Privacy and Pokémon Go

Gotta catch ‘em all!


All of our childhood dreams came to life when Niantic Labs, brought to life, Pokémon Go, the augmented reality game took over our lives. It’s release in August this year caused ripples in the world of gaming. The gaming sensation surpassed Facebook, Twitter, and Netflix’s daily popularity on Android phones. Over on Apple devices, the game was downloaded more times in its first week than any app that came before it.


While India and the East saw a late release, the West took the early winds of this sensational game. The suddenly vast scale of Pokémon Go use is matched by the game’s aggressive use of personal information. Unlike, say, Twitter, Facebook, or Netflix, the app requires uninterrupted use of your location and camera.


Like most apps like Foursquare, Tinder that work with the GPS, Pokémon Go too collected a lot of information on your movement.  And, like many developers who build those apps, Niantic keeps that information. According to the Pokémon Go privacy policy, Niantic may collect — among other things — your email address, IP address, the web page you were using before logging into Pokémon Go, your username, and your location. And if you use your Google account for sign-in and use an iOS device, unless you specifically revoke it, Niantic has access to your entire Google account— your email, the drive among other things. It also means that if the Niantic servers are hacked, whoever hacked the servers would potentially have access to your entire Google account.


Given this amount of privacy breach, you’d wonder what do to do next in the risk management area, here is a breakdown—


Step 1: Identify and assess the risks

In this case, several researchers reported the issue with the app and it was widely published in its early days when the app had just started picking up in popularity.


Step 2: Deal with treating the risks

You can do so by avoiding the risk, reducing the risk, sharing the risk, or accepting the risk. In this case, you had people removing the app immediately (avoiding the risk), switching to a “throwaway” email account (reducing the risk), or accepting the risk (doing nothing).


So, where does the Pokémon Go incident leave us with Cybersecurity one may think?


This Pokémon Go incident served as a litmus test of where the average person— more likely the younger generation stands in terms of their security and privacy awareness. Most people are able to grasp subconsciously the basic concepts of threats, impact, and likelihood that make up risks— however remain unaware at large of how to safeguard themselves.


Such incidences are greater opportunities for technology companies to gain a conscientious perspective towards privacy and work towards providing a safer technological environment.

Related Post