
The dating/hook-up app Grindr is sharing the HIV status of its roughly 3.6 million daily users with two other companies.
On the platform that caters largely to queer men, Grindr users can share what their status is using an āHIV statusā category where they can put if theyāre positive, negative, being treated, etc. Grindr has also long promoted sexual health, even recently implementing a feature that will regularly remind users to get tested for HIV.
But now Buzzfeed News reports that the Norwegian nonprofit SINTEF discovered that companies Apptimize and Localystics, which reportedly help optimize apps, were receiving usersā HIV status, along with other highly specific information like usersā GPS data, phone ID, sexuality, relationship status, and email address. And all of that information together, if leaked beyond these companies, could potentially endanger users if theyāre not fully out with their status.
āWhen you combine this with an app like Grindr that is primarily aimed at people who may be at risk ā especially depending on the country they live in or depending on how homophobic the local populace is ā this is an especially bad practice that can put their user safety at risk,ā Cooper Quintin, a senior staff technologist and security researcher at the Electronic Frontier Foundation, tells Buzzfeed.
While Grindrās chief technology officer defended the choice to use what he referred to as āhighly-regarded platforms,ā the data sharing still makes Grindr users vulnerable, especially data as sensitive as someoneās HIV status. And while users might feel comfortable sharing that specific information with Grindr, itās not clear enough in the appās privacy policy that their personal information could potentially be shared elsewhere.
Advertisement
Just a few days ago, NBC News reported that a security flaw in Grindr was revealed after a man named Trever Faden created a site in which users could see who blocked them on Grindr. After users entered their username and password, Faden gained a bunch of usersā data like unread messages, photos, and email addresses. Shortly after Faden exposed the security loophole, Grindr told NBC News it had changed its system to prevent that kind of access.