© Springer International Publishing AG 2016. A smart toy is defined as a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. A smart toy in this context can be effectively considered an Internet of Things (IoT) with Artificial Intelligence (AI) which can provide Augmented Reality (AR) experiences to users. Referring to the direction of the United States Federal Trade Commission Children’s Online Privacy Protection Act (COPPA) and the European Union Data Protection Directive (EUDPD), this study adopts the definition of a child to be an individual under the age of 13 years old. In this study, the first assumption is that children do not understand the concept of privacy. The second assumption is that children will disclose as much information to smart toys as they can trust. Breaches of privacy can result in physical safety of child user, e.g., child predators. While the parents/legal guardians of a child strive to ensure their child’s physical and online safety and privacy, there is no common approach for these parents/guardians to study the information flow between their child and the smart toys they interact with. This paper discusses related privacy requirements for smart toys in a toy computing environment with a case study on a commercial smart toy called Hello Barbie from Mattel.