Hi Kazue,
Hi Andrian and Doc,
This seems to have an interesting point regarding use of OAuth where many people here are familiar with.
A friend of mine showed me an interesting link.
http://ericrafaloff.com/pokemon-go-and-google/
As google is using OAuth, the usual flow should show the user a consent screen. Yet this was not the case with Pokemon Go.
>Meaning authorization servers by big companies acting on persons’ behalf. In this case Nintendo (Pokemon Go parent) and Google.
Actually, Pokemon Go was developed by a company called Niantic which was a part of Google at the time they developed Ingress (according to the link above).
Kazue Sako
________________________________________
> On Jul 13, 2016, at 9:07 AM, Adrian Gropper <agropper@healthurl.com> wrote:
>
> https://www.buzzfeed.com/josephbernstein/heres-all-the-data-pokemon-go-is-collecting-from-your-phone?utm_term=.pmzKLWaD1#.prLqPbnwM
Here’s the link without the tracking cruft:
https://www.buzzfeed.com/josephbernstein/heres-all-the-data-pokemon-go-is-collecting-from-your-phone
> This may well have been a case of accidental social engineering but it makes the point that multiple random authorization servers will not scale.
Meaning authorization servers by big companies acting on persons’ behalf. In this case Nintendo (Pokemon Go parent) and Google.
> If Pokemon wants access to my Google stuff, they need to ask my authorization server and not the one Google helpfully gave to me.
Meaning one you operate personally.
Does one exist? Do we have an example or a prototype among all our developments here? (I’m so snowed under looking at all of it that I confess to being a bit lost?in a good way.)
> Is there any other alternative? How could Google's ever play both sides as both game developer and privacy protector?
That’s the right question. The answer has to come from our sovereign personal whatever (authorization server is a good term, but it needs to be distinguished from the same operated by giant companies playing both sides).
And the Castle Doctrine needs to apply. <http://bit.ly/3stldoc> or <http://j.mp/cstl3>
Doc
> Adrian
>
> --
>
> Adrian Gropper MD
>
> PROTECT YOUR FUTURE - RESTORE Health Privacy!
> HELP us fight for the right to control personal health data.
> DONATE: http://patientprivacyrights.org/donate-2/
>