We reported earlier this week on how incredibly popular the new Pokémon GO augmented reality app has become and how quickly crooks have taken advantage, releasing their own fake “malware remix”.
But it’s not just the hackers and their poisoned versions of the app that are making headlines … owner Niantic is too. It seems that the Google spin off is causing concern when it comes to the gathering and use of players’ personal information.
I am concerned about the extent to which Niantic may be unnecessarily collecting, using, and sharing a wide range of users’ personal information without their appropriate consent.
…any information collected – including a child’s – “is considered to be a business asset”
… can then be shared with The Pokemon Company and “third party service providers”, details for which are not provided, and farther indicates that Pokemon GO may share de-identified or aggregated data with other third parties for a non-exhaustive list of purposes.
The Senator clearly wants action. He’s all for users’ personal information enhancing their augmented reality experience, but wants to ensure that Americans’ – especially children’s – very sensitive information is protected.
- What information collected is actually necessary for the game?
- How else does the company use the information it has access to?
- Why does Pokémon GO needs the permissions it asks for?
- Could the collection of unnecessary information be opt-in, instead of opt-out?
- How does Niantic inform parents about the information it gathers from their children?
Apps like Pokémon GO are popular because of the way they use the integrated features of modern smartphones, such as cameras and GPS, and it’s not always obvious why apps need the permissions they ask for.
We look forward to Niantic providing the clarity that Franken, and many people, are seeking.Follow @NakedSecurity