An AR privacy story that’s been simmering for over a year has flared up again — this time drawing a warning from China’s Ministry of State Security. But strip away the geopolitical framing, and it points to a genuine, unresolved question the whole AR industry is going to have to answer: what happens to all the spatial data our AR games quietly collect?
At the center of it is Niantic, the company behind Pokémon GO. Over roughly a decade, players voluntarily submitted photos and short video scans of public landmarks, street corners, and storefronts through an optional in-game scanning feature. Individually, each scan is trivial. Collectively, they’ve become staggering: by early 2026, that dataset reportedly stood at around 30 billion ground-level images spanning nearly every major city on the planet.
Niantic has been open about what it built from this: a Large Geospatial Model (LGM), which the company describes as a kind of “living, breathing map of the world” designed to be readable by robots and AI. The company’s enterprise division, Niantic Spatial, has since spun this into a commercial product aimed at robotics, autonomous systems, and AR glasses — essentially teaching machines to understand and navigate physical space the way a large language model understands text.
That’s where the concern begins. Niantic has consistently stressed that scanning was always opt-in — players had to physically visit a public location and actively choose to scan it, and the company states that simply walking around playing its games does not train any AI model. It has also emphasized it works to respect human rights and ethical principles. But the sheer scale of the dataset, combined with reported partnerships involving robotics and defense-adjacent applications, has fueled a broader debate about whether civilian data gathered through a mobile game should end up powering that kind of technology.
This week, that debate picked up a new voice. China’s Ministry of State Security issued a public warning about the security risks of high-precision geospatial data collection through AR games, cautioning that AR apps capture far more than ordinary photographs — every frame can be tagged with GPS coordinates, altitude, device orientation, and timestamps. The MSS urged users to follow a “minimum necessary permissions” approach and to avoid scanning or checking in at sensitive locations. The framing is unmistakably shaped by state-security concerns, but the underlying technical point — that AR data is uniquely rich and persistent compared to a normal photo — is one Western privacy researchers have raised independently.
The deeper issue this raises isn’t really about one company or one country. AR by its nature sees more than a camera does. To overlay digital content convincingly onto the real world, an AR device has to continuously understand the geometry of its surroundings — and that same understanding, aggregated across millions of users, becomes an extraordinarily detailed 3D model of real places. Even anonymized, such datasets can sometimes be re-identified through cross-referencing.
As AR glasses move toward the mainstream and always-on wearable cameras become more common, these questions stop being hypothetical. Who owns the spatial map of a city built from millions of individual scans? What happens when that map is precise enough to guide a robot — or something less benign? And how much can a user meaningfully consent to when the data being captured is this rich and this continuous?
None of this makes AR games inherently sinister — the technology behind spatial mapping has genuinely useful applications, from better navigation to more capable assistive devices. But it’s a reminder that the AR industry’s biggest challenges over the next decade may not be technical at all. They’ll be about trust, consent, and who ultimately controls the digital map of the physical world.
This article references reporting on Niantic’s Large Geospatial Model and a public advisory from China’s Ministry of State Security. Data-collection practices described are based on the companies’ own published statements and independent reporting.
