When was the last time you gave away access to some of your most personal and private information? Chances are, it was more recently than you think.
As much as we are conditioned to be wary about giving away information about ourselves online, most people are willing to compromise their privacy to enjoy the benefits of the latest and greatest technology. As such, signing up for mobile apps and web services through Facebook or other online accounts is becoming more and more normalized despite the inherent risks.
Such has been the case with the recent release of the wildly popular mobile app Pokémon Go. The app, which allows users to virtually catch and battle Pokémon on their phones while walking around in the real world, has been criticized for jeopardizing people’s safety, both in reality and online.
Signing away your life?
Most users sign up for the app through their Google account, and in doing so, give developer Niantic access to their emails, contacts, photos, documents, and more. The caveat, though, is that this isn’t completely transparent when creating an account, and as a result, many have deleted the app upon discovering the extent of the permissions they gave away in order to play.
Pokémon Go also accesses the phone camera and GPS location data to simulate Pokémon popping up in the world around them. Thus, Niantic has access to information about where users live, where they go, and how much time they spend there. Although permission to access the camera can be turned off, most people are reluctant to do so: It would compromise the virtual reality aspect of the game.
Niantic has since issued a statement insisting that they only access basic Google profile information (specifically, user IDs and emails). And while it seems unlikely that they have evil intentions for the data being collected, no one can be sure exactly how Niantic uses it, or if the information is actually safe from external sources such as hacks.
The app has only existed for around two weeks, but we can expect to learn more about how the data collected by Niantic is utilized in the coming months. The potential for the company to use the GPS data to draw people to certain businesses or other locations is certainly there, though. In fact, some businesses have already capitalized on the opportunity: They’ve placed Pokéstops — areas in the game where users can stock up on items like Pokéballs and potions — at their locations.
More than just an issue of privacy
Pokémon Go is a mobile game among the first of its kind, but in the future, the emergence of similar online games that incentivize people to go to places they wouldn’t otherwise seek out could become a great boom for businesses.
The question is, and has always been — at what cost to the consumer? According to Aberdeen Group Senior IT Research Analyst Jim Rapoza, privacy should actually be the least of a consumer’s worries.
“With Pokémon Go gaining full access to the Google accounts of users who sign in with their Google credentials, the implications go way beyond privacy issues,” said Rapoza. “Yes, the idea that Niantic could read all your emails, see your Drive images, and even send messages is bad enough. But the bigger concern is that a game — or most apps at that — shouldn’t have this level of access.
“Basically, users are needlessly exposing their personal data. Pokémon Go has already been the target of attacks and malware and, given its popularity, those levels of risk will only grow. So if the bad guys can hack the game, they have access to everything they need to steal a person’s identity and access their most sensitive accounts. So it’s more than a matter of privacy — it’s about adding unnecessary risk.”
To catch ’em all, or to not catch ’em all: That is the question
The threshold for how much information users are willing to give away (if there is one) is yet to be determined.
In the meantime though, there appears to be plenty not phased by giving their data away to download the apps they want. While the vast majority of these folks may never experience any consequences, others may need to become victims to some type of security breach to change their ways.
While increased awareness of privacy issues surrounding Pokémon Go and other comparable apps is becoming more widespread, it will continue to be up to each individual to decide for themselves what price they’re willing to pay to catch ‘em all.