Grindr defends HIV-related data sharing
Grindr to stop sharing HIV status of users with outside companies
by Heather Kelly April 2, 2018: 9:11 PM ET
Grindr Is Letting Other Companies See User HIV Status And Location Data
The gay dating app Grindr says it will stop sharing the HIV status of its users with other companies.
Grindr made the decision late Monday after first defending the practice, which involved sending user profile information - including HIV status and test dates - to two companies called Apptimize and Localytics. They test the performance of Grindr's products.
The news that Grindr would stop sharing HIV information was first reported by Axios and later confirmed by CNNMoney. The company also told CNNMoney that it has already deleted HIV data from Apptimize, and is in the process of removing it from Localytics.
Grindr said earlier Monday that the HIV data is not sold to third parties or used to target advertisers, and Localytics said that it does not share the information it receives from customers like Grindr. Apptimize did not respond to a request for comment.
The data sharing was discovered by researchers at the Norwegian nonprofit group SINTEF. Buzzfeed was the first to report about it Monday.
Grindr has more than 3.5 million users who check the service daily. Individual profiles, which are visible to other people using the app, can include a large amount of personal information.
HIV status is an optional field on the dating app that users can choose to fill out or skip. According to SINTEF's research, data included in that field was being sent to Apptimize and Localytics, though it was encrypted.
The two companies were also receiving other, less-sensitive data - including location, gender, age and physical type - though that data was not always encrypted, according to SINTEF. Third-party advertisers were receiving some of that data, too, the nonprofit said.
Related: A long awaited privacy awakening is here
Although Grindr later confirmed that it would stop sharing the HIV data, it at first defended its practices in a statement released Monday afternoon.
"The inclusion of HIV status information within our platform is always regarded carefully with our users' privacy in mind, but like any other mobile app company, we too must operate with industry standard practices to help make sure Grindr continues to improve for our community," said Grindr's chief technology officer Scott Chen.
He added, though, that the app is still a public forum.
Localytics, meanwhile, said that it does not "automatically" collect a Grindr user's personal information. The app-marketing company added that all the data it does receive is stored securely in accordance with industry standards.
The news comes one week after Grindr announced a new feature that would encourage users to get tested regularly for HIV. The opt-in feature was lauded by some HIV health experts at the time, including Professor Perry Halkitis, dean of Rutgers University School of Public Health.
"I was thrilled when they were doing that," Halkitis said Monday. "This absolutely dampens my enthusiasm."
Halkitis works with similar data in his research. He said that he uses strict safeguards to prevent it from falling into the wrong hands. For example, he does not transfer the data electronically.
He added that HIV status can be used to discriminate against people in the workplace, at school, for housing and in health care.
Gay dating app Grindr scorched for handling of HIV data
Gay dating app Grindr is under fire for sharing information about users' HIV status or locations with two companies enlisted to optimize its software.
Grindr chief technology officer Scott Chen said in a post online that sharing data with partners such as Apptimize and Localytics was "industry practice" and that steps were taken to protect people's privacy.
"As a company that serves the LGBTQ community, we understand the sensitivities around HIV status disclosure," Chen said.
"Our goal is and always has been to support the health and safety of our users worldwide."
Grindr users have the option of sharing their HIV status and when they were most recently tested.
Researchers worried that including the health information with other data such as location and email address could result in people being identified.
Online rights champion Electric Frontier Foundation called Grindr's response "disappointing."
The Los Angeles-based company said that it uses Apptimize and Localytics to test and validate its platform, and that data it shares with them could include users' HIV status or location fields.
Sensitive data is encrypted when sent, and vendors are under strict contractual terms to keep it secure and confidential, according to Chen.
Norwegian nonprofit research group SINTEF uncovered the data sharing, and concern spread in the US after Buzzfeed reported the findings.
"Grindr has never, nor will we ever sell personally identifiable user information - especially information regarding HIV status or last test date - to third parties or advertisers," Chen said.
He noted though that Grindr is a public platform, and that should be kept in mind when deciding what to put in profiles.
News website Axios reported that Grindr's security chief said the company has stopped sharing users' HIV status with its third-party vendors.
"You guys should just close up now," read one of the few comments in an online chat forum under the Grindr post at Tumblr.
"No one cares about your efforts or industry standards. You betrayed the LGBT community in more than just the one way."
Grindr Is Letting Other Companies See User HIV Status And Location Data
A data analysis conducted by an outside research firm, and independently verified by BuzzFeed News, shows that a popular gay dating app is sharing its users' HIV status with two other companies. (Update: Late on Monday Grindr said it would stop sharing this information.)
Originally posted on April 2, 2018, at 11:45 a.m.
Updated on April 2, 2018, at 11:13 p.m.
(Update: Late on Monday Grindr said it would stop sharing HIV status information with other companies.)
The gay hookup app Grindr, which has more than 3.6 million daily active users across the world, has been providing its users' HIV status to two other companies, BuzzFeed News has learned.
The two companies - Apptimize and Localytics, which help optimize apps - receive some of the information that Grindr users choose to include in their profiles, including their HIV status and "last tested date."
Because the HIV information is sent together with users' GPS data, phone ID, and email, it could identify specific users and their HIV status, according to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF, which first identified the issue.
"The HIV status is linked to all the other information. That's the main issue," Pultier told BuzzFeed News. "I think this is the incompetence of some developers that just send everything, including HIV status."
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months.
But the new analysis, confirmed by cybersecurity experts who analyzed SINTEF's data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users' privacy.
"That is an extremely, extremely egregious breach of basic standards that we wouldn't expect from a company that likes to brand itself as a supporter of the queer community."
"Grindr is a relatively unique place for openness about HIV status," James Krellenstein, a member of AIDS advocacy group ACT UP New York, told BuzzFeed News.
"To then have that data shared with third parties that you weren't explicitly notified about, and having that possibly threaten your health or safety - that is an extremely, extremely egregious breach of basic standards that we wouldn't expect from a company that likes to brand itself as a supporter of the queer community."
SINTEF's analysis also showed that Grindr was sharing its users' precise GPS position, "tribe" (meaning what gay subculture they identify with), sexuality, relationship status, ethnicity, and phone ID to other third-party advertising companies. And this information, unlike the HIV data, was sometimes shared via "plain text," which can be easily hacked.
"It allows anybody who is running the network or who can monitor the network - such as a hacker or a criminal with a little bit of tech knowledge, or your ISP or your government - to see what your location is," Cooper Quintin, senior staff technologist and security researcher at the Electronic Frontier Foundation, told BuzzFeed News.
"When you combine this with an app like Grindr that is primarily aimed at people who may be at risk - especially depending on the country they live in or depending on how homophobic the local populace is - this is an especially bad practice that can put their user safety at risk," Quintin added.
Grindr said that the services they get from Apptimize and Localytics help make the app better.
"Thousands of companies use these highly-regarded platforms. These are standard practices in the mobile app ecosystem," Grindr Chief Technology Officer Scott Chen told BuzzFeed News in a statement. "No Grindr user information is sold to third parties. We pay these software vendors to utilize their services."
Apptimize and Localytics did not respond to requests for comment. Chen said that these companies will not share users' data: "The limited information shared with these platforms is done under strict contractual terms that provide for the highest level of confidentiality, data security, and user privacy."
Even so, security experts say, any arrangement with third parties makes sensitive information more vulnerable.
"Even if Grindr has a good contract with the third parties saying they can't do anything with that info, that's still another place that that highly sensitive health information is located," Quintin said. "If somebody with malicious intent wanted to get that information, now instead of there being one place for that - which is Grindr - there are three places for that information to potentially become public."
Under the app's "HIV status" category, users can choose from a variety of statuses, which include whether the user is positive, positive and on HIV treatment, negative, or negative and on PrEP, the once-daily pill shown to effectively prevent contracting HIV. (The app also links to a sexual health FAQ about HIV and how to get PrEP.)
But just because users are comfortable sharing personal information in their profile or chats doesn't mean they want it being shared more broadly.
"Some people's jobs may be in jeopardy if the wrong people find out about their status - or maybe they have difficult family situations," said Chris Taylor of Seattle, who uses Grindr but no longer displays his HIV positive status on his profile. It's "disconcerting," he said, that Grindr is sharing this information with other companies. "It can put people in danger, and it feels like an invasion of privacy."
But the average person may not know or understand what they've agreed to in the fine print. Some experts argue that Grindr should be more specific in its user agreements about how it's using their data.
"What the law regards as informed consent is in almost all instances uninformed consent," Ben Wizner, director of the ACLU Speech, Privacy, and Technology Project, told BuzzFeed News.
"I hope that one small silver lining here will be that users and citizens will realize that there are enormous loopholes in the privacy regime," he said, "and that personal information is bought and sold freely on a global market."