Our award-winning reporting has moved

Context provides news and analysis on three of the world’s most critical issues:

climate change, the impact of technology on society, and inclusive economies.

Dating apps share intimate data about users, says consumer group

by Umberto Bacchi | @UmbertoBacchi | Thomson Reuters Foundation
Wednesday, 15 January 2020 08:19 GMT

The Grindr app is seen on a mobile phone in this photo illustration taken in Shanghai, China March 28, 2019. REUTERS/Aly Song/Illustration

Image Caption and Rights Information

'These practices are out of control and in breach of European data protection legislation' - Norwegian Consumer Council

By Umberto Bacchi

TBILISI, Jan 14 (Thomson Reuters Foundation) - Popular dating apps like Grindr and OkCupid share personal data about users, including their location and sexuality, with about 100 other businesses, a Norwegian consumer group said on Tuesday, as it filed a complaint about breach of privacy rules.

The Norwegian Consumer Council found that 10 widely used Android apps that gather sensitive data about health, drug use, and sexual preferences passed some of it on to advertising and marketing firms without clearly informing users.

"These practices are out of control and in breach of European data protection legislation," said Finn Myrstad, director of digital policy for the Norwegian Consumer Council.

"It is impossible for users to control this because the terms and conditions are really long and impossible to understand," he told the Thomson Reuters Foundation.

Tech companies have come under increased scrutiny over data privacy, fuelled by 2018's Cambridge Analytica scandal in which tens of millions of Facebook profiles were harvested without their users' consent.

The European Union's General Data Protection Regulation (GDPR), implemented in 2018, heavily restricts companies' ability to process and share personal information without users' consent, with hefty fines for firms that break the rules.

The Norwegian Consumer Council filed a complaint on Tuesday against the U.S.-based gay dating app Grindr and companies receiving data from it with Norway's data authority, which said it was looking into whether they had broken GDPR rules.

Grindr said it rejected some of the report's conclusions, adding that its privacy policy was shared with all users, who had individual control over what information they chose to provide in their profiles.

"As the data protection landscape continues to change, our commitment to user privacy remains steadfast," the company said in a statement.

The council's study found that the app, which is used by millions globally, shares data with a large number of third parties involved in advertising and profiling, many of which reserve the right to pass it on to others.

"Sharing location data for gay people can be risky in certain extreme circumstances," Norway's data protection commissioner Bjorn Erik Thon, said in a statement.

"There are still some who do not want to be open about their orientation, and there are many countries in the world where being gay carries great risks."

The study also found that OkCupid shares information from users' personal profiles related to sexuality, drug use and political views with an analytics company, while the dating app Tinder shares location and age with marketing firms.

The Match Group, which owns OkCupid and Tinder, said in a statement that it used third party providers to assist its services but only shared information deemed necessary to operate its platforms, in line with the applicable laws.

"Privacy is at the core of our business," the company said.

(Reporting by Umberto Bacchi @UmbertoBacchi, Additional reporting by Adela Suliman, Editing by Katy Migiro. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers humanitarian news, women's and LGBT+ rights, human trafficking, property rights, and climate change. Visit http://news.trust.org)

Our Standards: The Thomson Reuters Trust Principles.