Within two weeks of its release last month, Pokemon Go, the augmented reality gaming sensation, surpassed, by one estimate, Twitter, Facebook, and Netflix in its day-to-day popularity on Android phones. Over on Apple devices, the game was downloaded more times in its first week than any app that came before it.
The suddenly vast scale of Pokemon Go adoption is matched by the game’s aggressive use of personal information. Unlike, say, Twitter, Facebook, or Netflix, the app requires uninterrupted use of your location and camera — a “trove of sensitive user data,” as one privacy watchdog put it in a concerned letter to federal regulators.
All the more alarming, then, that Pokemon Go is run by a man whose team literally drove one of the greatest privacy debacles of the internet era, in which Google vehicles, in the course of photographing neighborhoods for the Street View feature of the company’s online maps, secretly copied digital traffic from home networks, scooping up passwords, email messages, medical records, financial information, and audio and video files.
Before Niantic Labs CEO John Hanke was the man behind an unfathomably popular smartphone goldmine, he ran Google’s Geo division, responsible for nearly everything locational at a time when the search company was turning into much more, expanding away from cataloging the web and towards cataloging every city block on the planet. Hanke landed at Google after his wildly popular (and admittedly very neat) CIA-funded company Keyhole, which collected geographic imagery, was acquired in 2004 and relaunched as Google Earth in 2005. By 2007, Hanke was running basically everything at Google that involved a map. In a 2007 Wired profile, (“Google Maps Is Changing the Way We See the World”) Hanke was lauded as a pioneer (“Led by John Hanke, Google Earth and Google Maps are delivering cartography tools to the masses”) and deified, appearing in photo with an enormous globe across his shoulders.
It was an exciting time for Google. Google Maps had become indispensable, dumping the likes of MapQuest into obsolescence, and Google had great ambitions for turning surroundings into revenue. But before Google could sell the world back to its inhabitants, it needed to digitize it; around the world, fleets of sensor-laden Google cars roamed cities, back roads, and highways, snapping photos of buildings, posts, trees, and other features. Each vehicle was labeled a Street View Car by Google, a reference to the Street View feature their pictures enabled on Google Maps. Google shared Street View imagery widely via an application programming interface, or API, and among the apps that owe a debt of gratitude to Street View Cars is Pokemon Go.
Then, in April 2010, Germany’s data protection commissioner announced that Google vehicles had been illegally collecting Wi-Fi data. Further regulatory scrutiny and corroborating news reports eked out the truth: As they drove, Street View Cars were swallowing up traffic from unencrypted wireless networks. Germany’s federal privacy czar, Peter Schaar, said he was “horrified” and “appalled.”
It eventually emerged that, in the U.S. alone, this collection went on for more than two years. The scandal, referred to as the “Wi-Spy” case as it was unfolding, resulted in:
- Findings that Wi-Fi traffic collection was illegal by authorities in the United Kingdom, France, Canada, South Korea, and New Zealand.
- A bruising Federal Communications Commission investigation, which followed a director’s comment that Google’s activity “clearly infringes on consumer privacy” and which resulted in a $25,000 fine.
- A Department of Justice wiretapping investigation.
- A federal class-action case against Google, ongoing to this day, in which a district and appeals court have both ruled, against the company’s arguments, that the sort of data Google accessed is protected from interception under the U.S. Wiretap Act. (The Supreme Court has declined to hear Google’s appeal.)
- Lawsuits brought by authorities in Spain.
- Regulator intervention in Italy and Hungary.
- And a government investigation in Germany.
(The Electronic Privacy Information Center, an advocacy group and vocal critic of Google’s during the Street View scandal, has a good overview of these actions.)
Hanke, through a spokesperson, denied any knowledge of the Wi-Fi collection at the time it was happening, pinning blame on Google’s mobile division. But a unit within his division, not mobile, was the focus of the largest investigation into the matter by U.S. regulators, and it was his division whose vehicles did the actual collection. The way Wi-Fi traffic was intercepted under Hanke’s nose should alarm people who use, or whose children use, Pokemon Go.
Google itself tried to escape responsibility as the scandal unfolded, dismissing concerns, rebuffing investigators, and evincing the sort of hubris and arrogance for which the engineer-dominated company has been repeatedly criticized.
In a blog post published at the very beginning of the scandal, Google denied any wrongdoing, saying it had copied no traffic from inside Wi-Fi networks, but rather gleaned “information that identifies the network and how that network operates,” like the name of your router, which you assume to be public anyway.
This narrative was short lived: Two weeks later, as international scrutiny increased, Google shifted from outright denial to scapegoat tactics, admitting it had copied traffic, but only “mistakenly” and mostly in “fragments.” Google attempted, amazingly, to divert blame from the cars operating on behalf of Hanke’s operation onto one single unnamed rogue “engineer working on an experimental WiFi project.”
A vice president from Hanke’s Geo division two months later acknowledged in a blog post that “serious mistakes were made in the collection of WiFi payload data, and we have worked to quickly rectify them … the WiFi data collection equipment has been removed from our cars.” But Google continued to call the traffic collection a mistake.
Then, three months after that, yet another official post repeated that the collection was “mistaken” but only specifically acknowledged collecting emails, URLs, and passwords.
Only after repeated and increasingly vociferous inquiries from the FCC, which was frustrated that Google had “deliberately impeded and delayed” its investigation, did the company reveal the truth, which was summarized in blunt 2012 commission report. Far from acting on his own, the supposedly rogue “Engineer Doe” (as the report referred to him) had collaborated on and discussed openly his “piece of code” with several other Google engineers, including superiors.
In fact, he’d tried to warn his colleagues, sending his software code and a design document to the leaders of the Street View project, who in turn forwarded it to the entire Street View team. “The design document,” the FCC wrote, “identified ‘Privacy Considerations’ and recommended review by counsel, but that never occurred.”
This design overview stated quite plainly that “a typical concern [with the project] might be that we are logging user traffic with sufficient data to precisely triangulate their position at a given time, along with information about what they were doing.”
Warnings don’t come clearer than that.
The FCC report went on to show that while planning the Wi-Fi collection project, on “at least two” occasions, “Engineer Doe specifically informed colleagues that Street View cars were collecting payload data,” and even shared portions of the collected personal traffic. In a 2008 email, one of these colleagues, “a senior manager of the Street View project,” called Engineer Doe’s analysis of 300 million Wi-Fi traffic packets containing 32,000 web addresses “interesting” and asked, “Are you saying that these are URLs that you sniffed out of Wifi packets that we recorded while driving?” The engineer’s reply confirmed this to be the case: “The data was collected during daytime when most traffic is at work (and likely encrypted). … I don’t think the numbers are high enpugh [sic] for a good sample.”
Data turned over to European regulators and reviewed by the FCC further showed that essentially all types of computer data were collected, including information related to online dating and sexual preferences.
In the end, the unencrypted internet habits of possibly hundreds of thousands of people were secretly scraped up and stored while the cars were carrying out their publicly stated mission of collecting the locations of wireless networks. Google’s cars weren’t just sniffing out the names of wireless routers, but also sucking down all of the unprotected information being sent to and from those routers as the vehicles drove by, including visited websites, search queries, and emails. Of course, even a brief sample of a person’s internet traffic can reveal a great deal that they would prefer remain between them and the computer.
The camera of a German Google Street View car looms over the car next to the Google logo at the Google stand at the CeBIT Technology Fair on March 3, 2010 in Hannover, Germany.
Photo: Sean Gallup/Getty Images
All of this happened while John Hanke led the Geo division, including Street View and Maps, as vice president for product management. Google eventually imposed a set of privacy reforms, but it’s unclear, even before those changes, why no one intervened when engineers spoke openly about collecting the internet traffic of strangers. It may have had to do with the culture inside Google; in a 2009 interview with The Times of London, a year before the scandal began, Hanke said:
“As a company we may not make 100% of everybody happy in all situations but I don’t think you can live your life as an individual or as a company not wanting to step on anybody’s toes. We have to chart a course between the benefit that can come from something and adhering to social mores and the law.”
Soon after the FCC published its findings, the New York Times identified “Engineer Doe” as Marius Milner, a security researcher and well-known figure in the hacker community. Milner at the time declined to elaborate on his role in the data fiasco, saying only that Google’s claim that he acted alone “requires putting a lot of dots together.” Milner confirmed to The Intercept that he still works at Google, meaning the rogue engineer outlasted John Hanke by four years, but said he “never met him.”
Milner, as it happens, does have his own link to Pokemon Go: He and Hanke co-authored with three others a patent held by Niantic on a “System and Method for Transporting Virtual Objects in a Parallel Reality Game.” Milner told me that the patent stemmed from “hatching some ideas with a personal friend that was one of the other co-authors” and that he never discussed the patent with Hanke. It’s worth noting that Google filed the patent in 2012, two years after the company scapegoated Milner as a supposedly lone, rogue engineer. It was granted by the U.S. Patent and Trademark Office in 2015, when it was assigned to Niantic, then a little-known augmented reality startup.
Hanke had begun Niantic inside Google in 2010 as an autonomous business unit, according to news reports, before the unit was spun off late last year to free Niantic up to work with a wider variety of partners. Google and Nintendo joined to put $20 million into the company, though the exact size of Google’s stake remains unclear.
As Niantic left Google, it took the Milner-Hanke patent with it. The patent discusses, at length, how a game such as Pokemon Go could be used to collect real-world data from a player without them knowing it:
The game objective can be directly linked with a data collection activity. An exemplary game objective directly linked with data collection activity can include a task that involves acquiring information about the real world and providing this information as a condition for completion of the game objective.”
The patent also cites, for illustrative purposes, an academic paper from The International Journal of Virtual Reality, “Playful Geospatial Data Acquisition by Location-Based Gaming Communities” by Sebastian Matyas, which includes as its introduction the following paragraph:
“To our opinion, the real challenge lies in motivating the user to provide the data constantly, even after the exciting appeal of technological innovation at the beginning wears off. The data acquisition process should be entertaining for a possible contributor to engage him in the long run. We convince that entertainment and fun are an important design aspect of such data collecting services.”
When asked if he had worked with Hanke’s Street View team, as stated throughout the FCC report, Milner said he was unable to comment. Google did not respond to a request for comment.
Hanke, through a spokesperson, more explicitly distanced himself from the controversy. A Niantic representative communicating on his behalf said “he was not the boss of what happened” and that he had no prior knowledge of the wireless eavesdropping, which, the spokesperson said, was ultimately the fault of Google’s mobile division, even though it was conducted via Street View Cars operating on behalf of Hanke’s division.
The FCC’s report on the Wi-Spy scandal is squarely focused on Hanke’s Street View team and never mentions the mobile team. It also offers one possible explanation for how Hanke can claim he had no knowledge of the eavesdropping: Despite Milner’s (or “Engineer Doe’s”) written and verbal attempts to keep Street View leadership in the loop about the wireless data collection he was doing, he was often simply ignored. The FCC said, “in interviews and declarations, managers of the Street View project and other Google employees who worked on the project told the Bureau they did not read Engineer Doe’s design document” even though it was sent to the entire Street View team.
The confusion about responsibility for Milner’s actions may stem from the fact that he was actually working for Google’s YouTube at the time — which is not part of either Hanke’s Geo division or the mobile team — and created his Wi-Fi collector as a side project under Google’s “20% time” policy. While Google has said wireless collection was initiated by “our mobile team,” it made clear in the same blog post that said team was not in control of Milner’s actions, since “project leaders did not want, and had no intention of using, payload data.”
Meanwhile, the data collected by Milner’s software, about the names and location of wireless access points, was deployed on Street View Cars (working on behalf of Hanke’s divsion) and was used for helping pedestrians and drivers locate themselves on the mobile version of Google Maps (part of Hanke’s division) and on Google’s mobile operating system Android (a different division). In a post on the company’s “Official Blog” about the matter, Google mentioned both Google Maps (again, part of Hanke’s division) and the mobile team (not part of Hanke’s division) as recipients of data from Milner (who worked for neither).
Clearly, no one at Google is eager to claim Wi-Spy as their own, Hanke included.
Today, given the spread of Pokemon Go and sensitivity of the data it accesses, it’s less important that Hanke now blames the mobile team for the Wi-Spy scandal than that his division, unwittingly or not, became the vehicle — or vehicles, to be precise — through which one engineer was able to collect massive amounts of hugely sensitive data, while managers and engineers from Hanke’s division repeatedly ignored explicit warnings, written and verbal, about what was going on from that engineer, according to the most thorough published investigation of the matter by a U.S. government entity.
Electronic Privacy Information Center, the privacy watchdog, is already putting pressure on Niantic and its CEO.
In a letter to the FTC sent this month, EPIC argued that “history suggests Niantic will continue to disregard consumer privacy and security, which increases the need for close FTC scrutiny as Niantic’s popularity – and trove of sensitive user data – continues to grow,” and added that “given the prior history of Google Street View, there is little reason to trust the assurance regarding the current state of Niantic’s data collection practices.”
Reached via phone, EPIC Consumer Protection Counsel Claire Gartland stressed to me that the Street View scandal should make any Pokemon Go player “think twice about whether you can take them at their word” and that the FTC should “pay closer attention to this and make sure that [Niantic’s] data collection practices are on the up and up.”
It’s so important to make sure Niantic’s collection practices are “on the up and up” because we already know that they are vast. Pokemon Go’s official privacy policy makes this clear:
We collect and store information about your (or your authorized child’s) location when you (or your authorized child) use our App and take game actions that use the location services made available through your (or your authorized child’s) device’s mobile operating system, which makes use of cell/mobile tower triangulation, wifi triangulation, and/or GPS. You understand and agree that by using our App you (or your authorized child) will be transmitting your (or your authorized child’s) device location to us and some of that location information, along with your (or your authorized child’s) user name, may be shared through the App…
We collect certain information that your (or your authorized child’s) mobile device sends when you (or your authorized child) use our Services, like a device identifier, user settings, and the operating system of your (or your authorized child’s) device, as well as information about your use of our Services while using the mobile device.
Niantic reserves the right to share some of the information it collects, in what it claims is a “non-identifying” form, with third parties “for research and analysis, demographic profiling, and other similar purposes.” This would be a lot of sensitive information to entrust even to a CEO with a good record of respecting the privacy of strangers. And in fact, in the very first week of Pokemon Go’s release, Niantic caused a brief privacy scare when it was discovered that the app asked for far broader access to users’ Google accounts than was necessary. The company responded almost immediately:
“We recently discovered that the Pokémon Go account creation process on iOS erroneously requests full access permission for the user’s Google account. … Google has verified that no other information has been received or accessed by Pokémon Go or Niantic.”
All that was missing was a rogue engineer.
Correction -Apparatus
Turn the national security complex apperatice back on them police them!
We must usher in an age of accountability. Take away the ill gotten limited accoutability corporate personhood prosecute the executives individually. Hold Mountain View trials
Privacy benefits us all it’s a must for a free and equal society. Invasion of it should be a schedule 1 offense. Lock all the sociopaths up that violate it our prisons should be full of them the prison for profit complex could make billions!
question is what if they do something wrong?! Where is the oversight where’s the checks and balances Men Are Not Angels! we the people must have recourse we must have legal power 2 exercise and protect our fourth amendment we must exercise our rights! we must have the rule of law. Lets put this ass hole CEO in jail where he belongs to keep us safe!
Jail time! why do we continue to trust these people why do they continue to roam free why do they continue to roam free. should be prosecuted to the full extent of the law. Google is the government plausible deniability artificial super intelligence must be checked East Germany Google Earth is unacceptable and very an American maybe the Second Amendment folks should do something about it
Pokemon. Thank God I don’t anything about it, apart from the fact it’s not some miracle food from the foothills of the Himlayas that keeps some local villagers livng for far too long.
Actually, the motto: “If you have got nothing to hide, you have got nothing to fear”, is of no recent vintage at all and has been used and paraphrased in prose and poetry, fiction and fact for a long time, but the one that started using it in the way we use it now was Nazi Reich Minister of Propaganda Joseph Goebbels.
Nazis didn’t have either an NSA, or “secret interpretations of laws”, but a tendency to use clear, open, telegraphic propaganda which seemingly innocuous statements such as „Arbeit macht frei”. Doesn’t it? What kind of people would have a problem with that?
Nowadays, people who don’t understand human nature think that was just deceptive Nazi [email protected], but to me there is no essential difference to when Obama says: „Niemand hört Ihre Telefonanrufe”
// __ Obama: ‘Nobody Is Listening to Your Phone Calls’
youtube.com/watch?v=KVY3mq6B-5w
~
The lawyer he is, he started to contextualize and dress his lies. When Obama, Goebbels, all kinds of politicians and police, some business people make such statements they are not lying (in the same of purposefully not saying the truth that we mere mortal proles understand it), but “responsibly using persuasion for the noble greater good” and “doing us the favor” of not telling us the truth, only the truth, nothing but the truth, which should hopefully set us all free. If you think of it TheIntercept doesn’t do things that much different with their tut-tut articles, “redactions” and “ethical journalism” …
From the many “interpretations” of that b#llsh!tting one liner my favorite one is William Binney’s: “one of the fundamental problems with that kind of illusive mindset is that you are not the one deciding if you have something to hide or not”
They say: “One man’s trash is another man’s treasure” and in adds they say “so many people can’t be wrong”
I think you are abusing charliethreeee, but …
he has a point. How is theIntercept doing their “maximal impact” thing? How is it reaching out to “We the people” out there? How is it achieving anything whatsoever concrete? And with concrete I don’t mean that about article about some USG official citing you:
https://theintercept.com/2016/08/11/fec-commissioner-citing-the-intercept-calls-for-new-ban-on-foreign-money-in-politics/?comments=1#comments
(oh, my God look at that talking dog, talking about me!?! ) but actual prosecutions, important changes in laws, enough people voting for Jill Stein …
RCL
An American, as Tocqueville posited have all prerequisites of a fascist man, alienated, unconnected to society and largely estranged from family usually scattered all over the country, with severed human bonds replaced by artificial precarious relationships with cartoonish game or flat TV characters called friends or acquaintances negotiated by money or influence, full of uncertainty, fear of authority and loathing of change, covering up horrible spiritual emptiness and loneliness with quasi-religious patriotic, highly emotional desire to belong and hence wholeheartedly submitting to any imposed rule, participating in anything, any public spectacle or charade approved by the rulers and compete for recognition and “love” of the opulent and powerful. Those are proud and happy living open book life exposed to all kinds of authorities based on infantile trust in father-like figure of a hopefully enlightened despots who will take care of them needs be while doom insubordinates.
That’s exactly the problem, many Americans, similarly to Soviets or East Germans back then do not see any problem with being surveyed 24/7, and see no evil in creating huge databases that hold their entire life profiles satisfied with soviet-style propaganda “if you did nothing wrong you have nothing to fear”. Need of privacy was seen in pejorative ways, conniving, hiding, holding on to, likely undeserved gain, conspiring against those who are involved in civics or God forbid government.
Now as Pokemon Go proved, they even do not see a problem with being coerced, enticed or directed what to do, where to go and when. Classical machinic unconscious mental state.
People under influence of it see no problem in being directly controlled [by what they are told is a game or whatever can be propagandized as legitimate or pleasurable] not knowing what true purpose their actions to what end they serve and that’s what this Pokemon Go sociological experiment was all about.
Research question: Will people acquiesce, succumb to direct, immediate control? The answer is resounded yes. And hence doom of 1984 awaits us or it is already here.
Remember those TV screens in 1984 not only recorded and observed people’s demeanor and behavior but also most of all coerced them to act and coerced them to profess whatever needed to be professed.
Somebody said that enslavement would come back not with blunt force or ugly evil face but with a cute face like Pokemon. And it did.
Ha! I just thought about this from your post: what kind of info is being collected on the facial expressions of the players? They have the phone directly in front of their face the entire time they’re playing. Although, it’s not much different from the telescreens — we call them “smart tv’s” or simply “Alexa.”
We’ve gone so far past 1984 it’s ridiculous.
Is the US Justice Dept clueless or do they agree to play politics with this stuff? They’re data gathering under cover of a game. Maybe only 1% of the time. Are you willing to be the 1% ???
Start with Oakland P.D. and work your way to Sterling and Iron Ore.
I really love this game, but the more I learn about Niantic’s history, the more doubts I have about how the company will use my personal data.
I love Google Earth. I spend an inordinate amount of time on it researching all manner of historical sites. But the fact of it is that it was designed by people with spying, weapon systems, control systems and vast money-making in mind and the more we climb on board the further these people will take us down the path to their ultimate destination. I feel my use of it somewhat counterbalances and undermines its unpleasant primary design functions.
A $25,000 fine is beyond pathetic and shows a complete disinterest by anyone in power to halt US companies and government agencies inexorably taking control of our lives through our dependence on digital technology. If a single individual did even a fraction of what Google have done they would face serious repercussions both legally and from the people around them. Unfortunately, the US loves to make these companies so powerful and monopolising there is little hope of resisting them or boycotting them.
Pokemon Go, like Facebook before, preys on the naive trust of our children to access their personal information for commercial and control purposes and to slowly erase their willingness and ability to resist such invasions. It is, quite frankly, a disgusting outrage that no one seems willing to stop.
I also love Wikipedia and await the sad day when it finally gets hijacked by the federal and corporate Yankie mobsters that rule the world. They must secretly hate and covet it and will have designs to grab it some day. I feel like these people are unrepentant and recalcitrant rapists who cannot resist the urge to put their hands in our pants and get their filthy fingers all stinky messing with our private parts. I most sincerely hate them and wish them the worst of ills and curse them with my strongest hexes for they are the scum of the Earth.
I may have fallen in love with you a little bit after reading your comment. I couldn’t have ever articulated your message as perfectly as you did.
Clearly human relationships are illegal and akin to criminal acts, sedition, and treason.
Pay. Attention. People. We need to look deeper at this Pokemonster mash. Break on through to the other side, as the song goes. Google is evil. Can we ever fully plumb the depths? I think not. And I havent even played with a Pokemon in almost a decade, though youd hardly be able to tell it from my pendulous card collection. Needful Things, ya follow?
Er Stranger Things. That Netflix show. Demigorgons and flipped Kaku dimensions and stuff.
Fellow writes:
Building and using equipment intended to pickup and record all the wifi transmissions in an area is not at all like hearing someone shout in a garage and very much like drilling holes in all the houses in a neighborhood and inserting mikes.
1. It requires a huge effort; it doe not occur accidentally.
2. It is done on the sly with misleading stated intentions.
3. It is done with the intention of using the information.
In other words, nice try, but if you want payment from your masters, you better learn to do better.
I stopped reading at uninterrupted use of your camera. You don’t know shit.
We all had to know Pokemon Go couldn’t remain as popular as it was forever. Anything with that much hype that relies on technology is going to have issues down the line. Now that it seems Pokemon Go is on the downfall, Im literally selling all my Pokemon games and stuff on price comparison sites to try and make money on them while they are still worth something. I suggest other people do the same, I found a good site called https://www.bonavendi.com/ but I’m sure there are some other good ones. I just wanna get the most money I can for my pokemon stuff while people are still interested in this game to be honest. Genuinely its a shame though because I was really excited about this game when it came out to be honest, it really seemed like it brought alot of people together and was really fun to play. Now Im not sure how it is going to pan out with all of these alterations in being able to tell the distance of Pokemon youre hunting, and obviously the lawsuits that have ensued over development. Anyway I hope this helps any fellow Pokemon hunters trying to make some money on their old Pokemon stuff while you still can. Thanks for the article Sam, you did some good research. I actually read the whole thing which is often rare for me haha
CIA thumb print all over as Putin puts it
wasn’t going to post to this thread – until I found a certain article at The Guardian.
AJ, who posted waaay down thread —– you have it correct. “Because the general public has an impressive track record of remaining oblivious to privacy threats? Paging every social media site ever…” Folks are and seem to stay in denial until it affects them VERY personally…
https://www.theguardian.com/technology/2016/aug/09/maxmind-mapping-lawsuit-kansas-farm-ip-address
Why would anyone even download this Pokekon “Go” in the first place? And I still don’t see why anyone is on facebook… There’s way too much blurring the lines between tech companies,data gatherers, advertisers, gov’t and all. AJ, unfortunately you have a real nugget of truth there.
i once met someone doing her thesis on “personal power”. It seemed very interesting but i was too dumb or ignorant to appreciate the value of her study.
Sounds like the US government is involved in both Niantic and Google Maps.
Fantastic GIF (image credit?)
This vacuuming of user data practically sounds like a Russian inversion.
In Googleland, Pokémon GO hunts YOU.
Swell. Now the spy guys can mask themselves as google or pokemon. Or is it the other way around?
Funny that there is no mention in this piece of the Eric Schmidt/Google government connections.
Because of this glaring omission, the author comes across as a useful idiot, used to misdirect the reader away from those connections.
Ask Julian Assange about it…
Hanke has already collected the data. Niantic’s first game, Ingress, encouraged people to submit pictures of interesting landmarks, buildings and restaurants for Ingress to turn into “portals” – places you can capture on the map for your team and defend from the rival team, or “hack” to get more gear. That was over 4 years ago and over this time millions of these portals were created for Ingress players to use. He also measured where people were most likely to go, so places with the highest concentration of Ingress-playing human traffic also have the most “XM” energy, which players could gather to attack and defend their portals. So when it came time for Pokemon Go, he didn’t need to solicit even more data – they simply took the Ingress map and superimposed the Pokemon gameplay. The portals turned into gyms and PokeStops and the XM energy concentrations became the best places to hunt down Pokemon. So they don’t really have to do much more incrementally, the map and the data have already been built, so kids can breathe a bit easier…
I mean, sure, but that is ignoring other factors, like the gamification of captchas combined with google street cars and stuff out of the Monmenier book “Spying With Maps”. Trying to separate any one thing from another to figure out how we got here in this whole privacy mess can’t really be done well, and I think the author’s approach in this article is quite adroit, as is your insight, Steve. I think the public might get tricked into revealing themselves, even if they dont mean to.
This Game was in the Works for a very long time, so while it isnt exactly novel, it is definitely not new. Maybe it is a joke on the public, with a very black sense of humour, ‘gotta catch em all!’ sorta thing. Like foursquare wasnt enough data. LOL.
Well, Sam Biddle does have a knack for an interesting spin with facts. Does he really ever stop to think how UPS or the USPS or Papa John’s pizza uses their geo-location data..? Does he dare stop to consider how any switch admin personnel at Verizon or Simply Safe can use their data to report how many people are at a house at 3 AM in the morning smoking weed..? Heck, we wonder if Sam understands how free “Obama-phones” can be tracked to provide far better data in real time than “Pokeymon smoke”..? The only thing different between a VISA or AMEX data dump and Pokeymon GO is that the players of Pokeymon GO can now use their phones to tap who is watching on the shoulder in real time.
Mr. Biddle really needs to tell the Intercept readers that they are being tracked no matter what . Its one thing for Mr Biddle to tell readers how a game can track you when in reality he should be telling the readers to play “pokey” to track their tax dollar, or church donations, or oil station owner Nigerian bribes, or ISIS Imam investments in real time. 400 Million to Iran is being tracked ….how…? I dare say a “pokey player” in America can find a teammate in Tehran to surround a bank account visa card. Leslie Jones knows how to pokey her way to Rio for free while being a twitter super fan. Dare to wonder if she can capture Glenn in a press box..? Pokey….knowz….
Lol thats hokey!!!!!!!!
Some find the enormous increase in truancy convictions, based on Pokemon-Go geo-location data, to be concerning. But shouldn’t those children have been in school? If they and their parents spend the next decade in jail, attendance rates at schools will undoubtedly rise. Everyone agrees this would be a good thing.
Sometimes you have to accept a little loss of privacy to reap the rewards of the new digital world.
Username checks out.
Quiere decir que tienen ojos y oidos en todas partes, y direccionan las personas hacia donde quieren ver
The data was unencrypted though. Is there any reasonable expectation of privacy when you’re publicly transmitting data?
When you send a letter through the mail, and you didn’t encrypt the content, is there any reasonable expectation that your letter won’t be copied and stored in a file for later access by government agencies or corporate marketers?
I think the letter case is the difference between drilling a hole in someone’s house to overhear them, and hearing them yell in their garage. What google did with the WiFi is more like the garage scenario, and the letter is drilling a hole. Taking active measures to bypass security is the issue, if you are in public with no security there is no expectation.
What legitimate purpose would one have to record all that crap?
And isn’t this covered by the Communications Act of 1934, 18 U.S. Code § 2511?:
Children are being video taped, live miked and geolocated.
s/children are/everyone is/g
There, ftfy.
Google and Niantic are probably collaborating to maximize user data collection, as part of Google’s ad revenue strategy.
This after all is the Google/Facebook/Oracle advertising revenue model: collect as much data about user locations and habits as possible, then charge businesses to deliver “targeted ads” to users based on their profiles. This involves aggregating all user data in one place (a “data management platform”), then dividing users up into groups (creating “audience segments”), then sending them advertising based on their group profile:
https://www.democraticmedia.org/content/google-expands-data-profiling-new-dmp-1st-and-3rd-party-info-targeting
However, if the FBI or other government agency wants access to all these records, which they are not allowed to collect themselves (or don’t have access to the NSA database), they merely have to issue “National Security Letters” or use Section 215 of the Patriot Act (without any judicial oversight, i.e. warrants) to get all that data from Google or Facebook.
And obviously, governments could use this same “data-management platform” approach to group citizens as “malcontent”, “subversive”, etc. based on web traffic, emails, etc.
P.S. Googling “data management platform” and “surveillance” comes up with some interesting domestic and foreign mass surveillance proposals by military-industrial contractors. This one is for the U.S. Air Force and utilizes Lockheed-built spy satellites, but the authors propose domestic commercial sales as well:
Hmm. . .
and
https://nsa.gov1.info/surveillance/
i kinda hate to say it, but the people who died of old age before 911, LUCKY.
“A bruising Federal Communications Commission investigation, which followed a director’s comment that Google’s activity “clearly infringes on consumer privacy” and which resulted in a $25,000 fine.”
Ha-ha-ha. That’s a good one. These guys probably spent that much on their celebratory dinner.
It would be like one of us “little people” getting a 65 cent speeding ticket.
“And ye shall know the truth and the truth shall make you free.”
And so the seed was planted and soon begat:
“As a company we may not make 100% of everybody happy in all situations but I don’t think you can live your life as an individual or as a company not wanting to step on anybody’s toes. We have to chart a course between the benefit that can come from something and adhering to social mores and the law.”
Go right to the source.
https://www.cia.gov/about-cia/headquarters-tour/headquarters-photo-tour
Good article and great reporting. Agree 25K$ fine was a joke.
Did you know that CIA’s motto is hidden in Kryptos section 4, in the form of metadata?
OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTT MZFPKWGDKZXTJCDIGKUHUAUEKC
OBKRU (5) SPACES
OXO (3) “FREE”
GHULBSOL (8) VOWELS
I “YOU” (=3)
F (1)
BB (+2) (B FOR SQB, SQL QUERY BUILDER)
WFLRV (5) (LENGTH SHALL)
QQ (Q, FOR SQB, SQL QUERY BUILDER)
PRNGK (5) (LENGHT TRUTH)
SS (S, FOR SQB, SQL QUERY BUILDER)
OTWTQSJQ (8) 1988
SS “SHALL SET”
EKZZWATJKLUDIAWINFBNYPVTT (23) LETTERS, NYPVTT=BERLIN or (4)TT (FO(U)R “THE TRUTH”)
MZFPKWGDKZXTJCDIGKUHUAUEKC (28) LENGTH
THE TRUTH SHALL SET YOU FREE
However, for the correct answer to CIA’s Kryptos riddle in a riddle, see comments section of TI’s Kryptos article, Christmas 2015.
#BerlinClock #SetTheoryClock #LetFreedomRing #ItsTime
Nearly as sick as “Arbeit Macht Frei”
That’s kinda like Falken’s Maze, Mr. Potatohead. Goose Neck, Or Reagan? I definitely picked the wrong week to stop sniffing glue.
Photo tour interesting and probably good to know. But what happens vis a vis these articles is really really bad, too.
What I care about is for Edward Snowden, Chelsea Manning & other whistleblowers (the list is long) to be set free and/or done justice (compensated). I shared a Delta boarding pass dated 9-11-1991 with TI, together with a letter that I shared with the US Embassy in Berlin to no avail. As for the CIA, I’m sure they figured out what …—… stands for in Kryptos.
“And ye shall know the truth and the truth shall make you free.”
2014 Presidential Citation for Science and Society
AGU Presidential Citations for Science and Society
Awarded to leaders whose work has advanced understanding and appreciation of the value of Earth and space science to society.
Google Earth – Phil Keslin who led the development of the Earthviewer application, accepted the award on behalf of Google Earth. Phil currently serves as the chief technology officer for a small mobile application startup lab within Google that is exploring the convergence of mobile technology, geospatial information, and social networking. The founders of Google Earth have demonstrated great vision in the development of their software, and Google Earth has made vividly clear the real-world applications and benefits of Earth and space science for communities and individuals.
https://spc.agu.org/2014/presidential-citation-science-society/
even the top USA presidential science “experts” can be deluded
That illustration is amazing — ?????
“All the more alarming, then, that Pokemon Go is run by a man whose team literally drove one of the greatest privacy debacles of the internet era”
1) If Pokemon is so alarming, why is it so popular? Answer: it’s only alarming to the handful of people who agree with Sam.
2) If this was the greatest privacy debacle of the internet era, why did you have to spend the entire article describing what happened several years ago? Answer: it was not the greatest debacle of the internet era,
Since when have popularity and cause for concern ever been mutually exclusive?
Whether they are mutually exclusive is irrelevant. It’s a given that any one of us can have a concern over something popular. That was not my point sir.
My point is that it’s not alarming to anybody but you and those who just accept your reasoning without question. Should it alarm anybody here? Long before 9/11 the corporate world has been tracking us legally. The porn industry certainly doesn’t respect privacy and porn has been a staple throughout. Being tracked online and through our phones has been ongoing for decades. After a certain point it is no longer alarming. Lack of internet privacy is just the way it is and if you don’t like it, follow the advice of Micah.
Furthermore, how is the Geo thing the greatest privacy debacle of the internet era?It seems like you only said that to justify 90% of your article being dedicated to something that happened years ago.
Don’t just puke up articles like they do on Gawker just to submit something. We don’t need another Gawker. We need a place where Scahill and the other founders can publish the important stuff.
I’m okay with the interns turning stuff like this in (I grief them too) but you have no excuse.
Give it a rest, Hanke!
“If Pokemon is so alarming, why is it so popular?”
Because the general public has an impressive track record of remaining oblivious to privacy threats? Paging every social media site ever…
Exactly, it’s not alarming to you either…