Gay dating app Grindr has admitted to sharing its users’ private health data.

On Monday, Buzzfeed reported that the app had allowed two outside companies to view the HIV status of its users, along with other personal information.

The companies in question, Apptimize and Localytics, were reportedly paid to monitor and test the performance of the Grindr app. As part of this work, they were given access to users’ HIV status and the date of their most recent test, as well as their location, gender, age, and physical type.

Grindr initially denied that it was sharing the HIV status of its users, writing on Twitter that “Grindr has never, nor will we ever sell personally identifiable user information – especially information regarding HIV status or last test date – to third parties or advertisers.”

Read more
Gay dating app Grindr has confirmed it has shared the HIV status of its users with outside firms – but declined to issue an apology.
It was revealed this weekend that data from the gay hook-up app is being shared with two private companies that help “optimise” apps, Localytics and Apptimize.
The information available in plaintext to the companies includes users’ screen names, GPS data, email address and phone ID.

LGBT campaigners have voiced fury after the news came to light in a BuzzFeed report, but the app – recently acquired by a Chinese conglomerate – has refused to apologise.
The app’s chief security officer Bryce Case told BuzzFeed that while he would “not admit fault”, the company would stop sharing the data “based on the reaction — a misunderstanding of technology — to allay people’s fears”.
In a statement to PinkNews, Grindr CTO Scott Chen said: “As a company that serves the LGBTQ community, we understand the sensitivities around HIV status disclosure. Our goal is and always has been to support the health and safety of our users worldwide.

“Recently, Grindr’s industry standard use of third party partners including Apptimize and Localytics, two highly-regarded software vendors, to test and validate the way we roll out our platform has drawn concern over the way we share user data.

“In an effort to clear any misinformation we feel it necessary to state:

“ Grindr has never, nor will we ever sell personally identifiable user information – especially information regarding HIV status or last test date – to third parties or advertisers.

The app’s chief security officer Bryce Case told BuzzFeed that while he would “not admit fault”, the company would stop sharing the data “based on the reaction — a misunderstanding of technology — to allay people’s fears”.

“ When working with these platforms, we restrict information shared except as necessary or appropriate. Sometimes this data may include location data or data from HIV status fields as these are features within Grindr, however, this information is always transmitted securely with encryption, and there are data retention policies in place to further protect our users’ privacy from disclosure.

“It’s important to remember that Grindr is a public forum. We give users the option to post information about themselves including HIV status and last test date, and we make it clear in our privacy policy that if you chose to include this information in your profile, the information will also become public. As a result, you should carefully consider what information to include in your profile.”

He added: “As an industry leader and champion for the LGBTQ community, Grindr, recognizes that a person’s HIV status can be highly stigmatized but after consulting several international health organizations and our Grindr For Equality team, Grindr determined with community feedback it would be beneficial for the health and well-being of our community to give users the option to publish, at their discretion, the user’s HIV Status and their Last Tested Date. It is up to each user to determine what, if anything, to share about themselves in their profile.

“The inclusion of HIV status information within our platform is always regarded carefully with our users’ privacy in mind, but like any other mobile app company, we too must operate with industry standard practices to help make sure Grindr continues to improve for our community.

“We assure everyone that we are always examining our processes around privacy, security and data sharing with third parties, and always looking for additional measures that go above and beyond industry best practices to help maintain our users’ right to privacy.”

Bryan Dunn, VP of Product at Localytics added: “Localytics is an app marketing platform that provides messaging and analytics tools to large enterprise companies. The information customers choose to send is stored and processed in our production systems, which meet industry security standards, including ISO27001, SSAE16-SOC1/2/3, FISMA and others.
“Localytics strictly controls all access to production systems, and leverages appropriate security controls to protect all customer data.

“Under no circumstances does Localytics automatically collect a user’s personal information, nor do we require personal information in order for our customers to get the benefits from using our platform. It is up to each customer to determine what information they send to Localytics, and Localytics processes that data solely for the customer’s use. We do not share, or disclose, our customer’s data.”
But the app has come under fire from LGBT campaigners.

“This is the second data scandal involving Grindr in a week and its users will not be reassured by this latest development.
“There are still 72 countries in the world that criminalise homosexuality and even more have governments that actively persecute LGBT+ people. Security breaches could be exploited to make arrests and by homophobic vigilantes to make violent attacks.
“Grindr and similar app providers must urgently audit their data security measures, come clean about any issues and fix them immediately.
“Data protection is the new frontier in the battle for human rights. Software companies that cater for LGBT+ people arguably have a special responsibility, given the potentially risky countries that many of their users live in.”

A recent push to encourage people to share their HIV status and when they were last tested made no clear mention that the data will be shared with outside companies.
Grindr’s privacy policy warns users that information shared on the platform can be disclosed.

Leave a Reply

avatar
  Subscribe  
Notify of