If you’re worried about a smart children’s toy which you’ve heard in the press has the potential to be hacked, it’s understandable that you might wish to return it rather than take a risk.
Your first step should be to follow our top tips below to stay safe while you decide whether you would like to return the connected children’s toy and how you go about doing this.
If you bought it recently, it might be easier to return it as an unwanted item - see steps 2 and 3.
But if you bought it a while ago or the retailer’s store returns policy doesn’t allow unwanted-item returns, you could still try to make a claim under the Consumer Rights Act. We outline how to do this in step 4.
Importantly, if you’re concerned a smart children’s toy has actually been hacked and is now compromised, read our advice on how to get a refund, repair or replacement in step 5.
Please note that we are testing products all the time and that this list is not exhaustive.
If you aren’t convinced a smart toy or connected device will keep your children’s personal information safe, then don’t use it.
If you’ve already purchased one of the toys on our list, or another connected toy, don’t panic. Follow these tips to stay safe.
If you recently bought the potentially hackable toy online and have since become concerned of security flaws which may allow it to be hacked in the future, you may be able to return it.
According to the , your rights to cancel an order and get a refund start from the moment you enter the contract by paying for the item and ends 14 days after your order has been delivered to you, your nominated neighbour or dedicated safe place.
You can notify the retailer within this time frame that you would like to cancel your purchase. Following you notifying them, you then have a further 14 days to return the item to them.
If you purchased the smart toy in store, check the retailer’s store returns policy to see if you can return unwanted items and how long you have to do this.
Retailers aren’t obliged to accept returns for unwanted items, but if they have it stated in their returns policy, then they must stick to this.
Retailers have become more generous in accepting returns for unwanted items bought in store and tend to extend this generosity further around Christmas time.
While it hasn’t been legally determined by the courts as yet that a smart toy with the potential to be hacked due to inherent security flaws is a faulty good, Which? believes that it should be regarded as one and we would encourage you to make a claim.
If sufficient number of consumers reject a product that doesn’t protect children’s security, then eventually developers and retailers will get the message and do better to safeguard children’s security in the future.
Complain to the retailer that you’ve discovered it is insecure and name the source of this belief (eg a Which? or other press article).
The Consumer Rights Act states that all products must be of satisfactory quality, fit for purpose and as described. So all products - whether physical or digital - must meet the following standards:
If you believe your smart toy has been hacked and is now compromised, you should return it to the retailer and ask for a refund, repair or replacement. You should also keep written details of the potential breach and impact it has had, in the event that you choose to make a separate data protection claim as against the manufacturer.
If you are no longer in control of the toy and it is no longer safe for your child to play with it, then in our view the smart toy is no longer fit for the purpose it was supplied for.