From 31 October to 4 November 2018, the KidExpo exhibition was held, presenting the latest innovations in the field of toys. Good omens for parents who would be in need of inspiration as the holiday season approaches. At the top of the sales list are the connected toys. These have been growing strongly for several years. Connected Barbie dolls, intelligent plush toys and clever robots will find their place at the feet of the trees. However, if they allow new opportunities for interaction with children, parents must remain on their guard about smart toys vulnerabilities. Several scandals have highlighted cases of negligence on the part of certain manufacturers whose toys could easily be hacked, turned into spies or lead to excessive collection of personal data. The manufacturer can thus collect a large amount of personal information about users, such as surname, first name, address, date of birth, e-mail address and/or telephone number… In December 2018, the CNIL gave notice to the manufacturer of the I-Que robot and the Cayla doll. They must quickly comply with French law. Futhermore, some basic safety rules can be put in place to limit the risk of compromise. Users should therefore be vigilant during the first use (for example, change the default password for a strong one) and ensure to disconnect the toy after each use and regularly delete the data it collects.