The newly released Pokemon Go by Niantic for mobile devices is all the craze right now. With over 15 million downloads, and 1.6M in daily revenue in the US alone, it has become the most downloaded app of all time. To summarize, the application uses your GPS location to put Pokemon in the world for you to catch, and it places locations in the world to battle your Pokemon or collect items. It’s very much like Geocaching with virtual monsters.
But once again the issue of privacy rears its ugly head; When you sign in with your Google account and accept the license and use agreement, what are you actually signing up to give away? In the agreement, it says, “We may disclose any information about you (or your authorized child) that is in our possession or control to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate…” That includes information from your Google Store account, or iTunes account, your phone contacts, pictures, and real-time location, thought the developer released a statement stating they will only collect your email and location for application use. But applications tracking you and collecting, and possibly selling, your information is nothing new; Facebook, Google Maps, Tinder, or any app on the market today can be expected to do all of the same things. What’s unique though is how malicious individuals are using it to their advantage.
As of this blog, there have been no known data breaches on the part of Niantic. However, other people are using one of the features of the game to draw unsuspecting players into isolated locations and robbing them. In the game, one can place an item down to attract Pokemon, which will in turn attract players. Two men playing the game were robbed at gunpoint after going to a park late at night and a group of students in College Park, Maryland, were also robbed after going toward one of these item locations.
It may not be surprising or interesting to hear of another application tracking your location, collecting your personal information, and possibly selling it to the highest bidder. It’s seemingly a standard for applications today to know everything about you. Is it because we inherently trust these companies to secure our information and use it only for good, or do we just not care anymore?