VTech waves off security responsiblity after major 2015 breach

In late 2015, children’s toy manufacturer VTech hit the headlines after a major security breach caused personal data from some five million users to become compromised. Now, the company has taken steps to wash its hands of responsibility for any similar event that might take place in the future.

VTech has relaunched its online app store, the Learning Lodge, which was the target of the attack two months ago. However, a change to the terms and conditions associated with the service seems to be more concerned with covering the company’s back than with defending the personal data of its customers, according to a report from Tech Spot.

Littered with such phrases as “at your own risk” and “full responsibility,” the gist of the document is that VTech will not be held accountable for losses arising from any future breach. The terms explicitly state that VTech will not be liable for “damages of any kind” should such a situation arise.

Understandably, this has caused some unrest among both consumers and security analysts. It’s disappointing that a company selling products used by children would take such a hands-off approach to protecting information keyed into those devices, and it certainly sets a poor precedent going forward.

It would be convenient for many organizations to claim no responsibility for personal data being leaked or their systems otherwise being breached. However, for services like Learning Lodge, which is a significant money-spinner, there has to be some sense of responsibility attached to offering it up to widespread use.

There are calls for a boycott of VTech’s products in response to these updated terms and conditions, and that could well be exactly the sort of response that’s necessary to force an appropriate reaction. In the grander scheme of things, a situation like this raises yet more questions about the data we entrust to major corporations on a regular basis.