Some of the most popular dating services may be violating GDPR or other privacy laws.
Unbeknownst to their users, several popular dating apps, including Tinder, OkCupid and Grindr, share detailed personal data on their users with third parties for advertising purposes, a study conducted by the Norwegian Consumer Council has found.
The details spanned the gamut and included location, age, gender, as well as, in some cases, sexual orientation, drug use, and religious and political views. Some of the information-harvesting habits violated the European Union’s General Data Protection Regulation (GDPR), said the consumer group. The study examined a total of 10 apps, including popular menstrual health apps such as Clue and MyDays.
All the apps were recorded transmitting user data to at least 135 different third parties. Combining the Android advertising ID, which was transferred to at least 70 different third parties, and various other trackable identifiers allows them to create a fairly comprehensive profile of individual users.
This isn’t the first time that dating apps have been caught red-handed passing on sensitive user data to third parties. Grindr was caught revealing its users’ HIV status to third-party companies two years ago. Tinder, for its part, gave away the exact locations of users to other users with an accuracy of around one hundred feet. In the new study, Tinder’s sister company OkCupid has been caught sharing highly personal data such as sexuality, political views and drug use with third parties.
And that is the heart of the matter here. According to the study, the ways in which consumers are informed (or not) on how their data is handled and on the processing of the data itself may be in violation of the GDPR or other privacy laws that are designed to safeguard their privacy. Online privacy has become a hot topic over the past few years and European consumers are steadily becoming more aware of their rights. Which means they are more likely to scrutinize who and what they give their consent to.