- Animator for Netflix’s ‘Carmen Sandiego’ says he was fired after asking for fair pay Sunday 3:17 PM
- YouTube reverses decision to remove creators’ badges Sunday 1:47 PM
- How video game developer Valve got served secret subpoena as part of FBI’s counterterrorism fight Sunday 12:31 PM
- Aron Eisenberg, ‘Star Trek: Deep Space Nine’ actor, dead at 50 Sunday 11:35 AM
- Who needs glass slippers? This Cinderella cosplayer upgraded with a stunning glass arm Sunday 10:19 AM
- How to check if Yahoo owes you $358 Sunday 9:25 AM
- How to stream Bears vs. Redskins on Monday Night Football Sunday 7:00 AM
- What are the best alternatives to the electoral college? Sunday 6:30 AM
- The best PS4 games you can’t play anywhere else Sunday 6:00 AM
- How to watch the 2019 Emmy Awards Sunday 5:00 AM
- How to stream ‘Power’ season 6, episode 5 Sunday 4:00 AM
- Former developer at software company deletes his code to protest its ties to ICE Saturday 4:21 PM
- A mysterious website is doxing Hong Kong protesters and journalists Saturday 1:44 PM
- The best ‘Skyrim’ followers and how to get them Saturday 1:26 PM
- Why Joel Osteen gets cyberbullied every time Houston floods Saturday 12:40 PM
Users who include their HIV status in their Grindr profile may not have control of who sees their diagnosis outside the platform.
BuzzFeed News reports that Grindr has been sharing data on its users’ HIV status and testing date with two companies, Apptimize and Localytics. The former helps improve users’ experiences while using apps, while the latter is primarily engaged in app optimization and analytics overviews.
Antoine Pultier, a researcher with Norwegian independent research company SINTEF, warns data on users’ HIV testing date and status are sent together alongside other identifying information, such as a user’s GPS location and email. That means HIV-positive users on Grindr could be identified and outed in a potential data breach.
“The HIV status is linked to all the other information. That’s the main issue,” Pultier said to BuzzFeed News. “I think this is the incompetence of some developers that just send everything, including HIV status.”
According to the same data analysis, Grindr is also sharing users' GPS data, tribe, sexuality, relationship status, ethnicity, and phone ID to other third-party advertising companies — sometimes via plain text https://t.co/LedzsiyQox— shannon keating (@__keating) April 2, 2018
as several privacy advocates pointed out, this is all troubling for an app that is used by 3.6 million active daily users who, in many places, could be in physical danger for using the app in the first place/ being gay/ being HIV positive https://t.co/0DvdwLc7At— Azeen Ghorayshi (@azeen) April 2, 2018
A report from SINTEF published on GitHub, which was later verified by BuzzFeed News, further identifies privacy concerns found throughout the service. While the study claims that a user’s HIV status and testing date are securely sent via HTTPS to Apptimize and Localytics, SINTEF reportedly found users’ gender, GPS location, age, Phone ID, Advertising ID, and various other identifying details are sent off to third-parties under “unsafe HTTP and HTTPS.” This means some data is sent to third-party companies under plain text, BuzzFeed News reports, which is much easier to obtain and read due to its unencrypted nature.
“It allows anybody who is running the network or who can monitor the network—such as a hacker or a criminal with a little bit of tech knowledge, or your ISP or your government—to see what your location is,” Electronic Frontier Foundation’s Cooper Quintin told BuzzFeed News.
LGBTQ activists, meanwhile, are outraged by Grindr’s handle on users’ profile information. A potential data breach means users could be individually identified based on any information they gave to Grindr, and with multiple companies owning details on users’ profiles, that means there’s a higher risk for Grindr users to end up being identified without their consent.
“Grindr is a relatively unique place for openness about HIV status,” James Krellenstein of AIDS advocacy group ACT UP told BuzzFeed News. “To then have that data shared with third parties that you weren’t explicitly notified about, and having that possibly threaten your health or safety—that is an extremely, extremely egregious breach of basic standards that we wouldn’t expect from a company that likes to brand itself as a supporter of the queer community.”
🗣 QUEERS LISTEN UP! This is important.— Lil Uzi Hurt (@lostblackboy) April 2, 2018
Grindr made a big deal of allowing people to add HIV status and previous testing dates to their profiles, but that info, along with personally identifying information, is being shared with two other “app optimization” companies. https://t.co/A2d8QljVtl
Oh you have got to be fucking kidding me. There is no fucking excuse for this. https://t.co/Tg4sUgOLfn— Sarah Jamie Lewis (@SarahJamieLewis) April 2, 2018
Despite all the positive work that Grindr has done recently with Article19, this sends a very strong message that their user's safety is not a priority 🙁 https://t.co/lmruRcJaKq— Norman (@NormanShamas) April 2, 2018
Grindr fucking sucks. Its toxic influence on gay interaction can hardly be overstated. The eternal search, the commodification and cookie cutter-ization of desire.— Johnny Ray Huston (@jrayhuston) April 2, 2018
Like Krellenstein, some are particularly upset because Grindr was designed by and for the queer community. It’s not like Elon Musk was running a gay dating app; gay users trusted their own to manage data properly.
Grindr's making it clear they're not here to protect our privacy or our safety.— Kian Vesteinsson (@kianvest) April 2, 2018
- They sell your HIV status data linked to your email & location (https://t.co/nHYNAh6zZZ)
- They transmit your location data without securing it, making it easy to access (https://t.co/9HAUfUHbmU) pic.twitter.com/sG4N8y0hzS
Like it should be fucking obvious, but if it isn't I compiled an entire book full of essays from queer people about how technology utterly fails to protect them and their threat models.https://t.co/U5ixKScGjV— Sarah Jamie Lewis (@SarahJamieLewis) April 2, 2018
yall yesterday: how grindr became a safe space for all queer people— z (@yakionline) April 2, 2018
me today: A data analysis conducted by an outside research firm shows that a popular gay dating app is sharing sensitive information about its users’ HIV status with two other companies.
The news follows Grindr rolling out an HIV testing reminder designed to hook up its users with nearby facilities to check their status. But with the dating app reportedly sharing users’ data with other companies, privacy concerns may lead users to pass on the opportunity.
Update 8:22pm CT, April 2: Grindr has said it’s no longer sharing users’ HIV status with third-party vendors, Axios reported Monday. Security chief Bryce Case emphasized that users’ most sensitive information was encrypted and not shared with advertisers, but that when users share information on their profile, it becomes publicly available.
Ana Valens is a reporter specializing in online queer communities, marginalized identities, and adult content creation. She is Daily Dot's Trans/Sex columnist. Her work has appeared at Vice, Vox, Truthout, Bitch Media, Kill Screen, Rolling Stone, and the Toast. She lives in Brooklyn, New York, and spends her free time developing queer adult games.