Contributed by: kellyseal on Friday, May 10 2024 @ 07:51 pm
Last modified on Friday, May 10 2024 @ 07:59 pm
Dating app Grindr has been sued in the U.K. for allegedly selling the HIV status of its users to third parties.
According to the BBC, the claim was filed in London’s High Court, and alleges that “covert tracking technology” was used to track and illegally share the personal health status of users with advertisers. More than 650 claimants were affected along with reportedly thousands of other U.K. users.
Sharing personal and sensitive data of users with third parties without their consent is illegal in the U.K.
The lawsuit says the information shared with third parties includes the ethnicities and sexual orientations of users. It also says the sharing of such information took place primarily before April 2018, though some data was shared as recently as April 2020. The lawsuit specifically names two companies which help app developers analyze user engagement, Apptimize and Localytics, as involved third parties with access to the data. The lawsuit also claims that these outside firms might have retained some of the sensitive data for their own purposes.
Grindr said it will “respond vigorously” to the claim, per BBC.
Chaya Hanoomanjee, the lawyer from Austen Hays law firm which filed the claim, said in the filing that claimants "experienced significant distress over their highly sensitive and private information being shared without their consent," according to BBC[*1] . She added: “Grindr owes it to the LGBTQ+ community it serves to compensate those whose data has been compromised.”
A Grindr spokesperson said the company takes privacy "extremely seriously", and added the claim "appears to be based on a mischaracterization of practices from more than four years ago".
In 2018, Grindr did admit to sharing personal information such as HIV status of users with Apptimize and Localytics, so the companies could help monitor how people used the app and suggest ways for improving engagement. Grindr said that it never sold any data to advertisers, and that it did stop sharing HIV information with third parties.
However, in 2021 Grindr was fined by the Norwegian authorities for breaking rules regarding data protection in the EU, and in 2022 it was reprimanded by the U.K. privacy authorities over its practices regarding the handling of user data.
Grindr is also facing privacy concerns in the U.S. The Electronic Privacy Information Center (EPIC) said in October 2023 that it had asked the FTC to investigate Grindr after finding it was storing user data even after accounts were deleted, which went against the company’s privacy policy, according to The Register[*2] .
Grindr told The Register at the time: "Privacy is a top priority for Grindr and the LGBTQ+ community we serve, and we have adopted industry-leading privacy practices and tools to protect and empower our users."