🎙️ Voice is AI-generated. Inconsistencies may occur.
A Norwegian data privacy watchdog agency fined dating app company Grindr $7.16 million on Wednesday for sharing sensitive personal user data with potential advertising partners without users' permission.
The disclosure of that data violates strict privacy rules from the European Union, and the Norwegian Data Protection Authority said that it issued its highest fine to date because of the breach.
Norway's Consumer Council filed a complaint in 2020 against the California-based company—which runs a dating app for gay, bisexual, transgender and queer people—for providing third parties with user information like GPS locations, addresses, ages, gender and app use.
Grindr users were not specifically asked whether they were okay with their data being sent to third parties "for behavioral advertisement" and "were forced to accept the privacy policy in its entirety to use the app."
Additionally, the watchdog said that the information regarding the data sharing with third parties "was not properly communicated to users," going against EU stipulations for "valid consent." That information allowed app users to be identified and could potentially be shared further by third parties.
The agency said that because data about a person's sexual orientation is part of a special category privy to a certain type of protection under the EU regulation, the data disclosure was especially intrusive, the BBC reported.
Grindr said the agency's findings related to consent policies from years ago, not its current practices, and that it is considering its next steps, including an appeal.
The data watchdog "relies on a series of flawed findings, introduces many untested legal perspectives, and the proposed fine is therefore still entirely out of proportion with those flawed findings," said Grindr's chief privacy officer, Shane Wiley.
The Consumer Council's director of digital policy, Finn Myrstad, said the decision by the Data Protection Authority "sends a strong signal to all companies involved in commercial surveillance."
Ala Krinickyte with the nonprofit European Center for Digital Rights said "it is astonishing that the DPA has to convince Grindr that its users are LGBT+ and that this fact is not a commodity to be bartered."
Grindr said in a statement that "protecting users' interests and ensuring that we put them in control of their personal data have always been our top priorities."
"We have also been proactive in adopting industry-leading privacy positions and tools, like detailed consent flows, granular user privacy controls, and 'just-in-time' app notifications," Wiley said.
The Associated Press contributed to this report.
About the writer
Zoe Strozewski is a Newsweek reporter based in New Jersey. Her focus is reporting on U.S. and global politics. Zoe ... Read more