WSJ: Grindr Sold Precise Location Data of Its Users
Grindr is the most popular dating app focused on gay, bisexual, trans, and queer people. It has over three million daily users.
Popular gay dating app Grindr sold the location data of millions of users since 2017, possibly outing a Catholic priest in the process.
According to The Wall Street Journal, Grindr sold personal data
of its users, including their precise location, IP addresses, who they dated, where they work and live, and where they go on their own time. While Grindr changed its data collection policies in 2020, the historical data gathered before then may still be available.
While Grindr did not provide personal information such as names and home addresses, this information can easily be gleaned by location data, especially when used by someone wanting to identify a specific user. If a nefarious actor knows where a user is in real life, or their daily schedule, they can match that up with a cell phone IP that follows the same pattern and literally track everywhere it goes, from work, to home, to play.
That is possibly what happened
to a Wisconsin based Catholic priest who resigned from his position as a top administrator for the US Conference of Catholic Bishops (USCCB) after Catholic news site Pillar outed his usage of the Grindr app last year. Pillar claimed the data it used in its report were “commercially available” and showed that the priest used Grindr on a “near daily” basis, including at his USCCB office, home, during USCCB meetings, and while at USCCB events.
Grindr denied at the time that the data came from their app, saying it was “infeasible from a technical standpoint”. However, Grindr changed its data collection policies in 2020 after a Norwegian consumer group report accused the app, along with dating apps OkCupid and Tinder, of violating European privacy laws. Pillar claimed the data it used came from 2018 to 2020, before Grindr changed its policy. Twitter also suspended Grindr from using its advertising platform following the Norwegian consumer group’s report.
Grindr users share their location with the app in order to be matched up with other local users. Prior to 2020, Grindr shared that data with “hyperlocal” businesses, like bars and restaurants. But that data was also made available to thousands of potential buyers through third party advertising networks.
The app has since restricted how much data it shares with its advertising partners. In a blog post penned by VP of Communications Patrick Lenihan in response to The Wall Street Journal’s report, Grindr called it “old news” and accused the newspaper of using “scare tactics in a ploy for clicks”.
“Since early 2020, Grindr has shared less information with ad partners than any of the big tech platforms and most of our competitors, restricting the information we share to IP address, advertising ID, and the basic information necessary to support ad delivery”, Lenihan says in the post. “Grindr does not share users’ precise location, we do not share user profile information, and we do not share even industry standard data like age or gender”.
The post goes on to say that Grindr’s new ad policy hurts the app’s revenue, but that it is important to protect users because “the issues threatening the LGBTQ+ community are real – issues like homophobia, prejudice, and state sponsored surveillance and violence, among others”.