Twitter, Grindr & More Apps Accused of ‘Out of Control’ Data Mishandling
Grindr, a popular dating app, as well as a Twitter-owned advertising technology firm are facing sharp criticism after being accused of ‘unlawfully sharing users’ data’, according to a report from BBC News.
As part of a wider investigation into the misuse of consumer data, the Norweigan Consumer Council (NCC) is continuing to dig into both the advertising industry and apps that conduct advanced profiling of their customers, for re-sale later on.
More specifically, the NCC is investigating the possibility that the companies are in violation of the General Data Protection Regulation (GDPR), standing accused of sharing location, age, gender and sexuality data with advertisers for a profit. The companies mentioned in the complaint are Twitter’s MoPub, ATT’s AppNexus, OpenX, AdColony and Smaato.
“The extent of tracking makes it impossible for us to make informed choices about how our personal data is collected, shared and used. Consequently, this massive commercial surveillance is systematically at odds with our fundamental human rights.”
“Along with four other ad-tech companies, they have huge fines if found to be in breach of the EU data laws,” the BBC is writing. “Grindr has yet to respond but Twitter said it had temporarily disabled the relevant account.”
Twitter told the BBC in a statement that “we are currently investigating the issue to understand the sufficiency of Grindr’s consent mechanism. In the meantime, we have disabled Grindr’s MoPub account.”
If found guilty, GDPR regulations, a company in violation of illegally sharing the data of its users face a potential fine of 4% of their global turnover. The BBC is writing that “advertising-tech companies gather information about users’ interests, habits and behaviour every time they use certain apps on their smartphones. The information is then used to create comprehensive profiles that can be used for targeted advertising.”
The NCC argues, however, that the companies have acted to facilitate commercial surveillance, by which they are obliged to request the consent of their data to be used in such a way. The GDPR says that any data gathered in this fashion must be accompanied by a statement of ‘informed consent’; the NCC is arguing however that the companies bypassed this with “incomprehensible” privacy policies with a “questionable legal basis.”
Finn Myrstad, director of digital policy in the Norweigan Consumer Council said that “these practices are out of control and are rife with privacy violations and breaches of European law.”
The BBC’s report also quotes Max Schrems, a lawyer and founder of the European Centre for Digital Rights who worked alongside the NCC on the complaints. Schrems said that “every time you open an app like Grindr, advertisement networks get your GPS location, device identifiers and even the fact that you use a gay dating app.”
“This is an insane violation of users’ EU privacy rights,” he added.
“The extent of tracking makes it impossible for us to make informed choices about how our personal data is collected, shared and used. Consequently, this massive commercial surveillance is systematically at odds with our fundamental human rights,” Myrstad concluded.
AdColony responded to the BBC, stating that “it respects the privacy of individuals around the globe and their desire to exercise their privacy rights.”
“We are currently reviewing the entirety of the report from the Norweigan Consumer Council and we have already begun an internal investigation. In the meantime, we have blocked all Grindr traffic to our platform until further notice,” the company said.