Pokemon GO caught millions of players and their data.
But few realized that while they were walking around playing and collecting Pikachus, the company behind the game was catching their personal data.
When they downloaded Pokemon GO to their iPhones, millions of people inadvertently granted access to large amounts of user data to the game's developer, Niantic Inc., the Wall Street Journal reported. The company said it quickly fixed the issue with an app update, but the attention made many consumers aware of what and how much information similar apps regularly collect and how easy it is for apps to gain access to users' private data.
Like most apps that work with the GPS in smartphones, Pokemon GO can tell a lot of things about players based on their movement as they play: where they go, when they went there, how they got there, how long they stayed, and who else was there. And, like many developers who build such apps, Niantic collects that information.
It also may share this information with other parties, including the Pokemon company that co-developed the game, "third-party service providers," and "third parties" to conduct "research and analysis, demographic profiling, and other similar purposes." Its policy also says it may share any information it collects with law enforcement in response to a legal claim, to protect its own interests, or stop "illegal, unethical, or legally actionable activity."
This kind of access is not unusual. All location-based apps can do the same thing. However, Pokemon GO's block-by-block location data, along with its popularity, may soon make it one of, if not the most, detailed location-based social graphs ever compiled, according to BuzzFeed News.
With the update, Niantic said it now only requests access to basic account information, such as a user's name and Gmail address. Niantic said that the request was a mistake and that it never snooped into the Google accounts of iPhone users, the WSJ reported.
Niantic's new permission request only asks for "basic Google profile information, in line with the data that we actually access," it said.
Players who installed "Pokemon GO" on an Android device and logged in with their Google accounts granted Niantic access only to their Google username and e-mail address.
iPhone users who already have logged in with a Google account should log out of the app and download the update. Then they can log back in with their Google account to see the scaled-back permissions.
In a statement, Niantic said Google would soon take care of the problem, regardless of what type of phone players are using. "Google will soon reduce Pokemon GO's permission to only the basic profile data that Pokemon GO needs, and users do not need to take any actions themselves," the statement said.
|Printer friendly Cite/link Email Feedback|
|Publication:||Information Management Journal|
|Date:||Sep 1, 2016|
|Previous Article:||Report: regulations drive IG cloud market growth.|
|Next Article:||Experts, lawmakers call FOIA broken.|