Legislators want to know how VTech handles children's data

VTech asked to answer 9 big questions in one month.

In the days following a surprisingly heinous hack on kiddy-gadget-maker VTech, shock and surprise have given way to pointed curiosity. The latest slew of questions come from Senator Edward J. Markey (D–MA) and Congressman Joe Barton (R–TX), who just issued a letter -- that definitely doesn't double as a PR grab at all -- calling on VTech to explain what kind of data they collect from kids under 12 and what they're actually doing with it. VTech (better known as Hong Kong-based VTech Holdings) has until January 8 to proffer a response, though the company technically doesn't have to respond at all.

The full letter (available here) mostly poses broad questions about VTech's data protection practices, the company's compliance with legislation designed to protect children's privacy and how the company plans to help affected consumers. Things get a little more pointed when the letter asks if VTech sells any of that user data to third-party brokers, touching on totally warranted fears that personal information gets treated as a commodity to be bought and sold.

We sort of doubt that VTech would shop that personal info around (or would cop to it while not under oath), but at least the guy behind the hack in the first place refuses to post what he found. The anonymous attacker told Motherboard that he would never share or profit from such data dumps, "especially not if children are involved". No, his actions were seemingly meant to highlight lousy security, and VTech can't fix all those problems soon enough.

2015 12 02 VTECH Letter Markey Barton

[Image credit: Gareth Cattermole/Getty Images]