Published: Sat, January 18, 2020
Electronics | By Kelly Massey

Group claims dating apps like Tinder are sharing data

Group claims dating apps like Tinder are sharing data

A new report by the Norwegian Consumer Council details how Grindr, which markets itself as the "world's largest social networking app for gay, bi, trans and queer people", shares the Global Positioning System data, IP addresses, ages and genders of its users with a multitude of third-party companies to help them improve advert targeting. For its report, Out of Control, the NCC turned to security firm Mnemonic to analyse the data sent from ten apps to at least 135 different third parties involved with behavioural profiling and advertising.

The personal data bought by these brokers might reveal date of birth, gender, location, ID numbers stored on phones, behavior, sexual orientation, and religious preference - potentially identifying particular individuals.

Companies are duking it out in the courts in Europe as they argue over interpretations of GDPR, like how to properly attain consumer consent.

Grindr also sent a user's location to multiple companies, which may then share that data with many other businesses, the report said.

The California law requires companies that sell personal data to third parties to provide a prominent opt-out button; Grindr does not seem to do this. The company, which owns Tinder and OkCupid, says it shares information with third parties only when it is "deemed necessary to operate its platform" with third-party apps.

A representative from Twitter told Bloomberg the company is working to "understand the sufficiency of Grindr's consent mechanism" and in the meantime has disabled Grindr's MoPub account.

The only way for many users to protect their information, the study conducted by the Norwegian Consumer Council (NCC) says, is for them to have never installed the apps at all.

The Wiggles Star Greg Page Collapses at Bushfire Relief Show
Original Wiggles member Greg Page has collapsed and gone into cardiac arrest at a bushfire relief concert in Sydney. Footage from the concert at Castle Hill RSL shows Page singing and dancing just moments before his collapse.

He's become even more active since GDPR kicked in, filing privacy complaints against companies including and Netflix, accusing them of breaching the bloc's strict data protection rules.

The other apps that were sharing the data included menstruation cycle trackers "Clue" and "My Days", Islamic prayer direction finder "Muslim: Qibla Finder", kids entertainment app "My Talking Tom 2", makeup app "Perfect365", virtual typer "Wave Keyboard", and dating app Happn. "MoPub lists more than 160 partners, which clearly makes it impossible for users to give an informed consent to how each of these partners may use personal data".

The study, carried out by the Norwegian Consumer Council (NCC), found that the online advertising industry was "systematically breaking the law", transmitting personal data and tracking users in ways that are banned under the GDPR, the EU's data law.

Grindr has faced criticism in the past for sharing users' HIV status with two mobile app service companies. "This is an insane violation of users' European Union privacy rights". The company said it considers the practice in line with all European and US regulations.

Grindr's app, for instance, includes software from MoPub, Twitter's ad service, which can collect the app's name and a user's precise device location, the report said.

Grindr did not respond to request for comment.

"Privacy is at the core of our business", the company said.

Like this: