Published: Thu, April 05, 2018
Hi-Tech | By Kristin Zimmerman

Grindr shares users' HIV status with third-party companies

Grindr shares users' HIV status with third-party companies

Two West Hollywood City Council members who are openly HIV positive have asked that the city's Lesbian and Gay Advisory Board invite representatives from Grindr and other gay sex apps to explain what they are doing to protect information about their users' HIV status.

Because the information was sent with users' Global Positioning System location, phone number, and email address (which may include a user's government name and employer), the Norwegian nonprofit that sounded the alarm about this said that people's HIV status could be discovered.

Despite the privacy policy language, Grindr's head of security responded to the allegations yesterday by stating that it would cease sending users' HIV status to third party companies.

In a tweet, U.S. senator Ed Markey suggested that greater care needed to be taken when handling information about individuals' HIV status: "Privacy isn't just about credit card numbers and passwords".

Grindr is a popular dating app within the LGBTQ community and has more than 3.6m daily active users across the globe. The company has said that LGBTQ groups and global health organisations have supported this as beneficial for the health and wellbeing of the Grindr community.

Norwegian research outfit SINTEF analyzed the app's traffic and found that HIV status, which users can choose to include in their profile, is included in packets sent to Apptimize and Localytics. What's more, even if Grindr doesn't have specific health data on you, this information might be enough to identify you as a user of a queer-focused app.

"Any information we provide to our software vendors including HIV status information is encrypted and at no point did we sharing sensitive information like HIV status with advertisers", Case said in the statement. A potential data breach means users could be individually identified based on any information they gave to Grindr, and with multiple companies owning details on users' profiles, that means there's a higher risk for Grindr users to end up being identified without their consent.

The company claims the contracts with the 2 companies are both standard practice and secure.

However, the firm says that users should be aware that any information they share on their profile will be made public which includes HIV status.

Finally, after coming under fire by users and advocacy groups, the app announced late Monday night that it had ceased sharing its users' HIV status with these third-party companies. In the dating app, the users are given an option to fill or skip HIV related information.

More: Is Eminem really on dating apps Tinder and Grindr? That flaw also allowed users access to others' location data, which NBC News reported could "lead to increased harassment - especially in places where homosexuality is criminalized." .

Still, Case defended the data sharing, arguing in the statement that it "is standard industry practice for rolling out and debugging software".

"It is up to each customer to determine what information they send to Localytics, and Localytics processes that data exclusively for the customer's use", he wrote.

But despite the sensitive information at stake, Grindr is playing down the concerns. When working with these platforms, we restrict information shared except as necessary or appropriate.

Grindr's privacy policy does state that a person's information can be shared for the objective of improving the service.

Like this: