Norwegian Regulators to Fine Grindr Over $11 Million 

The Norwegian Data Protection Authority has notified dating app Grindr that it could be fined as much as $11.7 million U.S. dollars for sharing the personal data of its users to third parties without their consent. The company has until February 15th to respond to the notice, at which time the Authority will make its final decision.

According to the report from Associated Press, Grindr’s data sharing practice was in violation of European Union privacy rules (GDPR), which requires app companies to let users know how their personal information is being shared as well as obtaining their consent. The Norwegian Consumer Council alleged that Grindr was sharing user information with third party companies so that they would be able to send more targeted ads to users of the app. However, Grindr’s customers weren’t given a thorough explanation of how their data was being used or asked if they consented to sharing it.

The Authority also said that users were not given the chance to opt out of sharing their data with third parties either, essentially forcing them to give away personal information in exchange for using the app. 

Another big concern among privacy advocates is the nature of the data shared over dating apps like Grindr, such as sexual orientation and HIV status, which could put users at risk of being targeted if that information got into the wrong hands.

“The Norwegian Data Protection Authority considers that this is a serious case,” Bjorn Erik Thon, the authority’s director-general, told AP. “Users were not able to exercise real and effective control over the sharing of their data.”

Grindr’s spokesperson in Norway, Bjoern Richard Johansen, confirmed that the company had received a letter from regulators about the impending fine. “Grindr is looking forward to entering into a dialogue with the Norwegian Data Protection Authority,” Johansen told the national broadcaster NRK, but according to AP, the company has not made public any more details about the discussions.

While AP pointed out that Norway isn’t a member of the EU, it follows their regulations regarding data privacy.

Last year, the Norwegian Consumer Council released a report detailing how dating apps, including Grindr, were leaking user information to third party app companies. Grindr is the first to face such a fine, but Facebook Dating was also affected. The company had to delay its launch in Europe last year due to the European Union data privacy rules, which stated that authorities needed to approve the company’s process of how they handle user data before it could operate in those countries.

The amount of the fine leveled at Grindr was equal to 10% of the company’s global revenue, according to AP.