Grindr is involved in privacy policy for sharing user data. The flirting app for the LGBT audience is accused of providing information on more than three million profiles to two partner companies. Location, phone number and even the HIV status shared by users were accessed. Another recent case of a lack of Internet security between Facebook and Cambridge Analytica.
The discovery was made by Norwegian NGO Sintef and released by Buzzfeed News earlier this week. After the negative repercussion, the app reported that it will no longer provide users' HIV status to other companies.
10 most dangerous virtual threats of 2017
Grindr dating app aimed at LGBT audiences Photo: Divulgao / Grindr
Grindr dating app aimed at LGBT audiences Photo: Divulgao / Grindr
Grindr allows you to publish information related to sexually transmitted disease, such as the last time the test was done and whether the user is HIV-positive or not, if the user wants to. This way, this information is available to be viewed by all participants of the application.
The problem is that the data was not restricted only within the app, but was also shared with third parties. Grindr sent two data monitoring companies, Apptimize and Localytics, a series of information, such as phone, email, location and the users' HIV status.
All the material was sent together, a practice condemned by experts in digital security. A hacker, when hacking into the company's servers, could locate a specific person when crossing the information.
The application defends itself by saying that the information was not used for advertising or other commercial purposes. At the time, according to Grindr, partner companies performed data analysis to help develop new functions, a common practice in the industry.
These suppliers are under strict contractual conditions that provide the highest level of user confidentiality, data security and privacy, explains Scott Chen, CTO of Grindr, in a post on the company's official blog. This information is always transmitted with encryption, he says.
In addition, Grindr points out that, when providing HIV status, the user makes the information public and allows the use in accordance with the privacy policy of the application. After the repercussion, the flirting app decided not to share this data with third parties. The resource was used to adjust the implementation of a tool that reminds users to take the AIDS test every three or six months.
With information from The Guardian, BuzzFeed News (1 and 2) and Digital Trends
