What Information Can Pokemon Go Access On Your Google Account? It's More Secure Than You Think

Share

Just last week, the sight of gaggles of people wandering aimlessly while staring at their phones would have caused confusion. Now, however, it's safe to assume they're playing Pokémon GO, the latest (and most popular) installment in the Nintendo franchise. On Monday, reports that the uber-popular game had been given "full access" to some users' Google accounts began circulating, causing some people to wonder: What can Pokémon GO access on your Google account?

You may recall that when you first logged into the app, you had the option to either sign up with Google or create a Pokémon G-specific account. Many users opted to go with the Google sign up (myself included). Cybersecurity analyst Adam Reeve pointed out that Pokémon GO seemed to have been granted "full access" on Google, and later, many other users on iPhones found the same thing.

Before Niantic (the creators of Pokémon GO) announced that they'd "erroneously" granted the app full account access on Google, the only fix was to revoke the app's access and lose all your Pokémon. Now, Niantic says they're working with Google to fix the access issue, and that soon the app will only be able to access "only the basic profile data that Pokémon GO needs".

Now that the fix is on its way, techies are working to figure out exactly what Pokémon GO/Niantic will be able to access. According to their statement, "Google has verified that no other information has been received or accessed by Pokémon GO or Niantic."

While Niantic's statement said Pokémon GO only accesses your Google user ID and email address, parts of the Pokémon GO privacy policy are definitely troublesome:

It gets worse:

This kind of legally-obligated information sharing is, unfortunately, nothing new. On Facebook's expansive Privacy Policy landing page, they outline the places your information may go: to legal entities like the FBI if they have "a good faith belief" that the law requires it (based on subpoenas for cases investigating fraud or other illegal activity), but also to "Advertising, Measurement and Analytics Services" (though they specify that it's "non-personally identifiable information" only). Additionally, your info can go to, "Vendors, service providers and other partners," and "Apps, websites and third-party integrations on or using our Services."

While Niantic and Google work to fix this embarrassing Pokémon GO security risk, users are uncomfortably reminded that nothing they share online is secure. The only real way to ensure information security is to stay off the internet entirely, but when Pokémon are so cute and fun, it makes it very difficult.