Grindr Hit By UK Lawsuit For Reckless Sale Of Sensitive User Data
We’ve noted repeatedly how the mass hyperventilation about TikTok is a giant distraction from the country’s broader failures on consumer privacy; namely our corrupt inability to pass even a baseline privacy law for the internet era, and our absolute refusal to regulate sleazy data brokers.
As a result there’s not a week that goes by where there isn’t some story about your personal behavior and location data being sold to data brokers, who then sell access to any nitwit with a nickel — or fail to secure it.
Like when Ron Wyden’s office recently revealed how a right wing activist group was able to purchase women’s abortion clinic location visit data, then use that data to send the vulnerable women targeted misinformation.
Or last year, when it was revealed that a group of conservative Colorado Catholics spent millions of dollars to purchase Grindr user location and browsing data to single out and shame priests that had used gay dating and hookup apps.
Now Grindr’s in the news for all the wrong reasons once again. The California-based company is now facing a new UK lawsuit that alleges the company sold private user information, including HIV status, with a range of third parties without user consent:
“According to the claim, the company shared sensitive data with third parties for commercial purposes, in breach of the UK’s data privacy laws It says it included information about the ethnicity and sexual orientation of users.”
The claims (more details here) stem from data transactions that occurred a while ago: namely between 2018 and 2020. Grindr, of course, claims they’ve dramatically improved their privacy practices since then, though this Washington Post story about the use of purchased Grindr data to expose gay priests suggests the behavior extended at least through 2021.
Grindr’s was also sued last year (with the help of a former employee) for promising to delete the data of cancelled accounts and then… just not doing that.
Grindr may have changed their behaviors, but they may not have. We can’t actually know because, again, we don’t have a meaningful privacy law with meaningful penalties for companies and executives that play fast and loose with consumer data.
And we’ve done this because policy leaders across the partisan spectrum have prioritized making money over market health and public safety (though a lot of calories go into distracting folks from this fact).
Some variation of what Grindr does is happening across many apps or services or networks you use. Your sensitive location, demographic, and behavioral data is too frequently sold to a vast array of dodgy international data brokers, who then in turn sell access to pretty much anybody (including domestic and foreign intelligence agencies). All under the pretense this is safe because the data was “anonymized” (a meaningless term).
But remember kids: TikTok is the only real modern privacy threat worth worrying about.