The Norwegian Consumer Council is considering reporting the dating app Grindr, which by its own admission, has millions of users across the world, after reporting personal data handling violations, national broadcaster NRK reported.
An investigation carried out in collaboration between national Swedish broadcaster SVT and the Norwegian research institute SINTEF, presenting itself as "Scandinavia's largest independent research company," found out that the sensitive data the users submit about themselves, including age, sexual preferences, gender and, most importantly, HIV status, is being transmitted unencrypted. Therefore, the deeply personal information can be easily accessed by computer buffs.
Additionally, the information about the users HIV status is being shared with an external company headquartered in the United States. At present, common EU legislation imposes requirements about the protection of and handling of personal data once it is moved outside of Europe.
"Our interpretation is that Grindr is breaking the law. For example, adequate consent is not being obtained," Gro Mette Moen of the Norwegian Consumer Council told NRK.
According to Moen, sensitive information such as medical issues, HIV status and sexual preferences ought to have better protection than Grindr currently provides.
READ MORE: 'New Generation' Norwegian Boys 'Don't Dare to Go Out Without Viagra'
The Swedish National Association for Gay, Bisexual, Transgender and Queer Rights (RFSL) concurred, saying that sensitive information concerning one's sexual orientation and HIV status should never be shared and demanded explanations from Grindr. RFSL acting chairman Magnus Kolsjö argued that such a policy was remarkable.
"There is no need to share very sensitive information such as sexual orientation, gender identity and HIV status. I think that is irresponsible," Kolsjö told SVT.
According to Kolsjö, this information is especially sensitive, as revealing one's sexual orientation may pose a safety hazard in some parts of the world.
"Sending personal data unencrypted is always a security risk, but it's about where this information takes the road. I believe Grindr has an obligation to report how they handle their users' personal data," Kolsjö said.
READ MORE: Swedish University 'Sorry' Over 'Sexist' Textbook Featuring HIV, Dwarfs
Beginning in May this year, a new law will begin to apply throughout the EU with the idea of strengthening the rights of the individual. Among other things, personal data such as a person's sexual preferences and orientation will be provided better protection.
Grindr is often marketed as the "gay Tinder" and is primarily designed for members of the LGBT community. According to its own information, it has millions of users around the world and has previously won awards for its safety work.