Is your child’s favorite toy a spy in disguise? Complaints filed by consumer watchdogs in the United States and Europe claim that so-called smart toys are in violation of privacy and data protection laws.

Toys including My Friend Cayla, i-QUE Intelligent Robot and Hello Barbie are the target of the watchdogs, who claim the internet-connected devices targeted to kids are recording and collecting audio without limitations.

The issues being raised come from the European Consumer Organization BEUC and U.S. groups including the Electronic Privacy Information Center (EPIC), which have filed their complaints to authorities in France and across Europe as well as with the U.S. Federal Trade Commission.

"The toys subject young children to ongoing surveillance and are deployed in homes across the United States without any meaningful data protection standards," the complaint from EPIC and other U.S. watchdogs said. "They pose an imminent and immediate threat to the safety and security of children in the United States."

In its own letter, BEUC cited research conducted by the Norwegian Consumer Council that found the toys lacked basic security measures and used user agreement terms that are in violation several privacy directives put in place by the European Union.

The groups have called for Los Angeles-based manufacturer Genesis Toys, the maker of several of the internet-connected toys in question, and voice technology company Nuance Communications to properly disclose its data retention procedures and require parental consent before collection any additional information. The companies have not yet responded to the complaint.

EPIC and its allies have also called for investigation into Genesis and other companies that are exploiting similar practices, as well as Nuance’s practice of using children’s speech data to improve its products—which it also sells to government and law enforcement agencies and the military.

The security of connected children’s toys has been called into question before. Last year, children’s electronics producer VTech was hacked, leading to the theft of data from 6.4 million kids who used toys made by the company.

The hack included data like children’s names, gender and birthdates. The hacker also revealed he was able to access profile pictures of children and chat logs between kids and their parents collected by the hacked devices.