There have been Bluetooth / WiFi connected Teddy Bears / dolls around for a little while now. The idea is that you can transfer messages to them for your children to listen to while you are away. They are being marketed to grandparents and deployed military to leave messages for their children / grandchildren.
CSI Cyber, now in it's second season, had an episode a couple of weeks ago where a Cyber Security Researcher was trying to show a "proof of concept" hack. He hacked a little girl's baby doll and had the doll ask the little girl to leave the back window unlocked. The hacker then hired a small time criminal to break in and steal something so he could point the crime back to the company that marketed the baby doll. Crime went wrong and the small time criminal killed someone in the house.
Like most of the current crop of procedural dramas, most of the stories are way over the top, but there is always a seed of truth. This current crop of High tech toys are cool, but open the door for all sorts of privacy implications. I find the idea of a Barbie that can talk to you kind of cool, but the fact that it is reaching back to the company servers is unnerving. Then again, Siri, Cortana and Google Now do the same thing. How is this any different? Except for the fact that as an adult, I can make the informed decision to have my data on their servers. In a marketed Barbie doll, can the child legally make that decision?