Pokemon Go may be emblematic of new risks and hazards to consumers in the digital age. In addition to your location data, Pokemon Go collects your email address, IP address, the web page you were using before logging into Pokémon Go, your username, and your location. And if you use your Google account for sign-in, Niantic may have access to your entire Google account, including read/write access to your email and Google docs.
It also may share this information with other parties, including the Pokémon Company that co-developed the game, “third-party service providers,” and “third parties” to conduct “research and analysis, demographic profiling, and other similar purposes.” It also, per the policy, may share any information it collects with law enforcement in response to a legal claim, to protect its own interests, or stop “illegal, unethical, or legally actionable activity.” Now, none of these privacy provisions are of themselves unique. Location-based apps from Foursquare to Tinder can and do similar things. But Pokémon Go’s incredibly granular, block-by-block map data, combined with its surging popularity, may soon make it one of, if not the most, detailed location-based social graphs ever compiled. And it’s all, or mostly, in the hands of Niantic, a small augmented reality development company with serious Silicon Valley roots.