iOS version of Pokémon Go is a possible privacy trainwreck [Updated]
No user data has been accessed, and Google and Niantic are working on fixes.
by Andrew Cunningham - Jul 11, 2016 10:00pm EDT
Update: Niantic has confirmed in a statement that the Pokémon Go app requests more permissions than it needs, but that it has not accessed any user information. Google will automatically push a fix on its end to reduce the app's permissions, and Niantic will release an update to the app to make it request fewer permissions in the first place. The full statement:
"We recently discovered that the Pokémon Go account creation process on iOS erroneously requests full access permission for the user's Google account. However, Pokémon Go only accesses basic Google profile information (specifically, your user ID and e-mail address) and no other Google account information is or has been accessed or collected. Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google account information, in line with the data we actually access. Google has verified that no other information has been received or accessed by Pokémon Go or Niantic. Google will soon reduce Pokémon Go's permission to only the basic profile data that Pokémon Go needs, and users do not need to take any actions themselves.