Germany protects their most vulnerable from hackers
The Federal Network Agency (FNA) released a press statement summarising their banning of children’s watches that have an “eavesdropping” function from the German market.
The watches have a SIM card to enable limited telephony function which can be controlled and monitored by an app. This function enables people to eavesdrop on wearers’ conversations and their surroundings.
The FNA advise schools to be aware of those owning these watches and urge parents to destroy these watches if they have purchased them.
The BBC published that the Norwegian Consumer Council (NCC) reported that some of these children’s watches had a ‘flaw in transmitting and storing data without encryption’. This means children are vulnerable to be being tracked, or their location can be manipulated to show them being in a completely different location.
The BBC stated that they are unaware of whether Germany’s banning of the smartwatches was also influenced by the flaw of transmitting data without encryption that was revealed by NCC, as well as the discovery of the watches’ eavesdropping function.
As quoted by the BBC, Finn Myrstad, NCC’s Head of Digital Policy said, ‘This ban sends a strong signal to makers of products aimed at children that they need to be safer.’ Myrstad calls for European-wide security standards.
If stricter rules were put in place it could limit or even stop such products from entering market.
In February of this year, Germany also banned a toy doll called My Friend Cayla because it could have been used to illegally spy on children.
In the press release from the Federal Network Agency, Jochen Homann (President of FNA) stated ‘Items that conceal cameras or microphones and that are capable of transmitting a signal, and therefore can transmit data without detection, compromise people’s privacy.’
Homan adds, that they have banned the Cayla toy ‘to protect the most vulnerable in our society.’
It is not surprising that Germany are banning products that leave children vulenarble to hackers because they are a country that take the regulation and compliance of PII data very seriously.
On 27th April 2017 the German Ministry of Inferior affairs passed the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) which is additional to EU’s General Data Protection Regulation. A publisher of privacy and information security news and trends stated that the provisions of the BDSG ‘may arguable go beyond the scope of the GDPR’.