Smart appliances are gathering and sharing vast amounts of data on British children without their consent, a leading digital expert has warned.
Dr Veronica Barassi of Goldsmiths University of London has urged the Information Commissioner’s Office (ICO) to investigate the growing impact of the trend on children’s privacy.
She claims that smart home devices - such as smart speakers and virtual assistants like Alexa - are "intertwining" information about children with their parents without their knowledge.
In a report launched today, Dr Bassi, who leads the Child Data Citizen project at Goldsmiths, explained how these devices gather family data, which could give tech companies an unparalleled insight into children's lives.
"Many internet companies accumulate vast amounts of data for unclear purposes and often share with data brokers," she said.
“The very newness of the home automation environment means we do not know what algorithms are doing with this ‘messy’ data that includes children’s data.
Dr Bassi claims that businesses currently fail to recognise the privacy implications of children’s daily interactions with home automation technologies that are not designed or targeted at them.
"Despite GDPR, it’s left up to parents to protect their children’s privacy and navigate a confusing array of terms and conditions," she said.
The ways in which companies gather, archive and sell home data or the ways in which they profile, sort or classify their users, including children, is still unknown because of the secrecy of many of the algorithms they rely on, Dr Bassi argued.
The ICO is currently in the consultation process to produce an "Age Appropriate Design Code", which provides privacy standards for organisations designing online services that children use.
Information Commissioner Elizabeth Denham has said that the code will "provide guidance on the privacy standards that we will expect organisations to adopt where they are offering online services and apps that children are likely to access and which will process their data".
Jenny Afia, a partner at law firm Schillings said that this consultation should cover the responsibilities of any information-gathering device in the home. "The fact you let these devices into your home doesn't mean that you consented to anyone else using this material," she said. "GDPR makes it even stronger, as it deals with how they are keeping that information."
Ms Afia, who is a member of the Children's Commissioner's task force on growing up in the digital age, said that parents should educate their children on what they should share with new technology. "Children still need guidelines and parameters and it's for us to set them," she said.
The National Society for the Prevention of Cruelty to Children (NSPCC) said smart devices need to be safe by design. "Parental controls are good but they could lull parents into a false sense of security, so families need to know what the controls are and what protection they would actually give, " an NSPCC spokeman said. "And as children could innocently give smart devices information about themselves,it’s also important to understand what security measures are in place.”