A Norwegian consumer group said its research found “serious privacy infringements” among popular dating apps and the advertising firms that buy their user data (at least one of which involves Twitter, their report found).
On Tuesday, the Norwegian Consumer Council published a collaborative report which found that dating apps such as Grindr, Tinder, and OkCupid may be leaking users’ personal data to advertising and marketing firms in violation of the European Union’s General Data Privacy Regulation (GDPR) rules, some of the strongest such laws ever enacted.
The report was written with help from researchers Wolfie Christl of Cracked Labs and Zach Edwards of Victory Medium, legal expertise from the privacy NGO noyb, and technical testing performed by Andreas Claesson and Tor E. Bjørstad of the cybersecurity company Mnemonic.
Overall, the government-funded nonprofit described the current data-sharing situation as “out of control” based on research it commissioned from Mnemonic, focusing on 10 popular Android apps, as the Associated Press reported Tuesday.
According to the council, those apps sent user data to at least 135 different advertisers or other third parties whose business involves behavioral profiling — in some or all cases, without giving users a viable way to opt out.
Among other things, the group wrote, “This audit showed how the Twitter-owned adtech company MoPub is acting as an advertising mediator in Grindr, facilitating transmissions containing personal data from Grindr to other adtech companies. These MoPub-mediated transmissions included the combination of the unique identifiers such as the Android Advertising ID and the IP address.”
The council also said it has filed formal complaints with Norway’s data protection authority against Grindr, the mobile advertising platform MoPub owned by Twitter, and four ad tech firms.
Grindr, Twitter, and Tindr were reached out to for comment.
Twitter told BBC News that it has disabled Grindr’s MoPub account “and is investigating the issue ‘to understand the sufficiency of Grindr’s consent mechanism.’”
According to the report:
None of the apps provided the information necessary for the consumer to make an informed choice when launching the apps. Furthermore, we found a near complete lack of in-app settings to regulate or prevent the sharing of personal data with third parties. This illustrates that consumers are often not given enough information to choose whether they accept being tracked and profiled. If the consumer does not want their apps to transmit personal data to commercial third parties, the only option is often not to install the apps in the first place.
The full report, part of an investigation into numerous companies’ privacy practices in Norway and elsewhere, is available here.
The post Data-Sharing By Grindr, Twitter, Tinder And More Is ‘Out Of Control,’ Norwegian Report Says appeared first on SuccessDigest.