Facing concerns from privacy advocates and users alike, the company behind the massively popular new smartphone game Pokémon Go responded to claims that the app captures far more user data than it actually needs.
“Pokémon Go only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected,” reads a statement from Niantic, which developed the game.
Niantic added that Google will soon change the app so that it only asks for permission to view users’ basic profile data. The change will take effect automatically.
The company’s statement follows a widely-shared blog post from security professional Adam Reeve regarding Pokémon Go’s privacy permissions. Reeve claimed that the company gains a great deal of access to users’ Google accounts — including the ability to view users’ Gmail messages — when they use their Google credentials to log into Pokémon Go. (Players have the option of logging in to Go through Google or through a Pokemon.com account.)
Reeve’s post set off a firestorm of criticism over the practice. An increasing number of apps are using Google and Facebook accounts as login methods, potentially exposing users to security vulnerabilities and privacy violations. (A popular Facebook app was recently revealed to have a great deal of access to millions of users’ information.)
Some observers, however, said Reeve’s claims were overblown. Either way, Niantic’s statement should put at least some of the privacy concerns over this hot new game to rest.
Niantic was spun-off from Google in 2015, with Nintendo taking partial ownership around the same time.