BlogsRSS

Pokemon Go's data privacy settings are the least of your problems

As you may have gathered, the Pokemon Go augmented-reality (AR) app has been a major success. It’s also caused a bit of a stir in terms of the amount of data it allegedly gathers on users – but honestly, the real mystery is why anyone is surprised.

It’s worth noting at the outset that the data privacy issue was a bit overblown. Initial reports suggested that users who downloaded the app from Niantic to an iPhone and signed in via their Google account granted the app permission to access their full Google account – which meant Niantic could theoretically use the app to read your Gmail, send email as you, access and delete Google Drive documents, access Google photos (including private ones) and view your search and Maps navigation history, among other things.

However, it turns out “full account access” just means the biographical details in your Google Account. In other words, Pokemon Go couldn't literally access your email, photos, calendar, etc.

Niantic has since issued a statement confirming the app is only supposed to access basic Google profile information like your User ID and email address, and that the app has collected nothing else. The developer has also issued an update that fixes the problem (although users who downloaded the original version still need to manually take steps to fix their privacy settings).

Still, it’s interesting that so many people were surprised and outraged about this. It’s not as if we don’t know that apps collect data on you. If a simple Flashlight app is designed to access far more data than it needs for collection purposes, why not an augmented-reality (AR) gaming app that obviously has to know and track your location for you to find all the Pokemons (and is undoubtedly collecting and storing that data)?

Anyway, the incident highlights one of the trickier aspects of AR, which is being heralded in some telecoms circles as the Next Big Thing in mobile and quite likely a key driver for IoT and 5G services. Big data will also be a part of the 5G future, and everyone in the value chain will have to pay close attention to privacy concerns like this.

Meanwhile, it’s fair to say Pokemon Go is the first major success for AR. It became the top free app for iOS and Android in almost no time – and that’s just in the US, Australia and New Zealand. As for why it’s successful when previous AR apps have either flopped or seen only modest uptake, Rachel Metz at MIT Technology Review says the reason is likely a combination of right-place/right time, ease of use and the popularity of Pokemon itself. And that could give the AR genre in general a major push into the mainstream:

It’s fun and shows how augmented reality can be compelling, even on a small smartphone screen. And it could help push others to develop more games and apps that use AR in other smart ways, leading to more interest in blending the real and the digital, on handheld displays and headsets, too.

However, Pokemon Go has also demonstrated some of the potential pitfalls of AR (besides data privacy concerns). For example, the actual locations where virtual Pokemon creatures are located are designated by Niantic using a custom version of Google Maps and vetted locations via its previous AR game Ingress. But players can also suggest locations, and that has resulted in several robberies and, in one case, the discovery of a dead body.

And then there’s all the people who aren’t watching where they’re walking – or worse, where they’re driving.

So perhaps the real bugs in AR apps won’t be in the software or data collection policies, but in the people using them.

(NOTE: Not every story about Pokemon-related crime or calamity is true. We're talking about the internet, after all.)