The gay hookup app Grindr, which has more than 3.6 million daily active users across the world, has been providing its users’ HIV status to two other companies, BuzzFeed News has learned.
The two companies — Apptimize and Localytics, which help optimize apps — receive some of the information that Grindr users choose to include in their profiles, including their HIV status and “last tested date.”
Because the HIV information is sent together with users’ GPS data, phone ID, and email, it could identify specific users and their HIV status, according to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF, which first identified the issue.
“The HIV status is linked to all the other information. That’s the main issue,” Pultier told BuzzFeed News. “I think this is the incompetence of some developers that just send everything, including HIV status.”
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months.
But the new analysis, confirmed by cybersecurity experts who analyzed SINTEF’s data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users’ privacy.
………
Gee, you think?
“To then have that data shared with third parties that you weren’t explicitly notified about, and having that possibly threaten your health or safety — that is an extremely, extremely egregious breach of basic standards that we wouldn’t expect from a company that likes to brand itself as a supporter of the queer community.”
Yeah pretty much.
If you know anyone who used Grindr, you should warn them.