Norway Fines Grindr Over $7 Million for Privacy Violations

Gay dating app Grindr was fined $7.16 million (65 million kroner) by Norway’s Internet watchdog agency for violating the privacy rights of its users.

According to ABC News, The Norwegian Data Protection Authority said that Grindr had shared the sensitive personal data of its users, including sexual orientation, to hundreds of potential advertising partners without their consent. 

It’s not the first time Grindr has been accused of violating privacy rights by the watchdog. In 2020, it filed a complaint against Grindr not only because of sensitive data that was shared with third parties, but also because it shared IP addresses and GPS locations, which could identify individual users. 

The Norwegian Authority has been monitoring dating apps in general for the past few years along with the EU, noting how freely they share information with third parties without letting users know, which violates strict EU privacy laws. Norway is not part of the EU but follows its privacy protocols.

According to the watchdog, this is the highest fine it has imposed on a company in its history, though it is far less than the original fine suggested of $100 million. According to Tech Crunch, the fine was lowered due to the measures Grindr had taken since the beginning of the year to comply with Europe’s General Data Protection Regulation (GDPR)’s requirements.

ABC also reported that Grindr is considering appealing the fine, as the company says this practice was discontinued a while ago. Shane Wiley, Grindr’s chief privacy officer said the Authority’s ruling “introduces many untested legal perspectives, and the proposed fine is therefore still entirely out of proportion with those flawed findings.”

Right now, the watchdog is not requiring Grindr to ensure its advertising partners delete the user data they’ve already received, but this could change as Europe’s monitoring agency clamps down on companies exploiting the privacy of app users in general, not just with Grindr or other dating apps. 

“Our decision does not include any erasure requirements at this time but we have also made it clear that further decisions may come at a later date if we deem it necessary,” said Tobias Judin, director for international issues at the agency said in a statement. “In other words: We are not ruling out any possibilities for further enforcement at this stage.”

According to Tech Crunch, the deputy DG of the European Consumer Organisation, BEUC, Ursula Pachl, backed the ruling, saying: “Grindr illegally exploited and shared its users’ information for targeted advertising, including sensitive information about their sexual orientation. It is high time the behavioural advertising industry stops tracking and profiling consumers 24/7…Let’s now hope this is the first domino to fall and that authorities start imposing fines on other companies as the infringements identified in this decision are standard surveillance ad-tech industry practices.”