Protecting Kid's Reading Data: Voice Recognition, Cybersecurity & GDPR
In today's digital world, data is power. As individuals, we keep significant information online, from personal to financial details. However, regarding children's data, we should be more cautious as children are not so security-minded, so they might add personal information that could put them at risk. Schools, online education, and gaming applications deal extensively with child data. However, as technology advances, we must be mindful of the more profound risks now posed involving voice recognition (VR) and how the data is protected.
In this blog post, we will explore the importance of protecting children's data and three reasons why it should be a significant concern to everyone.
Firstly, VR technology poses many risks we must be aware of. Many VR apps and toys interact with children, interpret their speech patterns, and react accordingly, frequently recording and storing what is said. However, as the child befriends the app/toy or uses it in a family environment, the child might divulge personal information or feelings, plus discussions by parents in the background could all be captured by the system and be used to exploit the family, either through social engineering, phishing attacks, or worse still direct contact with the intent to blackmail.
Secondly, all data has value, and as children increase their use of technology for education and fun, more data is being gathered and stored. Hackers thus target companies who offer such applications to steal and use the data themselves but more frequently sell it on the dark web to multiple hackers, meaning families could be a target for numerous attacks with the potential of significant financial impacts. It is vital, therefore, that developers and owners of applications are cyber-aware and build into their systems robust data security procedures and techniques to minimise the risk of data theft. Parents and schools must ensure that their children's privacy is adequately protected and take the time to check if the intended application is operated by a trusted organisation, and specifically for schools, they should conduct a Data Protection Impact Assessment (DPIA) as recommended by the Information Commissioner's Office (ICO) to verify an application or service has taken steps to protect the data stored by them. Parents can also use this requirement to check an application, as frequently, within the organisation's website, they will outline their DPIA compliance facts.
Thirdly, data protection is an essential legal requirement outlined in the General Data Protection Regulation (GDPR). Children's data falls under "special categories" of personal information, which means there are strict regulations concerning how that data can be collected, processed, used, or stored. Failure to comply with these regulations can lead to hefty fines. Therefore, schools, app service providers, etc., responsible for dealing with children's data, including their voices, must ensure adequate protection measures are in place to meet this regulation. It is wise to check a company's GDPR statement for any new application you are considering for your children to reassure yourself that the organisation follows these rules, especially about data sharing.
Our Position on Data Security:
At Auris, we take the security of our data very seriously. We designed our system to keep children safe on our platform. So our first step was to store the child's voice recordings only if we had the specific consent of the parent or custodian. In these situations, the recordings are never linked to the child and are anonymous to our internal processes, but they still allow the parent or custodian to delete the recordings at any time should they wish. Finally, we encrypt all data so that even if a hacker were to gain access to it, they would not be able to read or use it as they would not hold the key to decipher it.
These measures mean our platform is robust and meets all the requirements of compliance and best practices for cyber security. It is the benchmark that others should be taking in protecting their digital assets. But we also recognise that we must be bold and that protecting data is a journey, not a one-time fix, so we will continue to enhance our service to meet the new challenges hackers present.
In Summary,
As the digital landscape grows, it is essential to consider the safety and protection of children's data. Parents, teachers, and other individuals responsible for caring for children should be mindful of the risks involved in voice recognition technology, cybersecurity risks, and GDPR. As technology advances, so must we in safeguarding the data of children. Becoming more proactive in protecting children's data from cybercriminals and other malicious organisations is crucial. Data protection regarding sensitive personal information collected through online resources is not something to take lightly. At Auris, we understand that well.