Ingress and Pokémon GO collect a lot of data - what impact could this have on my privacy or security?

The range of possibilities is literally infinite, since the data collection and aggregation typically plays only a minor role in the overall malfeasance, whatever that may be.

Typically the worry surrounding location and other PII data is that it could be used to "identify" you in some context. By analyzing where you go, they may be able to deduce your favorite bar or club. Maybe they can deduce what sort of music you like by correlating that with band schedules. Perhaps if they want to steal your work, they'll send someone to meet you, seemingly by chance, who will steal your secret access tokens and leverage that to gain access to your encrypted files and steal the plans to your super top-secret thingamajig that clearly is important for this particular movie plot. If you aren't afraid about esoteric privacy risks, then clearly you don't watch enough television.

Aside from the far-flung movie-plot concerns which so typically drive legislation, here are the risk we know about for certain. These are things that happen today:

  • Law enforcement and similar Government Agencies use location data (typically freely-provided by the telephone company) to follow the behavior of persons of interest. Currently there is no automatic profiling going on here; you have to be "interesting" before you'd be watched, because someone actually has to be paid to look at this data. Perhaps your picture appears on two different passports, or perhaps you received a large deposit of money loosely connected with another investigation. But location data serves as a crude but inexpensive sort of surveillance useful to determine where to focus more costly resources.

  • Certain less-scrupulous organizations use location data (and anything else they can grab) for purposes of corporate espionage. We know that groups tied to the Chinese government or military use techniques both high-tech and low-tech, involving people as well as machines, to "acquire" corporate knowledge, including business practices, material science, manufacturing techniques, financial transactions and projections, and very nearly anything of value. It would not be even moderately surprising to see an attack on the Ingress servers in order to exfiltrate location data as part of another more complex attack. The scope of these operations is truly impressive by any standard.

  • More traditional organizations use personal data to lower costs. "We know that half of our advertising costs are wasted, but we don't know which half." Correlating identity with behavior is valuable in avoiding wasted advertising: advertising tampons to men is typically a wasted effort. The more specific the details you can acquire about a person, the better you can avoid deluging him with inappropriate messages. Ironically, this use of personal information is by far the least damaging (and arguably in fact beneficial), and yet it is also the most vilified.

We like to protect ourselves against personalized advertising, not because it does any damage, but because it's the only thing we typically see. We implicitly know that personal information can be used against us and therefore there is some safety in privacy. And we believe that this information is being used against us. But we don't worry about law enforcement and we don't see the espionage. We do see advertising, though. And for lack of a clearer villain, we fortify against that.


(Well, one of biggest the dangers of Ingress is driving or stepping into harm's way while playing the game, and I know of at least one nasty car accident. And then there is the risk of losing your job or relationship or use of your thumb due to its addictive properties....)

The privacy of geolocation data and association data between people is always a sticky problem that many apps and sites related to mapping, social networking and the like wrestle with. See e.g.:

  • Does Google log my activity on service A when logged in to service B or by IP address?
  • Is Facebook allowed to sell/give your information away to anyone willing to buy it?
  • iPhone Tracking debacle - risks and countermeasures

In that respect Ingress is more up-front than most:

You understand and agree that by using the Products, you will be transmitting your device location to Google, and that location will be shared publicly with other users through the game along with your submitted screen name (your code name). For example, your code name and location will be shared with all other users when you visit certain locations, similar to a check in.

Google's Privacy Policy – Policies & Principles describes "How we use information we collect".

Another concern is how others can obtain and use information about the times location of play by other players. Google attempts to reduce the impact via their Ingress Terms of Service that forbid users from privacy-violating actions like these: "extract, scrape, or index the Products or Content (including information about users or game play)". Note however that the use of javascript for the web "intel" site means that alternate clients are easily made which can be used for scraping. Google told the author of the Ingress Intel Total Conversion Plugin Review ( DeCode Ingress) to stop distributing it, but predictably derivatives have sprung up and are popular.

See also the advice and guidelines at:

  • Ingress Community Guidelines - Ingress Help