Privacy Scandal Haunts Pokemon Go’s CEO

Privacy Scandal Haunts Pokemon Go’s CEO


Within two weeks of its release last month, Pokemon Go, the augmented reality gaming sensation, surpassed, by one estimate, Twitter, Facebook, and Netflix in its day-to-day popularity on Android phones. Over on Apple devices, the game was downloaded more times in its first week than any app that came before it.The suddenly vast scale of Pokemon Go adoption is matched by the game’s aggressive use of personal information. Unlike, say, Twitter, Facebook, or Netflix, the app requires uninterrupted use of your location and camera — a “trove of sensitive user data,” as one privacy watchdog put it in a concerned letter to federal regulators.All the more alarming, then, that Pokemon Go is run by a man whose team literally drove one of the greatest privacy debacles of the internet era, in which Google vehicles, in the course of photographing neighborhoods for the Street View feature of the company’s online maps, secretly copied digital traffic from home networks, scooping up passwords, email messages, medical records, financial information, and audio and video files.Before Niantic Labs CEO John Hanke was the man behind an unfathomably popular smartphone goldmine, he ran Google’s Geo division, responsible for nearly everything locational at a time when the search company was turning into much more, expanding away from cataloging the web and towards cataloging every city block on the planet. Hanke landed at Google after his wildly popular (and admittedly very neat) CIA-funded company Keyhole, which collected geographic imagery, was acquired in 2004 and relaunched as Google Earth in 2005. By 2007, Hanke was running basically everything at Google that involved a map. In a 2007 Wired profile, (“Google Maps Is Changing the Way We See the World”) Hanke was lauded as a pioneer (“Led by John Hanke, Google Earth and Google Maps are delivering cartography tools to the masses”) and deified, appearing in photo with an enormous globe across his shoulders.It was an exciting time for Google. Google Maps had become indispensable, dumping the likes of MapQuest into obsolescence, and Google had great ambitions for turning surroundings into revenue. But before Google could sell the world back to its inhabitants, it needed to digitize it; around the world, fleets of sensor-laden Google cars roamed cities, back roads, and highways, snapping photos of buildings, posts, trees, and other features. Each vehicle was labeled a Street View Car by Google, a reference to the Street View feature their pictures enabled on Google Maps.

Google shared Street View imagery widely via an application programming interface, or API, and among the apps that owe a debt of gratitude to Street View Cars is Pokemon Go.Then, in April 2010, Germany’s data protection commissioner announced that Google vehicles had been illegally collecting Wi-Fi data. Further regulatory scrutiny and corroborating news reports eked out the truth: As they drove, Street View Cars were swallowing up traffic from unencrypted wireless networks. Germany’s federal privacy czar, Peter Schaar, said he was “horrified” and “appalled.”It eventually emerged that, in the U.S. alone, this collection went on for more than two years. The scandal, referred to as the “Wi-Spy” case as it was unfolding, resulted in:
Findings that Wi-Fi traffic collection was illegal by authorities in the United Kingdom, France, Canada, South Korea, and New Zealand.A bruising Federal Communications Commission investigation, which followed a director’s comment that Google’s activity “clearly infringes on consumer privacy” and which resulted in a $25,000 fine. A Department of Justice wiretapping investigation. A federal class-action case against Google, ongoing to this day, in which a district and appeals court have both ruled, against the company’s arguments, that the sort of data Google accessed is protected from interception under the U.S. Wiretap Act. (The Supreme Court has declined to hear Google’s appeal.)Lawsuits brought by authorities in Spain. Regulator intervention in Italy and Hungary.And a government investigation in Germany.(The Electronic Privacy Information Center, an advocacy group and vocal critic of Google’s during the Street View scandal, has a good overview of these actions.)Hanke, through a spokesperson, denied any knowledge of the Wi-Fi collection at the time it was happening, pinning blame on Google’s mobile division. But a unit within his division, not mobile, was the focus of the largest investigation into the matter by U.S. regulators, and it was his division whose vehicles did the actual collection. The way Wi-Fi traffic was intercepted under Hanke’s nose should alarm people who use, or whose children use, Pokemon Go.


Comments are closed.