Kids smartwatch makers are in trouble for collecting data without permission

The world of wearables has to reckon with the public's growing awareness of data privacy, and that is now moving toward children's wearables, with two kids smartwatch makers in hot water for collecting data without permission.

Last week, the Federal Trade Commission warned Gator and Tinitell that both companies are in violation of the Children's Online Privacy Protection Act (COPPA). The FTC says both companies are collecting "precise geolocation" data on children who wear its smartwatches but have not obtained parental permission before collecting that data.

Essential reading: How to choose the right GPS kids tracker

That's against COPPA, which requires companies that collect data from children must notify and obtain "verifiable" consent from parents. This isn't the first time Gator has been in trouble for lax privacy rules either.

Last October, developer Roy Solberg discovered security flaws in Gator's smartwatches that essentially allow anyone with an internet connection to track your child.

Solberg found that - using a web browser - a predator could track the locations of kids with Gator smartwatches, access voice messages, spoof the location of a Watch (allowing parents to think things are fine) and get a hold of phone numbers and names associated with the watch. Worse, Solberg found no encryption between the app, watch and servers.

Similarly, the Norwegian Consumer Council tested four leading kids smartwatches and found they were vulnerable to hacking. Since then, Gator and other companies have moved to make corrections, including adding encryption.

The FTC is asking Gator and Tinitell, which is now defunct, to address its issues and make corrections so that parents must deliver consent before children can wear these smartwatches.