LGBTQ networking app Grindr has stopped sharing the HIV status of its users with third-parties, the company’s head of security has confirmed.
Nonprofit group SINTEF revealed last week that Grindr had been sharing this information with split testing tool Apptimize and app analytics tool Localytics.
However, the company decided late on Monday to stop sending HIV information to these tools. Grindr has since removed this data from Apptimize and will also soon removed it from Localytics.
Despite caving in to the pressure, Bryce Case, Grindr’s security chief, has defended the company’s data-sharing practices.
Case believes that the Cambridge Analytica scandal has caused people to overreact to the situation. The consulting firm gained access to the profile information of more than 50 million Facebook users.
Speaking to Axios, Case argued that there is a difference between a “software platform we use for debugging and optimisation purposes” and “a form that’s trying to sway elections”.
Information shared with these two platforms includes precise GPS location, gender, HIV status, last tested date, age, preferred body types, sexual preferences, relationship status and account activity. As well as Apptimize and Localytics, Grindr also shares user data with nine other companies.
However, Grindr chief tech officer Scott Chen has insisted that they have never sold identifiable user information, including HIV status, to third parties or advertisers.
HIV status is an optional field on the app. Grindr doesn’t require its 3.6 million daily active users to provide this information to sign up.
What was said:
“I understand the news cycle right now is very focused on these issues, I think what’s happened to Grindr is, unfairly, we’ve been singled out.”
Referring to the Cambridge Analytica scandal, Case said:
“It’s conflating an issue and trying to put us in the same camp where we really don’t belong.”
Antoine Pultier, one of the researchers that unearthed Grindr’s data sharing practices, said:
“The HIV status is linked to all other information. That’s the main issue. I think this is the incompetence of some developers that just send everything, including HIV status.”
Why it matters:
Grindr users are concerned that the app is sharing this information along with identifiable data. Grindr was provide a user’s HIV status alongside their GPS data, phone number and email address.
The report states that the data provides an idea of what a Grindr user looks like, what they do and where they go.
According to SINTEF, this data isn’t always encrypted. This lack of security makes it easier for hackers to breach these third-party services and potentially steal sensitive information. This could put the safety of Grindr users at risk.