The latest weekly report includes German firm Enox’s Safe-KID-One watch, which is marketed to parents as a way of keeping tabs on their little ones – ostensibly to keep them safe – and comes with one-click buttons for speed-dialling family members.
However, the commission said the device does not comply with the Radio Equipment Directive and detailed “serious” risks associated with the device.
“The mobile application accompanying the watch has unencrypted communications with its backend server and the server enables unauthenticated access to data,” the directive said.
As a result, data on location history, phone numbers and device serial number can be found and changed.
“A malicious user can send commands to any watch making it call another number of his choosing, can communicate with the child wearing the device or locate the child through GPS,” the alert warned.