I'm going to copy my previous comment again, adding some new points.
First of all, i would like to mention that implementing malware in videogames is a risky thing. Here's why: Pokemon Go is still not supported in many countries, so those Android users who want to play Pokemon Go, need to download APK instead of searching it in Google Play. It appears that one of the most popular APK files contained some malware in it. That was exposed by some users on Reddit and other forums just days after the release. It's very easy to loose users trust in 2016, remember how Windows 10 and data mining was exposed?
If there really was a backdoor in Pokemon GO code, that would allow the potential "bad person" to spy on users, using this app, then, it would have been already found. Thousands of coders, game hackers (the people that use their skills to obtain boosts in games), developers that want to make another game clone - they would share this with the people, as it would be a potential app destroyer, so they would be able to make their own clones and have all the profits possible.
Also, it's silly. Why would people from spy agencies develop a game, based on a setting, that costs billions of USD, instead of negotiating the possible backdoor in the OS. People don't catch Pokemons 24/7. People don't use the app 24/7 Yeah, i know about youth and kids, but if we are talking about some Gov people...
You can also play without using the camera. AR is just an option.
In my opinion, these kind of theories (about applications) should be always backed with code/data control logs that prove the statements.
And if there was an idea of forcing you to be in needed locations in-game, developers wouldn't have made Lure Modules and Incense :) These items attract Pokémon to you.
Terms of Service clearly say: We may also consult and cooperate with law enforcement authorities to prosecute users who violate the law. Are you going to violate the law using Pokemon GO? It's fucking hilarious. And i advise you to check the Terms of Service of websites or apps you're using, because any company which goes by the word of law has something like this in their ToS. There is no "HOLY SHIT DUDES WE ARE WATCHING YOU" or something in that kind.
Pokemon GO has been recently unbundled. I'm too lazy to edit, here is the Steemit post:
https://steemit.com/pokemongo/@miohtama/reverse-engineering-pokemon-go-on-android
Here's the article:
https://applidium.com/en/news/unbundling_pokemon_go/
Now the main question: if you make an app which is a spying app, would you let the possibility of RE exist? Of course no.
That's the thing i told you in my previous comment - if any data leaks or hidden spying tools existed in Pokemon GO - they would have been already found.
RE: CIA and PokemonGO: Welcome to a New ERA of Covert Surveillance!