Grindr Says It'll Stop Sharing HIV Status With Third Parties

Grindr Says It'll Stop Sharing HIV Status With Third Parties

Bryce Case, Grindr's security chief, said Grindr's data sharing was misunderstood. It's fair to say, however, that the users would not have been expecting such sensitive facts to be shared with other companies. Still, security experts and LGBT advocates told BuzzFeed the app should have been more clear on how it handles the data, especially since it affects an already-vulnerable community that's often victim of harassment.

As first reported BuzzFeed, following data analysis by Norwegian non-profit research organisation SINTEF, Grindr has been handing out HIV status and "last tested date" data to Apptimize and Localytics, which both help to optimise apps.

But the app has hit back at the criticism and said that its "industry standard use of third party partners" was only to "test and validate" its platform.

As well as HIV statuses, SINTEF found Grindr transmits a raft of other personal data points to third party ad firms - this time via unencrypted transmissions - namely: precise GPS position, gender, age, "tribe" (aka group-affiliation, e.g. trans, bear), intention (e.g. friends, relationship), ethnicity, relationship status, language and device characteristics. The difficulty with this argument is that Grindr didn't notify users how the data would specifically be shared with third parties. It is also used to power other features, such as reminders to be tested, and where to go.

"The Grindr response is exactly the same [as] the Happn response we got a few weeks ago", Pultier told Ars.

The two third-party companies involved are Localytics and Apptimize. They don't want to acknowledge the problem for obvious reasons.

LGBT dating app Grindr has apparently been sharing users' information with third parties, including users' Global Positioning System locations, HIV statuses, relationship statuses, sexuality, and gay subcultures a user might identify with, BuzzFeed News reports.

Grindr told BuzzFeed News that it was not selling the information, but using these software vendors to improve their application. It is now in the process of "winding down" work with Localtyics, according to the BBC.

It's this stage of the process that Grindr sends the details of their users' HIV status along with their health test dates, Global Positioning System location data, phone ID and e-mail.

"The limited information shared with these platforms is done under strict contractual terms that provide for the highest level of confidentiality, data security, and user privacy", he said.

In Grindr's defence, the app does let users specify their HIV status and the date of their last health check.

Bryan Dunn who is the vice president of product at Localytics responded in a statement to the matter, explaining that his firm doesn't "automatically collect" a user's personal information.

Although Grindr claims all the data shared via the app is secure and encrypted, SINTEF found that some of the less sensitive data like gender, location and physical type is not always under encryption. For example, a healthcare system needs access to my vital health records in order to administer the right treatment, but they don't need to own that data.