Pokemon Go Seeks To Reassure Lawmaker On Privacy

Pokemon Go developer Niantic says it uses outside companies to collect and interpret data about players for marketing-related analytics, but doesn't "sell" information about those people.

The company's statements came in response to questions from Sen. Al Franken (D-Minnesota), who recently asked Niantic to address privacy concerns raised by Pokemon Go's data collection practices. Players of the popular augmented reality game, which went live in July, use their mobile phones to "catch" Pokemon characters.

Within days of the app's launch, Franken wrote to Niantic with questions about its privacy practices. Among other questions, he asked Niantic about the type of data it gathers from users, the reasons for the data collection, and whether it shares data with third-party service providers.



Niantic general counsel Courtney Greene Power responded that the app collects data about players' locations, mobile operating systems, device identifiers and hardware.

"Niantic uses mobile analytics services to collect and interpret data about the use of the app, and to receive crash reports," she writes in a letter to Franken that he made public on Thursday. "From time to time, we also engage third parties to perform marketing, demographic and similar forms of analysis for us on aggregated sets of data."

She adds that the company doesn't share data about users younger than 13 with those outside companies.

Power also says Niantic plans to offer about to sponsors about some game actions, but only on an aggregated basis. "Niantic does not and has no plans to sell Pokemon Go user data -- aggregated, de-identified or otherwise -- to any third party," she writes. "As we continue to develop our sponsored locations program, we will provider certain reports to sponsors about visits and game actions (such as redeeming a promotion at the location), but these reports will contain aggregated data only."

The "sponsored locations" program allows companies to pay in order to have their establishments featured in the game. In Japan, fast food chain McDonald's paid to have almost 3,000 establishments in Japan turned into virtual "gyms," which were visited by Pokemon Go players.

In his July letter, Franken also asked Niantic how it handled data collected from children, and how it informed parents about its privacy practices. The federal Children's Online Privacy Protection Act prohibits companies from knowingly collecting some types of information, including location data, from children under 13 without their parents' consent.

Power told Franken that Pokemon Go asks users to provide their birth dates and doesn't let anyone under 13 play until their parents have consented to the privacy policy. (Parents must create their own accounts and provide information to verify their identity, the company says.)

At launch, the app -- funded by Google and Nintendo -- asked iPhone users for permission to access their Gmail accounts, contacts, and other information stored in Google's cloud. But the company said that request was the result of a glitch, and that the app only accessed people's User IDs and email addresses.

Franken said on Thursday that he plans "to work further with the company in the future to ensure that we’re doing everything possible to protect the privacy of Americans -- particularly American children -- who play Pokémon Go.”

Next story loading loading..