Printer Friendly

Pokemon GO caught millions of players and their data.

Within days of its July release in the United States, Pokemon GO attracted millions of users, boosted Nintendo's market value by $9 billion and counting, and garnered attention around the world.

But few realized that while they were walking around playing and collecting Pikachus, the company behind the game was catching their personal data.

When they downloaded Pokemon GO to their iPhones, millions of people inadvertently granted access to large amounts of user data to the game's developer, Niantic Inc., the Wall Street Journal reported. The company said it quickly fixed the issue with an app update, but the attention made many consumers aware of what and how much information similar apps regularly collect and how easy it is for apps to gain access to users' private data.

Like most apps that work with the GPS in smartphones, Pokemon GO can tell a lot of things about players based on their movement as they play: where they go, when they went there, how they got there, how long they stayed, and who else was there. And, like many developers who build such apps, Niantic collects that information.

According to the Pokemon Go privacy policy, Niantic may collect users' e-mail addresses, IP addresses, the web pages they were perusing before logging into Pokemon GO, usernames, and locations, among other things. Also, if they use their Google account for sign-in and use an iOS device, Niantic can access their entire Google account unless they specifically deny them that access. That means Niantic could have access to their e-mail, Google Drive docs, and more.

It also may share this information with other parties, including the Pokemon company that co-developed the game, "third-party service providers," and "third parties" to conduct "research and analysis, demographic profiling, and other similar purposes." Its policy also says it may share any information it collects with law enforcement in response to a legal claim, to protect its own interests, or stop "illegal, unethical, or legally actionable activity."

This kind of access is not unusual. All location-based apps can do the same thing. However, Pokemon GO's block-by-block location data, along with its popularity, may soon make it one of, if not the most, detailed location-based social graphs ever compiled, according to BuzzFeed News.

With the update, Niantic said it now only requests access to basic account information, such as a user's name and Gmail address. Niantic said that the request was a mistake and that it never snooped into the Google accounts of iPhone users, the WSJ reported.

Niantic's new permission request only asks for "basic Google profile information, in line with the data that we actually access," it said.

Players who installed "Pokemon GO" on an Android device and logged in with their Google accounts granted Niantic access only to their Google username and e-mail address.

iPhone users who already have logged in with a Google account should log out of the app and download the update. Then they can log back in with their Google account to see the scaled-back permissions.

In a statement, Niantic said Google would soon take care of the problem, regardless of what type of phone players are using. "Google will soon reduce Pokemon GO's permission to only the basic profile data that Pokemon GO needs, and users do not need to take any actions themselves," the statement said.
COPYRIGHT 2016 Association of Records Managers & Administrators (ARMA)
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2016 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:PRIVACY
Publication:Information Management Journal
Geographic Code:1USA
Date:Sep 1, 2016
Previous Article:Report: regulations drive IG cloud market growth.
Next Article:Experts, lawmakers call FOIA broken.

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters