Grindr will no longer share users’ HIV statuses with third parities after BuzzFeed reported the popular dating app shared sensitive information with two outside vendors.
Grindr’s vendors — Apptimize and Localytics, two companies that help optimize apps — were able to access HIV statutes, along with GPS data, phone numbers, and email addresses, BuzzFeed first reported on Monday. Altogether, these businesses got private health information.
Grindr, which has more than 3 million users, said it will stop sharing information with Localytics “based on the reaction — a misunderstanding of technology — to allay people’s fears.” The app’s chief security officer, Bryce Case, also told BuzzFeed News that Grindr stopped sharing info with Apptimize last week after it rolled out a new opt-in feature, which reminds users about HIV testings.
The dating app currently allows users to list their HIV status (listing positive, negative, or receiving treatment) and their last test date as a means to inform potential intimate partners.
Scott Chen, Grindr’s chief technology officer, told the Los Angeles Times that when personal information is shared, it “is always transmitted securely with encryption, and there are data retention policies in place to further protect our users’ privacy from disclosure.”
Still, Grindr’s information sharing could have had major public health and safety ramifications, especially due to the stigma around HIV.
“Discrimination and stigmatization based on HIV status is a very real issue for those who are HIV-positive, and this breach of confidentially can only worsen this problem,” Lina Rosengren-Hovee, who’s studied HIV self-testing interventions using social networking mobile apps, told Vox.
The BuzzFeed report came at a time when anxieties over data sharing are high and questions over how third parities can misappropriate collected information, as was the case in a recent New York Times report about the political consulting firm Cambridge Analytica. Hired by the Trump campaign, the firm harvested unauthorized data from more than 50 million Facebook users in order to sway voter opinion.
Despite the policy change, Grindr contends it did nothing wrong. By comparing the situation with Facebook and Cambridge Analytica, Case said it’s “[conflating] an issue and trying to put us in the same camp where we really don’t belong.”
Although Grindr said it would no longer share the data with outside companies, it would not confirm whether it would retroactively delete user data it shared with Localytics.
“I don’t have an answer for you at this time. It is something we can look into,” Case said.
Localytics did say in a statement on Monday it does not share Grindr information with third parities.