Question to the Department for Digital, Culture, Media & Sport:

To ask Her Majesty's Government whether they will take action to ban the sale of child-tracking smartwatches following research which has found that devices neither encrypt the data used nor secure each child’s account.

We take the protection of personal data very seriously, particularly when it relates to children and young people. Organisations that process personal data collected by smartwatches must comply with the the General Data Protection Regulation and the Data Protection Act 2018. The GDPR imposes strict obligations on organisations to process people’s data fairly and lawfully and to ensure that any data collected is held securely. Organisations which fail to comply may be subject to enforcement action by the Information Commissioner’s Office.

We do not intend to ban the sale of smartwatches, but we have issued a Code of Practice for organisations involved in the development, manufacturing and retail of products linked to the ‘Internet of Things’ to ensure that products are designed securely and keep consumers safe. In parallel, we have published consumer guidance to raise public awareness about setting-up, managing and improving the security of their consumer devices.

The code of practice and the guidance for consumers can be viewed at the following links:

https://www.gov.uk/government/publications/secure-by-design/code-of-practice-for-consumer-iot-security

https://www.gov.uk/government/publications/secure-by-design/consumer-guidance-for-smart-devices-in-the-home