Pokémon GO is a very popular game, if not the largest MMO of all time. Many play it and of course hardly anyone reads the fine print. However, there are some problems with it.
Complaints about the app’s excessive permissions are piling up, making data protection incompatible with the game. And in the fine print, you find an arbitration agreement under California law.
Data collection madness of Pokémon GO
It is nothing new that many apps primarily want to collect data. However, if a developer takes it to extremes, he must reckon with resistance. The Pokémon GO app is said to have given the developer Niantic full access to the Google account.
What happened? Why does the app have all permissions?
To register, it requires a Google account or an account from the Pokémon site. Since the latter temporarily did not accept new members, Reeve only had the option to use Google. He received no request for permissions; apparently, the app just took them. He then checked which rights Pokémon GO now has: all. This means the application has full access to emails, Google Drive documents, and even search history.
We recently discovered that during the account registration for Pokémon GO on iOS, all permissions for the Google account were mistakenly requested. However, Pokémon GO only accessed general information from the Google profile (specifically: user ID and email address). Neither was access made to other data, nor was it collected. After we became aware of this error, we worked on a client-side fix to ensure that only the data we previously accessed would be requested. Google confirmed that neither Pokémon GO nor Niantic received additional data. Google will soon restrict the app’s access, so the user does not have to do it themselves.
This was therefore a mistake that only affected iOS users who registered using their Google accounts. Reeve also did not consider it data collection madness but negligence.
How can I protect myself from the data octopus?
First, you should check the apps and their received access rights. There you can also restrict access, as simply uninstalling an app does nothing in this regard. If you want to register first, you can also create your own Google account for that, as then it is irrelevant how much data the app receives.
One should not trivialize this matter. Some believe that Niantic and Google are a company, so all data is essentially already available or could be collected, regardless of the app or other permissions. This is not true. Niantic is an independent company. While it originated within Google, it subsequently separated from Google as a spin-off. Therefore, there is no reason to grant them more information than they actually need.
Gotcha: Arbitration Proceedings under California Law
If you ever have disagreements with Niantic, they cannot simply be resolved through a court. Because you have agreed to an arbitration procedure under California law. The arbitration and the compatibility of this clause with German law would exceed the scope of this article. However, you can reject this clause within 30 days of accepting the account creation. It is sufficient to send a corresponding email to [email protected].
If you do not provide Niantic with a waiver of the arbitration proceeding within the 30-day period, it will be assumed that you knowingly and intentionally waived your right to resolve any disputes in court, except as expressly outlined in clauses a) and b) above.
The Pokémon GO app fulfilled a promise in the summer of 2016 that we were given as children. Instead of controlling a trainer, we can now be a Pokémon trainer o...
