Grindr users were in for a nasty surprise when BuzzFeed News and SINTEF revealed that the dating app was sharing highly sensitive information about them with third-party apps, without the users’ explicit consent. The information that was shared included HIV status, last date of testing, along with identifying information about the phone, email, and GPS data.
Grindr Reportedly Sharing the HIV Status of Its Users With Other Companies According to Buzzfeed News, the dating app for gay men has been sharing the private information with Apptimize and Localytics, two companies that help to optimize apps. SINTEF, a Norwegian nonprofit and research organization, was the first to notice that users' HIV status was being shared. Antoine Pultier, a researcher at SINTEF, says that HIV information is bundled up and sent together with users' GPS data, phone ID and email. The HIV status is linked to all the other information. That’s the main issue. I think this is the incompetence of some developers that just send everything, including HIV status. Grindr then responded to the report, saying that the two companies help to make the app better and that the information is not sold elsewhere. Thousands of companies use these highly-regarded platforms. These are standard practices in the mobile app ecosystem. No Grindr user information is sold to third parties.
The gay hookup app Grindr, which has more than 3.6 million daily active users across the world, has been providing its users’ HIV status to two other companies, BuzzFeed News has learned.
The two companies — Apptimize and Localytics, which help optimize apps — receive some of the information that Grindr users choose to include in their profiles, including their HIV status and “last tested date.”
Because the HIV information is sent together with users’ GPS data, phone ID, and email, it could identify specific users and their HIV status, according to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF. (SINTEF was commissioned to produce the report by Swedish public broadcaster SVT, which first publicized the findings.)
“The HIV status is linked to all the other information. That’s the main issue,” Pultier told BuzzFeed News. “I think this is the incompetence of some developers that just send everything, including HIV status.”
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months.
The companies that used the sensitive information from Grindr are Apptimize and Localytics. These companies optimize apps and have impressive reviews or well-known clients. Peter Gray from the Wall Street Journal even said that Apptimize helps them “collect actionable data.” Meanwhile, Localytics offers “Advanced Targeting” services, which gives companies access to “all the data in [their] platform.” It’s unknown what data these companies actually have access to, but if Grindr’s data sharing is any indication, they may have huge amounts of sensitive information, not just from Grindr but other companies too.
The new analysis, confirmed by cybersecurity experts who analyzed SINTEF’s data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users’ privacy.