Children’s online data is as easy to exploit as adults' data. Take smart toys for instance, such as My Friend Cayla, Hello Barbie, and CloudPets. They're smart because they're designed to learn and grow with your kids and they're smart in the other sense of the word because they're internet-connected devices.
  • Many of these toys have privacy issues, they collect a lot of data about your kids and it’s not always clear what they do with it.
  • A database belonging to smart toy manufacturer VTech led to 6.3 million children's accounts being compromised several years ago. The hackers had access to photos and chat logs.
  • Rather than accept full responsibility following the breach VTech introduced new terms and conditions stating that parents must assume responsibility for future breaches.

If you buy a smart toy make sure that it has a good privacy policy that you understand. Only provide the required information, not the optional stuff they ask for, and turn off the toy when it's not being used.

Home invasions

Everyone has the right to privacy, especially in their own home. Voice-activated assistants such as Amazon Alexa and Google Home respond to verbal requests but in the recent past, it has become clear that conversations in the home have been recorded. Apple's Siri was also recently exposed for storing voice information.

It's unclear what the companies do with the extraneous ‘noise’ they pick up. In their defense, they say they use the recordings to improve the responsiveness of their smart voice assistants but data is big business. Google's commercial success is built on gathering and selling user data and advertising space, based on its data collection and analysis.
  • How often does your child use technologies like these and if they do how much of their conversations are being recorded and what is this data being used for?
  • Is the data aggregated, sifted by algorithms and inferences made about your child’s use of online services which in turn will shape their online experiences before they are even adults?

These are important questions that have long term implications for online privacy for children. Most of the world is governed by privacy laws but when it comes to the big beasts of tech such as Amazon, Google, Facebook, and Apple they appear to operate in their own universe.

We’re not suggesting in any way that they are malign but the point is that so much data is gathered without people’s knowledge, including children’s data, that what we often don’t know is how it is being used and by whom.

Fraud victims before they’re adults

Children’s data is valuable for identity thieves. In the US, AARP an organisation that focuses on issues affecting the elderly, says not only are children targeted by identity thieves, but the rates of theft affecting young people are actually greater than those affecting parents and guardians.

In short, the ‘blank slate’ credit file of a child has much more potential to a thief than the low credit score of an adult.

When a child's identity is stolen, it can be years before the crime is ever detected. When that child grows up, opens his or her own credit cards, or tries to take out loans, the application may come back with a tarnished history.
  • In the US, kids’ personal details are stored in many different databases. If hackers manage to secure information they may gain enough data to commit identity theft.
  • Parents and kids can inadvertently make identity theft easier for criminals when they post personal information on social media that make identification and data theft possible.

When parents know what the threats are, they can look for early warning signs and keep valuable data secret whenever possible.
  • Teaching kids about identity theft includes going beyond the obvious warning not to share data. Parents should also tell their kids to be mindful of sites that are prime vectors for malware.
  • Free games, music downloads, and celebrity gossip links are among the favourite topics for scammers and thieves to set up fake data stealing websites.
Some laws govern the use of children's data such as the GDPR in Europe which does afford some level of protection. And most child data theft happens in the US, particularly social security numbers, but it’s slowly taking root beyond the US too.


To better protect yourself and your children, invest in a VPN service. A VPN encrypts all your incoming and outgoing traffic and it also routes that traffic through a server in a location of your choosing.
  • A VPN makes all your internet activity anonymous while hiding both the content of your connection and masking your IP address and true location.
  • Switching on the VPN before surfing the web or doing anything else online is a good habit to get into for both parents and kids. BullGuard VPN is particularly easy for children to use, they simply click and go.

Parental control software provides parents with tools to manage their kid’s online behaviour. You can monitor what websites your kids visit and which apps they use. You can block specific sites or apps or enable blocking the websites that contain certain keywords or fall under a certain category. You can even specify when kids can use their devices and for how long.

BullGuard Premium Protection includes parental controls but also has the added protection of identity theft safeguards so you can protect both yours and the children's ID information such as dates of birth, addresses, and other personal identifiers. 

For a wider view on how to protect children online, you can download this free guide from BullGuard which provides insight and advice on a range of areas from cyberbullying to gaming online, social media, and more.