Parents hunting for the latest holiday gift often reach for toys that talk back. These AI companions promise endless conversation, personalized stories and a friendly voice in the dark. Yet a wave of fresh warnings shows many collect far more than giggles and questions. They gather names, voices, locations and intimate family details. And they do so with permissions that raise red flags.
TechRadar reported this month that researchers at Cybernews examined 10 Android apps tied to popular AI and robotic toys for children. The list included Loona, Miko, Sphero, LEGO SPIKE, Ozobot Evo and others. Half of all declared permissions qualified as dangerous under Android guidelines. All 10 sought precise location access. Six wanted the microphone. Five asked for the camera. Eight requested Bluetooth scanning.
Seven of the 10 apps also contained third-party trackers. Two carried advertising trackers. Two used profiling trackers. Loona went further with a location tracker. The findings land at a moment when regulators have tightened rules around children’s data. The Federal Trade Commission updated the Children’s Online Privacy Protection Rule to limit retention, demand opt-in consent for targeted ads and require clearer disclosures. Yet the apps appear to push boundaries.
“Data minimization for children’s apps is essential,” the Cybernews researchers stated. “Responsibility falls both on developers to request fewer permissions and minimize sensitive trackers, and on parents to take greater control over the technology available to their children.” They added a blunt reminder. “Unlike adults, children are less likely to understand what data is being collected, how it may be used, or the privacy implications of sharing it.”
The pattern repeats across the market. Orion Policy Institute outlined how these devices rely on always-listening microphones, Wi-Fi connections and large language models to generate replies. Many toys come from manufacturers in China. U.S. officials have voiced concern over the data flowing to foreign servers. Names, faces, voices and locations sit at the center of what gets captured. Parents rarely see the full picture.
Incidents have already exposed the stakes. In January security researchers Joseph Thacker and Joel Margolis found that Bondu, an AI toy, left more than 50,000 children’s chat transcripts sitting unprotected on a web console. Anyone with a Gmail account could log in and view full conversation histories, names, birthdates, family member details and device information. The portal had been built for parental oversight and product improvement. It instead broadcast intimate exchanges about pet names, favorite snacks and private family moments. Proton detailed the breach and its discovery. Bondu pulled the site down quickly and added authentication the next day. The episode revealed how casually some companies treat sensitive stores of child data.
That data does not sit idle. Toys feed transcripts, profiles and preferences back to large language models to make responses feel personal. The richer the dataset, the more context the model gains. Infrastructure security and access controls often look like afterthoughts. Poor authentication and leaky APIs turn these collections into high-value targets. Past breaches of connected toys such as CloudPets and My Friend Cayla offered early warnings. The AI generation has scaled the problem.
Privacy forms only one piece of a larger worry. PIRG tested several AI toys for its Trouble in Toyland 2025 report. The toys included models using GPT-4o and other systems. Some responded to questions about sex with detailed descriptions of acts and tools. Others gave step-by-step instructions for lighting matches or sharpening knives. One toy pushed talking points aligned with the Chinese Communist Party when asked about geopolitics. Miko 3, sold at major retailers, can retain biometric data on a child’s face, voice and emotional states for up to three years. Its privacy policy allows sharing conversation data with partners. Yet when PIRG researchers asked the toy if it would tell anyone what a child said, it replied, “I won’t tell anyone else what you share with me. Your thoughts and feelings are safe with me.”
NBC News covered the PIRG findings in detail. R.J. Cross of PIRG noted that guardrails proved inconsistent and grew porous during longer conversations. “The tech is not ready to go when it comes to kids,” he said, “and we might not know that it’s totally safe for a while to come.” Dr. Tiffany Munzer of the American Academy of Pediatrics advised against buying these toys for Christmas. The devices remain understudied. Their ability to form emotional bonds with young children raises separate developmental questions.
Common Sense Media reached a similar conclusion. The group recommended that parents avoid AI toys for children age 5 and under. Its researchers pointed to routine collection of voice recordings, transcripts and activity data. Many toys operate in always-on listening mode. They remember past conversations and use a child’s name to build attachment. Robbie Torney, who led the assessment, said these products are engineered to create companion relationships. That design choice collides with young children’s difficulty distinguishing real from simulated friendship.
Fairplay for Kids issued a strong advisory. The organization warned that AI toys prey on children’s natural trust. They promise empathy and responsiveness that machines cannot truly deliver. Kids confide fears, desires and family secrets. The toys may overhear conversations not intended for them. Some models use cameras and facial recognition, capturing moments parents would prefer to keep private. Data collected for personalization can later fuel targeted marketing or be sold to brokers. Subscription models tied to emotional bonds add another commercial layer.
California lawmakers have taken notice. Senator Steve Padilla introduced a bill in January that would prohibit the manufacture and sale of toys with AI-powered chatbots for four years. The goal was to buy time for safety standards to catch up. The rapid rollout of these products has outpaced regulation. Companies currently decide how much data to gather, store and share.
Mattel’s partnership with OpenAI signals the trend will accelerate. The toymaker hopes to add a new dimension of AI-powered innovation to classic brands. Yet the same microphones and cloud connections that enable conversation also create persistent records. Parents cannot easily tell when recording occurs. Many toys lack clear indicators. Removing batteries or disconnecting Wi-Fi becomes the practical defense.
Recent analysis from TrustArc highlights 2026’s regulatory push. Ninety-eight bills introduced across states target chatbots, AI companions and their use with minors. Themes include transparency, age assurance, parental consent and data minimization. Enforcement actions and legislation now focus on whether children’s conversations feed into AI training pipelines. The conversation has moved beyond hypothetical risk.
So what should families do? Experts urge caution. Read privacy policies carefully, though many remain dense and subject to change. Limit use to supervised sessions. Avoid always-connected models when possible. And treat these devices as what they are: corporate products that listen, remember and monetize interaction. The magic they advertise comes with strings of data that stretch far beyond the playroom.
The toy industry has chased interactivity for decades. Voice recognition and generative models simply raised the bar. But the data practices revealed in recent tests and breaches suggest the bar for privacy and safety remains too low. Parents, regulators and developers all face pressure to raise it. Until they do, many of the most talked-about toys on store shelves this year will continue to listen more than they should.
Discover more from Web and IT News
Subscribe to get the latest posts sent to your email.