‘Pokémon GO’ To Soon Surpass Twitter, Tinder And Is A Hacker’s Dream Come True
Pokémon GO hasn’t even gone global yet, but the mobile game is already about to surpass Twitter in daily active users on Android. However, the game can also play right into the hands of hackers, just waiting for all your private data.
Since its release on July 6, Pokémon GO is so far only available in the U.S., Australia, and New Zealand, but the mobile game is so popular, Niantic Labs have apparently had to pause their global rollout due to the totally unexpected demands placed on their servers.
Singles are using the virtual reality game for more than just catching Pokémon https://t.co/89VzalNMXs
— New York Post (@nypost) July 16, 2016
The mobile game app has been in the news a lot lately, with users having all kinds of mishaps as they tour around hunting down their cartoon monsters. As reported by the Inquisitr, people get so caught up in the game that they have all kinds of nasty surprises, including two San Diego men walking off a cliff this week and several drivers having accidents playing the game while on the road. However, it turns out there is more than just accidents to worry about while playing the game.
According to a recent report by Forbes, Pokémon GO has been installed on 5.6 percent of all Android devices in the U.S. and is currently also beating Tinder in popularity. It is so popular indeed that on average, users of Pokémon GO are using the game app twice as much as highly popular apps like Snapchat.
#PokemonGo user retention rates more than double industry averagehttps://t.co/8IUsxFk8VT pic.twitter.com/OfAzNcWCOp
— VG247 (@VG247) July 16, 2016
While Pokémon GO is obviously popular and hugely fun to play, there are some concerns out there relating to users’ data and who can get their greedy hands on it.
According to a report by The Daily Beast, while you are having fun hunting down monsters, Niantic Labs – a former internal Google spinoff – is also having fun collecting vast amounts of data about you.
What was formerly an internal Google startup has in the last couple of days acquired an absolute gold mine of personal information via the smartphone app.
While everyone is busy playing and searching their local landmarks for cartoon monsters, Niantic is drawing in a wealth of information about their location.
And it’s not only Niantic that is likely to have this information, as a source told the Daily Beast that the database of personal data acquired via the game app has already become a target for the worst online criminals. And not just your usual hackers and criminals – corporations are also looking to get their hands on your private data.
According to Gary Miliefsky – a previous advisor to the U.S. Department of Homeland Security and current CEO of cybersecurity firm Snoopwall – “When they hit 25 to 20 million records, they’re going to be breached, and they’re at 10 million right now.”
Reportedly, the game app collects a lot of information from each user. For example, on Android devices, the app asks for access to the user’s camera, GPS location, contacts, and SD card contents. During the sign-up process, it also asks for the user’s date of birth. While you are using the app, Pokémon GO requires an active WiFi or GPS signal to be able to play and thus has to know exactly who and where you are.
For those who haven’t read Niantic’s Privacy Policy, said policy gives the company very wide latitude for using the information gathered on its users. They can give what is termed personally-identifiable information (or PII) to law enforcement, share it with third parties, sell it off or even store the information in foreign countries with little or no privacy legislation.
Referring to an entire section of the privacy policy that is dedicated to the use of foreign storage, Miliefsky noted, “Normally, you won’t see that in an app.”
More malicious Pokemon Go apps are being released https://t.co/vTY4E2OaUv pic.twitter.com/wDU1EDXs3u
— Gizmodo (@Gizmodo) July 16, 2016
The Daily Beast also spoke to Drew Mitnick, policy counsel for the digital rights organization, Access Now. Mitnick says the terms of this privacy policy should definitely give potential users pause before playing Pokémon GO. He warns users to read the fine print before even downloading the app.
“It is becoming abundantly clear that the permissions screen, which evolved to provide users a screenshot of information that apps can access, no longer provides adequate notice on how that information is collected and used,” Mitnick said.
As Miliefsky added, the data produced by the Pokémon GO app won’t just appeal to petty thieves, as it could also – rather terrifyingly – be used by pedophiles to track children’s movements.
“The phones are geolocating children,” he said. “This is a big deal in my mind. This app goes too far. It’s not obvious because people don’t read the fine print.”
Reportedly, the Beast tried to contact Niantic Labs for comment about the potential security and privacy risks for users, but they have not immediately responded.
While that company promises in its Privacy Policy that it is taking “appropriate administrative, physical, and electronic measures designed to protect the information,” hackers have increasingly targeted large databases of PII in recent times and have successfully exploited that data.
[Image via Matthew Corley/Shutterstock]