Grindr admits sharing HIV status data with third party companies

Grindr admits sharing HIV status data with third party companies

The app was found to have shared personal information (such as HIV status and last tested date) that users included in their profiles to 2 companies that help optimize apps: Apptimize and Localytic.

According to initial research by Antoine Pultier, a researcher at SINTEF, and verified by Buzzfeed News, Grindr shared HIV status along with users' Global Positioning System data, sexuality, relationship status, ethnicity, phone ID and email to Apptimize and Localytics, which help optimize apps.

The report also found that Grindr has shared information like age, gender, relationship status, phone ID, language, and Global Positioning System location with third-party advertisers. Revelations about the data sharing may make Grindr users wary of disclosing HIV status and promoting safer hygiene. "I think this is the incompetence of some developers that just send everything, including HIV status".

Since its launch in 2009, Grindr has grown into "the world's largest social networking app for gay, bi, trans, and queer individuals; it has upwards of 3.6 million daily active users throughout the world".

AIDES, a French HIV-advocacy organization, called for boycotting Grindr in light of the news - but emphasized that sharing HIV status on a dating app before meeting can "allow HIV-positive people to avoid a possible rejection when they announce it verbally", helping to "normalize the perception and image of HIV-positive people".

Grindr said the most sensitive data was encrypted and shared with two companies - Apptimize and Localytics - which are paid to monitor how users interact with apps to see what could be improved.

"As an industry standard practice, Grindr does work with highly regarded vendors to test and optimise how we roll out our platform".

Prior to this, Grindr's chief technology officer Scott Chen shared a Tumblr post saying that sharing data with partners such as Apptimize and Localytics was "industry practice".

Grindr has actually quit sharing customers' HIV standing with its third-party suppliers, the firm's head of safety and security informed.

There is a distinction he claimed in between a "software program system we utilize for debugging as well as optimization functions" in contrast to "a company that's attempting to persuade political elections".

"In the view of the Consumer Council, information about sensitive personal data being shared with third parties should not be hidden away in long terms of service and privacy policies".

"It may be a commercial app, but as an LGBTQ app Grindr has responsibilities to the wider communities".

Experts also brought into question the matter of user privacy and its breach by sharing data that could potentially put the user's life at risk. That's when the nonprofit discovered not only that Grindr was using many trackers, but also that it was directly sharing user data, including its users' HIV status, with two other companies. Here, the data might be relevant if Grindr is seeking to send users' messages related to their status.

"It's important to remember that Grindr is a public forum", Chen said. And as the Cambridge Analytica scandal revealed, even if an initial third-party disclosure is authorized and appears innocuous, tech companies can do precious little about subsequent transmissions or security breaches once data clears the company's four walls and escapes into the wild. This is just something we use for internal tooling.

Related news: