Grindr, the world’s largest dating app catering to the LGBTQ+ community, now faces legal action in the UK over accusations of unlawfully disclosing sensitive personal information, including users’ HIV status, to external parties.
The lawsuit, filed at the High Court in London, alleges the use of covert tracking technology to share highly private data with advertisers.
Austen Hays, the legal firm representing over 650 claimants, says that thousands of Grindr users in the UK were affected by this breach. If successful, claimants could be entitled to substantial damages, with the law firm seeking over £100,000 in total.
The claim states that Grindr violated UK data privacy laws by sharing users’ sensitive information like ethnicity and sexual orientation, with third-party entities for commercial gain.
This allegedly took place predominantly before April 3, 2018, but also extended from May 25, 2018, to April 7, 2020.
Among the named third parties are data analytics firms Apptimize and Localytics, who reportedly had access to this sensitive data.
However, the claim suggests that numerous other third parties may have utilised the data to tailor advertisements to Grindr’s users, as well as potentially retaining some of the shared information for their own purposes.
In 2018, it came to light that Grindr had indeed shared personal data, including HIV status, with Apptimize and Localytics for app improvement purposes. Despite initially defending this practice as an industry standard, Grindr later ceased sharing HIV data with these companies. The company maintains it never sold user data to advertisers.
The law firm leading the claim noted that the claimants had “experienced significant distress over their highly sensitive and private information being shared without their consent”. It added: “Grindr owes it to the LGBTQ+ community it serves to compensate those whose data has been compromised”.
The Information Commissioner’s Office also pointed out that Grindr had failed to “provide effective and transparent privacy information to its UK data subjects in relation to the processing of their personal data”.
Leave a Reply