracking their location and alerting parents when the watch’s onboard “SOS” button is pressed – or if the child travels beyond a geofenced area.

Smart watches as safety devices on children’s wrists may sound like a boon for anxious parents, but a 2017 survey of children’s smart watches found that the all-important “SOS” button either got stuck or didn’t work at all in most cases.

Additionally, flaws in some smart watches’ accompanying apps have raised serious safety concerns. Security researchers have found they could not only easily access children’s historical route data – like their path to and from school – and monitor their geolocation in real time, but they could also speak directly to the child, through the watch, without the call being reported in the parent’s app.

READ more: It’s far too easy for abusers to exploit Smart toys and trackers

Leave a Reply

Your email address will not be published. Required fields are marked *