While The Pokémon Co. has been providing video game software, animated movies, a trading card game, and other forms of amusement for two decades, the success of its augmented reality game, Pokémon Go, in July 2016 was a runaway international phenomenon.

For those behind the scenes at Pokémon, it was a major revelation to capture the “giant lake” of customer data generated from Pokémon Go, according to John Visneski (pictured), director of information security and data protection officer at The Pokemon Co. International.

“I don’t think anyone ever plans for 750 million downloads,” Visneski said. “And when it happens, the scalability issues that come with [those downloads] are phenomenal.” For Visneski’s team, their main job before and after the explosion of their user base is to make sure customers data is managed, secure and private, whether those customers are adults or children.

Visneski spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Sumo Logic Illuminate event in San Francisco. In addition to security scalability, they discussed how the General Data Protection Regulation has impacted them.  (* Disclosure below.)

Protecting online data, especially for children

When the  General Data Protection Regulation went into effect on May 25, 2018, in the European Union, its rules applied to international companies, including Pokémon. It wasn’t onerous for his team to implement the GDPR, as Pokémon had already been very cautious with client data, especially data relating to children under the age of 1, according to Visneski. For younger children, it’s a matter of allowing parents to have access to their kids’ data to know that they are safe online.

“At the end of the day, it doesn’t matter if you live in Berlin or you live in Nebraska, you want to make sure that your data is safe, your child’s data is safe, and you have that ownership,” Visneski said.

Visneski’s team is also examining what user data they are taking in, why they are taking it in, what’s the business justification, and how long they retain user data. In this way, when customers ask, ‘What kind of data do you have on me or my child, and why are you keeping it for so long?’ his team will have a realistic answer for them, Visneski concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Sumo Logic Illuminate event. (* Disclosure: TheCUBE is a paid media partner for Sumo Logic Illuminate. Neither Sumo Logic Inc., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE