Grindr dating app to stop sharing HIV status with third parties
The sensitive information was included with other profile data and sent to app optimization companies.
The gay dating app Grindr will no longer share its users' HIV status with third-party companies, the company announced late Monday.
The announcement, first reported by Axios, comes after a BuzzFeed News report published earlier that day described how the app includes sensitive health information along with a person's GPS data, phone ID and email, and sends it to Apptimize and Localytics, both companies that optimize apps.
Grindr Head of Security Bryce Case said the information was shared was part of a "standard industry practice for rolling out and debugging software.
"In this case, Grindr was using Localytics as an independent check to ensure that our own internal systems were properly recording when users made changes to their profiles. If the numbers in Localytics didn't match the numbers in Grindr's own systems, then our engineers would know that something wasn't working correctly," Case said.
Case added that all HIV status data was encrypted as it was sent, and now that the testing has been completed the data has been removed from Apptimize. Grindr is now discussing the removal of the data from Localytics as well.
Norwegian internet research organization Sintef first pointed out the issue. It noted that some of the information (not including one's HIV status) was being shared in easily hackable plain text -- including a user's GPS location, gay subculture, sexuality, relationship status, ethnicity and phone ID.
Grindr Chief Technological Officer Scott Chen said in an emailed statement that the company understands the sensitivities around HIV status disclosure and does not sell personally identifiable user information to any third parties or advertisers.
"As an industry standard practice, Grindr does work with highly regarded vendors to test and optimize how we roll out our platform. These vendors are under strict contractual terms that provide for the highest level of confidentiality, data security and user privacy," Chen said.
He adds that while location data, HIV status fields and other features within Grindr are at times shared with these vendors, they are transmitted with encryption. Grindr's data retention policies further protect against the possibility of disclosure. Users also have the option to not disclose information like their HIV status, and Chen notes that choosing to place it in one's profile does make the information public.
Bryan Dunn, the VP of product at Localytics, said the information his company receives meets industry security standards and his company strictly controls all access to its production systems.
"Under no circumstances does Localytics automatically collect a user's personal information, nor do we require personal information in order for our customers to get the benefits from using our platform," Dunn said.
Grindr's privacy policy does state that a person's information can be shared for the purpose of improving the service. The report comes at a time, however, when the spread of personal data from social networks is being highly scrutinized.
Facebook is currently dealing with the fallout of data analytics firm Cambridge Analytica acquiring 50 million user profiles' worth of data from a service that wasn't authorized to share it. Facebook has apologized and vowed to change how companies collect data over the social network. This includes a tool Facebook revealed on Sunday that will require marketers to certify they received permission from users before using emails to target advertising.
Case said that Grindr's situation is much different from Facebook's, noting that the purpose was strictly for debugging the app.
"Grindr strongly encourages our users to take a rigorous approach when examining how and where their data is shared, but there is a major difference between a company like Grindr sharing encrypted data with a software vendor to debug its app, and having it harvested from an outside third party like Cambridge Analytica which is not what is happening here," Case said.
First published April 2, 12:53 p.m. PT.
Update, 2:03 p.m.: Adds comment from Grindr and Localytics.
Update, 10:14 p.m.: Adds Grindr's announcement it is no longer sharing HIV status data and comments from Grindr Head of Security Bryce Case.