back to article Rattled toymaker VTech's data breach case exiting legal pram

VTech, the toy company pierced by attackers in late 2015, is hoping an Illinois court will toss out the resulting class action against it. The company's woes began on 27 November 2015, when it belatedly owned up to a breach. At the time, Troy Hunt believed the breach contained details of 4.8 million customers, and journalist …

  1. Mage Silver badge
    Devil

    Scum.

    My advice to parents:

    1) Don't buy kids toys that connect to internet

    2) Don't let kids use sites that require any personal information

    3) Don't buy kids the fake "learning" laptops that have a tiny screen

    1. Anonymous Coward
      Anonymous Coward

      Re: Scum.

      0) Take precautions.

    2. FozzyBear
      IT Angle

      Re: Scum.

      4). Put the electronics down and spend time with your kids outside.Kick a ball, play a game, ride a bike.

      Icon 'cause the last thing a 3-5 yr.old needs is multiple electronic devices

  2. Dan 55 Silver badge
    WTF?

    Why would you need to prove ID theft?

    And was there no fine for Vtech from US authorities after data for 5 million USAns (2.9 million children) was leaked?

    I did find this which proves that Vtech are scum.

    1. chivo243 Silver badge

      Re: Why would you need to prove ID theft?

      @Dan 55

      +1 for finding that link. Karma is a bitch, maybe she'll bite V-Tech too?

    2. Doctor Syntax Silver badge

      Re: Why would you need to prove ID theft?

      This is the second US case reported here recently where it's argued the leakage isn't damage unless some consequent harm falls on the data subject. In the EU the leakage itself is a reportable and punishable occurrence.

      This different legal attitude in the US should in itself be sufficient to invalidate the Privacy Figleaf, model clauses and all the other claptrap thought up to allow our data to be shipped across the pond.

      Unless they're held legally responsible for securing the data from all comers, empowered to do so and punished for failing no US company can be considered a fit guardian for PII from the EU.

      1. Version 1.0 Silver badge

        Re: Why would you need to prove ID theft?

        Why should they worry about ID theft? Equifax has them beat by 10,000% and Equifax aren't worried at all.

  3. chivo243 Silver badge

    Long ago

    I bought my nieces many V-Tech products, as that is what their mother put on the Christmas their wish list. I don't recall any of those products being WiFi capable... When my son came along, we didn't even consider any V-Tech products. Reading Dan 55's link makes me glad we didn't...

    1. AndyS

      Re: Long ago

      I have 3 young kids, and absolutely hate VTech, with a passion.

      Cheap, nasty, hard plastic, blaring out non-stop noise, continually. The sort of "Why aren't you playing with me any more? I'm a train, come and push me on the track" attention seeking crap that actually destroys creative play.

      We have a few which slipped through the net, but I took the batteries out. They're still hard, nasty, cheap plastic rubbish, so as soon as the attention grabbing noise stops, the kids almost instantly lose interest, and they can be reassigned to the box in the attic as soon as possible.

      1. Shadow Systems

        At AndyS...

        I know you were talking about the toys, but the moment I read "...and they can be reassigned to the box in the attic as soon as possible." I thought you meant putting the *kids* away in the box. Enjoy a pint, I'm still laughing myself silly. =-Jp

  4. Anonymous Coward
    Anonymous Coward

    GDPR

    And this is why GDPR is a _good_ thing.

    1. Anonymous Coward
      Anonymous Coward

      Re: GDPR

      and why the US will never be considered adequate for data protection, under the GDPR rules.

      1. Nick Ryan Silver badge

        Re: GDPR

        It wasn't adequate for data protection under DPA rules, however there was too much money involved therefore rubbish like the "safe harbor" act was often considered "adequate" even though even a cursory reading would reveal that it was utterly useless. The follow on protection is no better or of use therefore exporting the data of EU citizens, particularly children who have an additional level of protection as do all other vulnerable individual, to a regime such as the US is against the rules.

  5. John Smith 19 Gold badge
    WTF?

    As far as VTech is concerned it's all your fault.

    You know our site is insecure.

    You know the link is insecure.

    You know your data is personal.

    So any loss of it is not our fault.

    Frankly I'm astonished some other devious motherf**kers haven't tried this BS before.

    But you can bet they won't be the last IoT supplier to do this.

    1. John Brown (no body) Silver badge

      Re: As far as VTech is concerned it's all your fault.

      "Frankly I'm astonished some other devious motherf**kers haven't tried this BS before."

      If it came to court, I suspect UK law would strike that clause out as an unfair contract. Yes, the toys can be used without registering and/or going on line, but that means you are buying something which you then can't use to it's full and advertised potential, especially since the T&Cs are not on the packaging. Would a shop take it back after you've opened it, found the instruction book, gone online to register and only then find that you can't or won't agree to the T&Cs? I suspect not, leaving you to try for a refund from VTech.

      1. SImon Hobson Bronze badge

        Re: As far as VTech is concerned it's all your fault.

        Would a shop take it back after you've opened it, found the instruction book, gone online to register and only then find that you can't or won't agree to the T&Cs? I suspect not ...

        They might try to refuse to take it back, but after losing in the Small Claims Court (more technically, Fast Track Service of the County Court) they would !

        If using the device to it's full potential means accepting contract terms which we NOT made clear before purchase then you have the right to not accept those changed contract terms and void the contract. Basic contract law - unless the initial contract allows for unilateral redefinition of the contract (which would be struck down under the Unfair terms in Consumer Contracts Regulations) then the contract can only be varied with the consent of all parties. Having to sign up with an online service and accept T&Cs that weren't on the outside of the package you bought would be a change in the terms of the contract you entered with the retailer and thus you are not required to accept them.

        It's just the same with shrink wrapped software. Unless the EULA is clearly visible before you open it, the retailer cannot refuse to accept a return because you don't accept the terms of the agreement.

        1. LaeMing
          Happy

          Re: As far as VTech is concerned it's all your fault.

          And if enough consumers are returning rejected open boxes, the retailer might just decide it isn't worth stocking that supplier's product. (We can dream, can't we?)

  6. adam payne

    'Plaintiffs’ arguments still rest on the fundamentally flawed premise that VTech’s alleged promises regarding its 'Online Services' (Learning Lodge and Kid Connect) were somehow relevant to the hardware devices that Plaintiffs purchased before they registered for the Online Services”, the filing states.'

    Alleged promises? what promises to keep data secure?

    If the full feature set can not be used without registering for the online services then that would make relevant.

  7. Milton

    Just because you can—

    Just because you *can* connect your kids' toys to the Internet of Shyte doesn't mean there's the slightest point in doing so.

    And I am constrained to point out that education in the UK today is significantly worse than it was in the 60s and 70s, before the internet came along. I was born in the 50s, and had children late, now in Uni and secondary school, so I've had abundant opportunities for comparison. Meddling by successive and increasingly stupid government ministers has done huge damage.

    My kids and I are significant internet users and I am a techie ... and yet I have perceived no real educational advantage to them from the internet's existence, despite connected homework and all the other gimmicks that appear to be a substitute for communicating understanding. Pretty pathetic really.

    1. John Brown (no body) Silver badge

      Re: Just because you can—

      "Just because you *can* connect your kids' toys to the Internet of Shyte doesn't mean there's the slightest point in doing so."

      But why would your average purchaser not do so? It's an advertise selling point and possibly a prime reason for choosing that particular toy. Yes, we are aware of the dangers, but it seems your average parent isn't.

    2. PNGuinn
      Headmaster

      Re: Just because you can— @ Milton

      Upvoted by another crusty old fart born in the early 50s who can still remember education.

      And textbooks, not the propaganda comics of today.

  8. jelabarre59

    Still there?

    V-Tech still makes usable and relevant products??? They still even exist? Surprising in itself.

    And would you believe they actually made PCs at one time as well? I used to have a dual-processor V-Tech 486-DX2 system. Went titsup like any other V-Tech product.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like