i argue it's not an issue. If the user decides to spoof to cheat in the game, there are other ways to detect it (such as speed limiting - which, as i understand, pokemon go already does).

If the app wants to force a user to not modify their phone just so they have a secure enclave for which they can implement DRM, then i can't agree to it. This includes things like spoofing, but also things like memory edits or hacking save files, or anything else client side. If the app needs secure storage that's unchangeable, they can save it on their servers.

Spoofing is an issue even if you limit yourself to a reasonable speed. You don't have to spoof yourself everywhere all at once.