Norway fines Grindr dating app $ 11.7 million for privacy breach


LONDON (AP) – Gay dating app Grindr faces a fine of more than $ 10 million from Norwegian regulators for failing to obtain users’ consent before sharing their personal information with advertising agencies, in violation of the strict confidentiality rules of the European Union.

Norwegian data privacy watchdog said Tuesday that it notified Grindr LLC of its proposed decision to impose a fine of 100 million Norwegian kroner ($ 11.7 million), or 10% of the US company’s worldwide sales.

The Data Protection Authority took action following a complaint from the Norwegian Consumer Council alleging that personal data had been illegally shared for marketing purposes. The council detailed in a report last year how Grindr and other dating apps leaked personal information to ad technology companies for targeted ads in a way the council said violated strict EU GDPR privacy rules.

Norway is not a member of the EU but closely mirrors the bloc’s rules and regulations.

“The Norwegian data protection authority considers this to be a serious case,” said Managing Director Bjorn Erik Thon. “Users were not able to exercise real and effective control over the sharing of their data. “

The company has until February 15 to give its opinion, which the watchdog will take into account in its final decision.

Grindr said he was eager to have a “productive dialogue” with Norwegian regulators over the allegations, which he said date back to 2018 and do not reflect current privacy policy or practices.

The app’s privacy approach includes “detailed consent flows, transparency and control” provided to all users, the company said, adding that it had “retained valid legal consent” from all of its users. European users “repeatedly”.

“We are continually improving our privacy practices in light of changing privacy laws and regulations,” the company said in a statement.

The watchdog’s preliminary conclusion is that Grindr has shared user data with a number of third parties without a legal basis. The data included GPS location, user profile information as well as the fact that users are on Grindr, which could indicate their sexual orientation.

Sharing such information could put someone at risk of being targeted, authority said in his opinion to Grindr.

The fact that a person “is a Grindr user can lead to prejudice and discrimination even without revealing their specific sexual orientation,” he said.

The Data Protection Authority has said that the way Grindr asks users for permission to use their information goes against GDPR requirements for “valid consent.” Users were not given the option to opt out of sharing data with third parties and were forced to accept Grindr’s privacy policy in its entirety, he said, adding that users were not properly informed about data sharing.

The watchdog is still investigating five “ad technology” companies that received data from Grindr, including Twitter’s mobile application advertising platform, MoPub, which has more than 160 partners.

The Norwegian Consumer Council welcomed the fine.

“We hope this will be the starting point for many similar decisions against companies that engage in the buying and selling of personal data,” said group director of digital policy Finn Myrstad.

___

Jan M. Olsen in Copenhagen contributed to this report.

___

For all technical coverage of AP, visit https://apnews.com/hub/technology

___

Follow Kelvin Chan on https://www.twitter.com/chanman



Source link

Previous China proposes to teach boys about masculinity as state alarmed by changing gender roles
Next Illinois State Consultant Kam Buckner Arrested By Police After Leaving Retailer Whereas Carrying Face Masks

No Comment

Leave a reply

Your email address will not be published. Required fields are marked *