- ~30 billion voluntary Pokémon Go scans helped train spatial AI — which now feeds GPS-independent drone navigation via Vantor
- Niantic Spatial denies a direct data transfer: the scans were a training input for its models, not handed to Vantor
- The point isn't Niantic, it's the pattern: incidental data → foundation model → a use no one consented to
- For operators, four questions matter — what it was trained on, what happens to our data, the dual-use range, and whether the consent is real
Between 2020 and 2025, Niantic collected roughly 30 billion voluntary AR scans from Pokémon Go players — short video clips of street corners, parks, and doorways. Those clips helped train spatial AI models — the same kind of technology now feeding GPS-independent drone navigation through a partnership with US defense contractor Vantor. Niantic Spatial denies that any player data was handed directly to Vantor.
That last line matters, and I'll come back to it. But it doesn't change the real point — and the real point is bigger than Pokémon Go.
What actually happened (and what Niantic disputes) #
The soundtrack says conspiracy; the sequence is mundane. In 2020 Niantic introduced "AR Mapping" tasks; in 2021 it added "Powered-Up PokéStops," rewarding players for scanning real-world locations. Millions joined in. From those clips Niantic built a Visual Positioning System — a 3D map that lets a machine locate itself by sight when the satellite signal drops.
In March 2025 Niantic sold its gaming business to Scopely for about $3.5 billion. What remained was Niantic Spatial, which kept the mapping technology. In December 2025, Niantic Spatial announced a partnership with Vantor, a defense-intelligence firm. Vantor's software, Raptor, does from the air what the ground scans do on the ground: locate a drone by camera, no GPS — which matters under jamming, spoofing, and interference.
In testing, reports put the error reduction at up to 70%, to roughly 1.5-meter accuracy. In February 2026, Vantor landed a US Army contract worth up to $217 million for 3D terrain data.
And the contradiction? Niantic Spatial is explicit: the Pokémon Go data was not handed to Vantor. After the Scopely sale it no longer has access to the scans anyway. Those ground scans were merely one of many inputs used to train its own foundation models.
Take that seriously — and you should — and the honest phrasing isn't "Pokémon Go data steers combat drones." It's: the data trained the models; the models power the partnership. That chain is the actual story.
What "dual-use" actually means #
Dual-use describes technology that works in both civilian and military contexts without being rebuilt for either. GPS was military before it sat in your car. Drones were toys before they flew reconnaissance. The doubling isn't new — the new ingredient is: trained AI models.
With classic dual-use, you share a device or a blueprint. With AI, you share something more abstract: pattern recognition frozen into weights, distilled from millions of real-world observations. Once a model has learned what the physical world looks like through a camera, that capability transfers — to a delivery robot as easily as to a drone. The model doesn't know what it's being used for. That's precisely the problem.
Not a Pokémon Go problem — a pattern #
If your instinct is to be angry at Niantic, you've got the wrong address. This isn't one game studio's slip-up. It's how modern AI works by default.
The chain always runs the same way: people generate data incidentally (playing, posting, photographing, typing). A company aggregates it into a foundation model. The model becomes a platform. And platforms get resold, licensed, folded into partnerships — into contexts nobody had in mind when the data was created. The player who tapped "scan" in 2021 consented to a PokéStop, not to drone navigation in 2026.
Here's an example closer to office life: voice AI. For years, companies recorded support calls "for quality assurance." Those recordings became training data for speech and emotion recognition. The very same recognition that flags an irritated customer in a call center can be pointed at a voice in an interrogation room to measure stress. Nobody on that support line consented to the second use — and the technology doesn't tell the two apart.
Where is someone else's AI in your stack?
I help marketing teams audit their AI stack honestly — data provenance, vendor contracts, dual-use risk. 90-min discovery call, free.
Is the "consent" even real here? #
"But people agreed to it." Formally, yes. In practice, that consent is an illusion. Consent is only worth something if you can foresee what you're agreeing to. No one can consent in 2021 to a use invented in 2025. Privacy policies are written broad on purpose — "to improve our services and related technologies" ends up covering almost anything. That's legally clean and ethically hollow.
And there's a one-way door: training data can't be recalled. You can delete an account. You cannot extract the weights your data shaped back out of a model. A capability, once learned, persists — even after the source data is long gone. The "right to be forgotten" meets a technology that structurally does not forget.
What this means for you as an operator #
So this doesn't end on a moral shrug: if you deploy or buy AI in a business, you're in the same chain — sometimes as the data source, sometimes as the model user. Four questions I put to every team before we bring a model or vendor on board:
- What was it trained on? If the vendor can't or won't name the provenance of the training data, you're buying a model with an unknown past. That's a risk, not a footnote.
- What happens to our data? Do our prompts, documents, and customer data feed the next training run? Is that in the contract — or only in a stretchy privacy clause?
- What's the dual-use range? If we build a model or a capability, which contexts could it travel to that we wouldn't endorse? Anyone thinking "that'll never happen" hasn't watched the last ten years.
- Can we explain the consent? Could we tell our users, in one sentence, what their data is for — without it sounding evasive? If not, the consent probably isn't real.
On one project, a team wanted to fine-tune a chatbot on customer conversations — all of it right there. Question 2 stopped it: the data held real names, contract numbers, health details. The fix was one step earlier: anonymize first, define a clearly scoped set, then train. Had we asked the question after training, the answer would have been baked into the model for good.
My take #
You can read this story as a scandal. I read it as a case study. Niantic is probably right to deny direct data-sharing — and that changes nothing about the fact that casually generated player data helped shape a military navigation AI. Both are true at once. That's exactly what makes dual-use so hard to grasp in the AI era: it takes no villain, just a long, ordinary supply chain in which every single step looks harmless on its own.
"If it's free, you're the product." It was a good warning. For the AI era it no longer goes far enough. — Operator note
Pokémon Go was never entirely free; plenty of players spent money. They were still the product. A paid account doesn't buy you out of the supply chain anymore: you can be a paying customer and training material at once. The price tag doesn't protect you. Only knowing the chain does.
The takeaway isn't to avoid AI. It's to know the chain — as a user, as an operator, as someone deciding what data to generate and which models to deploy. GPS-independent navigation also saves lives, in search-and-rescue as much as in war. The technology isn't the problem. Not knowing is. So on your next AI decision, don't just ask what the model can do. Ask where it came from — and where it could still go.
FAQ
Was Pokémon Go data sold to the military?
Niantic Spatial denies it. The company says the Pokémon Go scans were not handed to Vantor; after selling its gaming business to Scopely it no longer has access to them anyway. The scans were one of several inputs used to train Niantic's own foundation models.
What is dual-use AI?
Dual-use describes technology that works in both civilian and military contexts without being rebuilt. With AI you don't share a device but a trained model: the pattern recognition frozen into its weights can be applied to a delivery robot as easily as to a drone.
Can I get my data back out of an AI model?
Practically, no. You can delete an account, but the weights your data shaped cannot be selectively extracted again. A capability, once trained, persists — even after the source data is deleted.
What should a company ask before buying AI?
What was the model trained on? What happens to our data? How far does the dual-use range reach? And could we explain to our users, in one sentence, what their data is for — without it sounding evasive?