Back in July of 2016, I wrote a short article for Network World entitled “The CIA, NSA and Pokémon Go."

While the title was certainly viewed as a bit “over the top” and “conspiracy theorist-y”, it was really just a collection of (in my opinion, rather bizarre) facts that – even without any sinister connection – were worth documenting. I am republishing it here, with some additional (increasingly odd) details added at the end. Some of the details relating to the exact permissions and capabilities of the Pokémon application have changed over the last few years… but everything else remains correct, factual, and up to date.

With Pokémon Go currently enjoying, what I would call, a wee-bit-o-success, now seems like a good time to talk about a few things people may not know about the world's favorite new smartphone game.

This is not an opinion piece. I am not going to tell you Pokémon Go is bad or that it invades your privacy. I’m merely presenting verifiable facts about the biggest, most talked about game out there.

Let’s start with a little history.

Way back in 2001, Keyhole, Inc. was founded by John Hanke (who previously worked in a “foreign affairs” position within the U.S. government). The company was named after the old “eye-in-the-sky” military satellites. One of the key, early backers of Keyhole was a firm called In-Q-Tel.

In-Q-Tel is the venture capital firm of the CIA. Yes, the Central Intelligence Agency. Much of the funding purportedly came from the National Geospatial-Intelligence Agency (NGA). The NGA handles combat support for the U.S. Department of Defense and provides intelligence to the NSA and CIA, among others.

Keyhole’s noteworthy public product was “Earth.” Renamed to “Google Earth” after Google acquired Keyhole in 2004.

In 2010, Niantic Labs was founded (inside Google) by Keyhole’s founder, John Hanke.

Over the next few years, Niantic created two location-based apps/games. The first was Field Trip, a smartphone application where users walk around and find things. The second was Ingress, a sci-fi-themed game where players walk around and between locations in the real world.

In 2015, Niantic was spun off from Google and became its own company. Then Pokémon Go was developed and launched by Niantic. It’s a game where you walk around in the real world (between locations suggested by the service) while holding your smartphone.

Data the game can access

Let’s move on to what information Pokémon Go has access to, bearing the history of the company in mind as we do.

When you install Pokémon Go on an Android phone, you grant it the following access (not including the ability to make in-app purchases):

Identity

  • Find accounts on the device

Contacts

  • Find accounts on the device

Location

  • Precise location (GPS and network-based)

  • Approximate location (network-based)

Photos/Media/Files

  • Modify or delete the contents of your USB storage

  • Read the contents of your USB storage

Storage

  • Modify or delete the contents of your USB storage

  • Read the contents of your USB storage

Camera

  • Take pictures and videos

Other

  • Receive data from the internet

  • Control vibration

  • Pair with Bluetooth devices

  • Access Bluetooth settings

  • Full network access

  • Use accounts on the device

  • View network connections

  • Prevent the device from sleeping

Based on the access to your device (and your information), coupled with the design of Pokémon Go, the game should have no problem discerning and storing the following information (just for a start):

  • Where you are

  • Where you were

  • What route you took between those locations

  • When you were at each location

  • How long it took you to get between them

  • What you are looking at right now

  • What you were looking at in the past

  • What you look like

  • What files you have on your device and the entire contents of those files

I’m not going to tell people what they should think of all this. I’m merely presenting the information. I recommend looking over the list of what data the game has access to, then going back to the beginning of this article and re-reading the history of the company.

== Update: April 14th, 2020 ==

In March of 2017, a little less than a year after this article was originally published, WikiLeaks released what they called “Vault 7." A series of documents that was purported to be a large leak of CIA related documents focused heavily on hacking and electronic surveillance.

Among those documents was a list of code names, descriptions, and various details around Android specific exploits.

Of the code names listed… almost a third of them were Pokémon names. Between that and the CIA investment (via In-Q-Tel) in Niantic (the company behind Pokémon Go)… I mean, that's just a heck of a lot more Pokémon than one would expect from the CIA.

One other little tidbit:

The original CEO of In-Q-Tel was a man named Gilman Louie. Louie received multiple awards for his work with In-Q-Tel - including CIA Agency Seal Medallions, Director's Award by the Director of the Central Intelligence Agency, and Director of National Intelligence Medallion – which included investing in Keyhole.

Louie now sits on the board of directors of Niantic.

In 2019 alone, Pokémon Go earned $1.4 Billion (USD). As of February 2019, the game had been downloaded over One Billion times.

====

The articles here at the Lunduke Journal are often also available as a Video episode and Audio Podcast.

Ways to watch the show: LBRY, YouTube

Ways to listen to the show: RSS Podcast, iTunes, Google Play Music, Spotify

Ways to read the articles: RSS Article Feed.

The Lunduke Journal wouldn't be possible without the support of Linode. Linode provides some of the awesomest Linux server hosting in the world – sign up using this link to get $20 hosting credit. Which ain't too shabby.

Ways to support The Lunduke Journal:

  • Pick up a nice, nerdy T-Shirt over at The Lunduke Store.
  • Become a monthly patron over at Patreon. This grants access to the exclusive, weekly “Ask Lunduke” show as well as the “Lunduke Journal Quarterly” PDF.