I wanted to kick my blog off with a fun post about an application that has been downloaded 500 million+ times to date and is taking over cell phones worldwide. Enjoy!
Pokémon Go has become the biggest mobile game in United States history attracting over 21 million active daily users and over $268 million in revenues since its launch on July 6th, 2016. Yet the handheld game has also brought forward concerns about how exposed our personal information can be in the hands of seemingly nonthreatening applications. To play Pokémon Go, gamers use their smartphone’s GPS to find, capture, fight and train virtual creatures superimposed on the real world shown by their camera. Players can purchase items to advance the game, including coins, eggs and incubators.
The game originally requested permission on the players smartphone not only to use a player’s device camera and location information, but also to be granted full access to the user’s Google accounts — including email, calendars, photos, stored documents and any other information associated with the login. Though the developers claim that while Pokémon Go did not use any information from players’ accounts other than basic Google profile information, they still requested access, which raised red flags. The application’s privacy policy has since been updated, so it is suggested that players with an iPhone should log out and download the update from the App Store, as the updated application only allows access to the user’s name and Gmail email address. Players who installed the application on an Android device and logged in with their Google account only granted access to their Google username and email address from the start.
Though Pokémon Go may have never actually been interested in your emails, it is capable of tracking your location and has access to your IP address as well as the webpage you most recently visited before launching the application. The game imposes virtual graphics (Pokémon) over the real world; therefore the application needs access to maps and locations. Yet this can be accomplished without requesting access to the player’s personal information. Keeping this in mind, players who want to play the virtual real-world game can restrict access to their Google accounts by creating ‘Pokémon Trainer Club’ accounts that are specific to the application and do not request excessive personal information.
Clicking “yes” to application requests that pop up during installation on a mobile device can compromise personal privacy. In their terms and conditions, some applications have clauses which state that they will hand over data to law enforcement officials or other private parties to respond to legal requests, yet few people realize that since they do not read the ‘small print.’ If you are unsure about the permissions on your mobile device that you have previously approved, they can be checked on iOS (Apple devices) by tapping Settings and scrolling down for a list of applications and what these applications have access to, these applications can then be altered and evaluated individually. On Android, tap Settings then Apps under Device Settings then choose the application and tap Permissions to evaluate each individually. It is very common for users to have applications downloaded onto their device that put them at a similar risk of exposing personal information as the original Pokémon Go application.