Grindr is being sued. The LGBTQ+ dating app is accused of sharing its users’ medical data with advertisers. This data includes their HIV status.
UK law firm Austen Hays filed the claim at London’s High Court yesterday. The class action lawsuit represents hundreds of users of the app.
Austen Hays claims that US-based Grindr breached UK data protection law by selling sensitive data to third parties without users’ consent. Aside from medical facts, this includes info about people’s ethnicity, sex life, and sexual orientation.
“Our clients have experienced significant distress over their highly sensitive and private information being shared without their consent, and many have suffered feelings of fear, embarrassment and anxiety as a result,” said Chaya Hanoomanjee, Austen Hays’s managing director and the lawyer leading the claim.
Grindr allegedly sold this information to advertising companies including Localytics and Apptimize. These third parties either used the data for their own targeted advertising or sold it to a fourth party. The lawsuit also suggests that these companies kept some of the shared data for themselves.
“Grindr has never shared user-reported health information for ‘commercial purposes’ and has never monetised such information,” said a Grindr spokesperson in a statement.
Could affect thousands of Grindr users
So far, 670 present or former Grindr users have joined the suit. Austen Hays said thousands more people across the UK may have been affected.
“Grindr users who think they may be affected by this breach should join the claim so that we can seek redress for them,” said Hanoomanjee. Austen Hays believes some users could be entitled to thousands of pounds in compensation.
The lawsuit alleges the data breaches occurred mainly before April 2018 and between May 2018 and April 2020, “although they may extend to further periods,” said the law firm.
Grindr was founded in 2009 to make it easier for gay men to meet up. It has since grown into the world’s largest dating app for the LGBTQ+ community.
“We are committed to protecting our users’ data and complying with all applicable data privacy regulations, including in the UK,” said the Grindr spokesperson.
In 2021, Norway fined Grindr €6mn for failing to comply with the GDPR, Europe’s data privacy law. The Nordic country upheld the decision last year. However, Grindr appealed against it.
Get the TNW newsletter
Get the most important tech news in your inbox each week.