The high-tech "Hello Barbie" doll unveiled earlier this year by toy giant Mattel and likely to be a holiday hit allows children to speak and get a response from their favorite toy.
But to make that happen, conversations travel over Wi-Fi networks to Internet "cloud" servers that use artificial intelligence to deliver a personal reply.
NSA to shut down bulk phone surveillance program by Sunday
For the activist group Campaign for a Commercial-Free Childhood, the privacy risks of the intelligent Barbie outweigh the benefits.
"Children confide in dolls and reveal intimate details about their lives, but Hello Barbie won't keep those secrets," the group said in a statement.
"When Barbie's belt buckle is held down, everything your child says is transmitted to cloud servers, where it will be stored and analysed by ToyTalk, Mattel's technology partner.
"Employees of ToyTalk and their partner corporations listen to recordings of children's conversations -- and ToyTalk won't even say who their partners are."
The consumer group says the new Barbie could become a marketing tool even though the makers have pledged not to do that. And it argues that the high-tech toy could undermine creativity.
"Children should use their own initiative and creativity to hold conversations with a doll, impart a personality and build their relationships," the statement said.
Microsoft agrees to store customer data in Germany
"With Hello Barbie, Mattel and ToyTalk's programmers and algorithms drive the conversation, undermining the creative play that is so critical to children's development."
To make matters worse, the organisation says Hello Barbie "could be a tempting target for hackers, who could access data stored by your family on home devices and networks through the doll."
The group is urging parents to shun the new doll and earlier this month launched an online campaign with the hashtag #HellNoBarbie.
Mattel did not respond to requests for comment. But ToyTalk pointed in a blog post last week to the "many safety features that have been integrated" into the design of Hello Barbie.
"We are not aware of anyone who has been able to access your WiFi passwords or your kid's audio data," the company said.
ToyTalk says passwords are stored in a hardware-encrypted section of the doll, and no conversation history is stored on the toy.
It added that stored data "is never used for advertising purposes" and that the doll has been certified as compliant with the Children's Online Privacy Protection Act.
Microsoft's Gates to start multi-billion-dollar clean tech initiative
To address security concerns, Mattel and ToyTalk have launch a "bug bounty program," where security researchers are rewarded for responsibly disclosing potential vulnerabilities.
ToyTalk said it expects kids to warm to the new connected doll.
"Mattel and ToyTalk built this doll because the number one request from kids is to talk to Barbie," the company said.
COMMENTS
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ