Grindr Hit By UK Lawsuit For Reckless Sale Of Sensitive User Data
from the data-data-everywhere dept
We’ve noted repeatedly how the mass hyperventilation about TikTok is a giant distraction from the country’s broader failures on consumer privacy; namely our corrupt inability to pass even a baseline privacy law for the internet era, and our absolute refusal to regulate sleazy data brokers.
As a result there’s not a week that goes by where there isn’t some story about your personal behavior and location data being sold to data brokers, who then sell access to any nitwit with a nickel — or fail to secure it.
Like when Ron Wyden’s office recently revealed how a right wing activist group was able to purchase women’s abortion clinic location visit data, then use that data to send the vulnerable women targeted misinformation.
Or last year, when it was revealed that a group of conservative Colorado Catholics spent millions of dollars to purchase Grindr user location and browsing data to single out and shame priests that had used gay dating and hookup apps.
Now Grindr’s in the news for all the wrong reasons once again. The California-based company is now facing a new UK lawsuit that alleges the company sold private user information, including HIV status, with a range of third parties without user consent:
“According to the claim, the company shared sensitive data with third parties for commercial purposes, in breach of the UK’s data privacy laws It says it included information about the ethnicity and sexual orientation of users.”
The claims (more details here) stem from data transactions that occurred a while ago: namely between 2018 and 2020. Grindr, of course, claims they’ve dramatically improved their privacy practices since then, though this Washington Post story about the use of purchased Grindr data to expose gay priests suggests the behavior extended at least through 2021.
Grindr’s was also sued last year (with the help of a former employee) for promising to delete the data of cancelled accounts and then… just not doing that.
Grindr may have changed their behaviors, but they may not have. We can’t actually know because, again, we don’t have a meaningful privacy law with meaningful penalties for companies and executives that play fast and loose with consumer data.
And we’ve done this because policy leaders across the partisan spectrum have prioritized making money over market health and public safety (though a lot of calories go into distracting folks from this fact).
Some variation of what Grindr does is happening across many apps or services or networks you use. Your sensitive location, demographic, and behavioral data is too frequently sold to a vast array of dodgy international data brokers, who then in turn sell access to pretty much anybody (including domestic and foreign intelligence agencies). All under the pretense this is safe because the data was “anonymized” (a meaningless term).
But remember kids: TikTok is the only real modern privacy threat worth worrying about.
Filed Under: behavioral data, data brokers, dating apps, law, lawsuit, location data, privacy, uk
Companies: grindr
Comments on “Grindr Hit By UK Lawsuit For Reckless Sale Of Sensitive User Data”
Hindsight: This undercuts Washington’s case for forcing ByteDance to divest or ban TikTok (the bill is now headed for Biden’s desk after the Senate passed the foreign aid package it was surreptitiously attached to), since the CFIUS under the Trump administration forced Beijing Kunlun, Ltd. to sell Grindr in 2019 (the SPAC San Vicente Acquisition Corp. bought it almost exactly a year later), and yet… the data sale incidents mentioned here buttress the argument that it doesn’t matter who owns an app (and in what country it’s owners are based), as long as the lack of regulation on data brokers shows there are avenues to forward that data elsewhere. The fact is, some of these incidents happened even after the sale.
Love wins.