Hundreds have joined a UK class action lawsuit against LGBTQ+ dating app Grindr, seeking damages over a historical case of the company allegedly forwarding users’ HIV status as well as other sensitive data to third-party advertisers.

This data included a user’s HIV status and their last test date, their sexual preferences, and their GPS location – all of which were added to public profiles by users and later gathered up by Grindr’s trackers.

The Norwegian Data Protection Authority (NO DPA) fined Grindr 65 million Norwegian kroner in 2020 ($5.9 million at today’s exchange rate) for violating GDPR’s consent rules. NO DPA’s case didn’t mention any violations regarding the sharing of HIV data or information about a user’s sexual preferences. However, it ruled that third parties had received a user’s GPS location, IP address, advertising ID, age, gender, and the fact that they used the app, and concluded that Grindr had disclosed user data to third parties “for behavioural advertisement without a legal basis.”

The Electronic Privacy Information Center (EPIC) said in October last year it was pushing for the FTC to probe the app maker after finding that it was retaining user data even after accounts were deleted – a practice Grindr’s privacy policy explicitly says it wouldn’t do.

  • AutoTL;DRB
    link
    English
    48 months ago

    This is the best summary I could come up with:


    Hundreds have joined a UK class action lawsuit against LGBTQ+ dating app Grindr, seeking damages over a historical case of the company allegedly forwarding users’ HIV status as well as other sensitive data to third-party advertisers.

    A total of 670 individuals have joined the class action, filed today in England’s High Court, and lawyers Austen Hays believe the number could rise into the thousands.

    The discovery that the data may have been shared with analytics firms led to heavy criticism of the app maker, which at the time didn’t apologize for its alleged role in the furor, but did alter its privacy policy soon after.

    Its then-CTO Scott Chen said Grindr would never sell the kind of sensitive data researchers specified to third parties, and reminded users that any information they themselves added to their profile would become public.

    In addition to the claim brought to Grindr in the UK, the company is also facing flak in the US, as recently as October 2023, again for alleged data protection failings.

    Chaya Hanoomanjee, managing director at Austen Hays and the lawyer leading the UK claim, said: "Our clients have experienced significant distress over their highly sensitive and private information being shared without their consent, and many have suffered feelings of fear, embarrassment, and anxiety as a result.


    The original article contains 848 words, the summary contains 216 words. Saved 75%. I’m a bot and I’m open source!