Contributed by: kellyseal on Friday, July 26 2024 @ 12:12 pm
Last modified on Friday, July 26 2024 @ 12:18 pm
Dating app Grindr was ordered to pay a $5.7 million fine by a Norwegian Court, after the company was found to have violated EU regulations by sharing personal user data with third parties.
The court found that Grindr violated the GDPR by sharing sensitive data with third party advertisers, according to Agence-France Press. Norway’s data protection agency Datatilsynet found that the company had shared information such as geographical location, age, sexual orientation and health information such as HIV status with advertisers.
Grindr was accused of sharing this data between 2018 and 2020.
The Court found that Grindr gave its users insufficient information on its privacy and data-sharing practices, so that they might not have understood or consented to how their data was being used, according to The Canary[*1] .
EU guidelines require that users are informed about how their data is being used by dating platforms. Agencies in recent years began cracking down on dating app companies like Grindr.
The ruling was delivered on July 1st. Grindr then appealed the case to a court in Oslo, which rejected it.
This ruling could impact other cases against Grindr that are in motion, including a lawsuit in the UK. In April of this year, 650 U.K. Grindr users sued the company for sharing sensitive personal data with third parties, which goes against the U.K.’s privacy laws. The information shared according to the lawsuit included sexual orientation, race and HIV status.
The lawsuit specifically names two companies: Apptimize and Localytics, both third parties which had access to user personal data. However, the lawsuit also says there’s a potentially unlimited number of third parties with which Grindr could share sensitive user data, since the company used data to customize advertisements sent to Grindr users.
The U.K. lawsuit also claims that Grindr might have held onto some of the personal information for their own purposes, which goes against their own privacy policy.
This complaint notes the data sharing also took place between 2018 and 2020.
Grindr responded to the lawsuit with a statement reported in The Guardian. A Grindr spokesperson said: “We are committed to protecting our users’ data and complying with all applicable data privacy regulations, including in the UK.”
They went on to say: “We are proud of our global privacy program and take privacy extremely seriously. We intend to respond vigorously to this claim, which appears to be based on a mischaracterization of practices from more than four years ago, prior to early 2020.”