How Much of your Personal Information Does Pokémon Go Collect?

How Much of your Personal Information Does Pokémon Go Collect?

In the last few weeks, the new augmented reality version of Pokémon has become an instant hit. It has generated thirty five million dollars in revenue for Nintendo in its first 2 weeks, raising its share value by 53 percent, which is approximately seven billion dollars. Gamers have now downloaded the Pokémon Go app more than seventy five million times, and numbers continue to rise as the game becomes available in new countries. But even as its popularity grows, some privacy and security issues have given users pause and made them wonder how much access Niantic, the company behind Pokémon Go, is getting to their personal information. In this article, ReputationDefenderexplore exactly just how much of a threat the app poses to your online privacy.

“Full access” to Google

The first privacy scare appears to have been the result of an error. Users registering with their Google ID on an iOS platform, were alarmed to see a warning that the app had been given “full access” to their account, including everything from documents to private emails and pictures. However Google and Niantic both assured gamers this was not the case, that the Pokémon Go app was really only gaining access to the limited information needed for a shared sign-in, a customary practice that makes the registration process simpler and reduces the number of passwords users have to remember. This is normally explained fully during the sign in process, but in this case Niantic used an outdated version of Google’s shared sign-in template which defaulted to saying the app had been granted “full access” even though it really hadn’t. Ari Rubenstein, an independent security engineer, checked exactly what he could access through the shared sign-in and reassured users there was no way Niantic could read any personal communication or documents. Google and Niantic meanwhile are working to rectify the issue so that Apple users no longer see this warning.

Further security concerns

It’s still best to proceed with caution when downloading Pokémon Go. The game’s popularity has attracted attention, and there’s currently a pirate version of the Android app which lets hackers gain full control of the gamer’s mobile. It’s not available through the Google app store, but some third party marketers have been able to pass it off as the real game, preying mainly on people who are anxious to download the app in countries where it isn’t yet officially available.

Furthermore, there’s still some question about whether Niantic is collecting user data and selling it to an unidentified third party. US senator Al Franken recently addressed this concern in a letter to Niantic’s CEO John Hanke. Franken, who works on the privacy and technology subcommittee in the US Senate, is worried that “opt-out” data collection with Pokémon Go will put children who use the program at risk since they are less likely to understand complex security issues. Franken’s letter included a number of specific “requests” for further information related to the apps data collection and sharing practices. A response is expected before August 12th. Pending further information, there are no known privacy threats of any real significance, but high profile users would do well to be cautious. The game should only be downloaded from official sources, and, of course remember to use standard personal safety precautions anytime you or your children are playing.


Posted on 10 August 2016 by Christina Hamilton

Tagged privacy, data, family safety