As We Capture Pokémon, Niantic Captures Our Data
July 15, 2016
Having spent a fair amount of time reading the writings of America's founding statesmen, I feel qualified to ask the following question: Is there anything that Franklin, Madison, Jefferson, or Washington would have found more ludicrous than the sight of thousands of Americans wandering around colonial Philadelphia trying to capture imaginary Japanese monsters known as Pokémon? The only thing that would have approached that for sheer risibility is the idea that a largely failed developer with no discernible executive experience and little intellectual curiosity would be the nominee of a major American political party—but then, the two might be related.
Unless you've been hiding under (or have been hit with) a large rock recently, you no doubt are aware that the latest digital fad has descended upon us: Pokémon Go, a mobile version of the Game Boy videogame released twenty years ago by Nintendo. My kids were just 3 and 1 at the time, and I am happy to say that we managed to get them through childhood without having to watch them get sucked into the gravity well of portable game devices or the seemingly endless card game versions. (I'll table for the moment their adult obsession with Xbox.)
Every once in a while, there is a social phenomenon that shines a klieg light on issues like personal privacy. Pokémon Go is such a moment. For the better part of twenty years, Pokémon gamers could enjoy their monster training (modeled, interestingly, on the popular Japanese hobby of bug-catching) with relatively few privacy concerns. When kids (and their parents) laid out some cash for a gaming cartridge or a deck of Pokémon cards, that was the sum total of the exchange: money for a product that could be used for entertainment.
We don't live in that world anymore, and here's why: money has finite value, and information does not. If you hand Nintendo $20 for a deck of Pokémon cards, Nintendo's bottom line increases by $20. But if you grant Pokémon Go’s developer Niantic—whose investors include Nintento, Alphabet (Google), and Pokemon Co.—permission to harvest various types of information about your gameplay (as you must), you are providing an ongoing stream of incredibly valuable data that can be sliced and diced in myriad ways. Let's do some math: as of July 13, 2016, an estimated 15 million people had downloaded the game. Some reports suggested that Pokémon Go had added as much as $11 billion to Nintendo's value. That's a minimum value of over $700 per user.
None of these values are static, of course. One of the compelling dynamics of data collection is that the more you collect, the more valuable any particular datum becomes (which again, is not true of a $20 bill). Not surprisingly, reports are emerging that businesses are very interested in paying advertising fees to become destinations within the game. Some innovative businesses, like the Strand Book Store in New York, have already seeded their establishments with Pokémon lures to entice besotted gamers.
The real buzz associated with Pokémon Go is that it is helping to make augmented reality sexy. (Virtual porn is trying to do the same thing, but that's a different book.) The catch, of course, is that in order to "augment" reality (by using a gameplayer's camera to show his or her surroundings and nearby virtual Pokémon avatars), the game needs to know where you are. The Pokémon Go privacy policy has numerous provisions, but the key language is as follows:
The App is a location based game. We collect and store information about your (or your authorized child’s) location when you (or your authorized child) use our App and take game actions that use the location services made available through your (or your authorized child’s) device’s mobile operating system, which makes use of cell/mobile tower triangulation, wifi triangulation, and/or GPS. You understand and agree that by using our App you (or your authorized child) will be transmitting your (or your authorized child’s) device location to us and some of that location information, along with your (or your authorized child’s) user name, may be shared through the App. For example, when you take certain actions during gameplay, your (or your authorized child’s) user name and location may be shared through the App with other users who are playing the game. We may also use location information to improve and personalize our Services for you (or your authorized child).
Before you decide to become a Pokémoniac, you should think carefully about whether you want Niantic or others to have even more data about where you go in the world and how many steps you take to get there (and yes, Fitbit should be nervous). The primary use of the collected location information will be commercial, since the software developers are chiefly interested in figuring out how to better market directly to you or offer you up as an advertising target to businesses near you. But the Pokémon Go company makes it clear that if law enforcement is interested in where you've been chasing Pokémon characters lately, they will provide the collected data.
And then there's the risk of relationship failure. The New York Post ran a story on July 12th about a man whose girlfriend left when she saw that he was capturing Pokémon in the same neighborhood as his ex (and yes, they apparently had hooked up). You can be sure that savvy divorce lawyers read that story with interest. Maybe some folks should think about going back to the card version.
For what it's worth, Congress is on the case. Senator Al Franken has sent a letter asking for more detailed information about the privacy policies associated with the game. But the fundamental question is whether the bulk of the players—overwhelmingly millennials and Gen Z'ers—give a flying Pikachu about personal privacy. It's doubtful. The tradeoff of distraction and entertainment is too compelling and given the state of world, it's hard to blame them.
But a day of reckoning looms: The real power of the 1% lies not so much in the control of money but in the control of information. As I said in American Privacy, that's the real definition of privacy—the ability to control the use and spread of one's personal information. If we lose that, Franklin, Jefferson, and Washington might fairly ask what exactly it was for which they risked their lives and their sacred honor.
About the Author
Frederick Lane is an author, attorney, educational consultant, and lecturer based in Brooklyn, NY. He is a nationally-recognized expert in the areas of cybersafety, digital misconduct, personal privacy, and other topics at the intersection of law, technology, and society. Lane has appeared on The Daily Show with Jon Stewart, CNN, NBC, ABC, CBS, the BBC, and MSNBC. He has written eight books, including most recently Cybertraps for Educators. Find him online at FrederickLane.com and on Twitter (@fsl3).