A new report by the Norwegian Consumer Council (NCC) details how Grindr, which markets itself as the “world's largest social networking app for gay, bi, trans and queer people,” shares the GPS data, IP addresses, ages and genders of its users with a multitude of third-party companies to help them improve advert targeting.
According to the government-funded non-profit organisation, the sharing of this data implicitly discloses users' sexual orientations.
The report, titled “Out of Control”, examines the collection and use of personal data by 10 popular apps and concludes that the advertising industry is “systematically breaking the law”.
“Every time you open an app like Grindr, advertisement networks get your GPS location, device identifiers and even the fact that you use a gay dating app,” Austrian activist Max Schrems said in a statement by the NCC.
“This is an insane violation of users' EU privacy rights,” Schrems said.
The dating app Tinder is also accused of sharing user data with at least 45 companies owned by the Match Group, which operates a dating website of the same name.
The report also criticised other applications, such as Qibla Finder, which orients Muslims towards Mecca for prayer; Clue and MyDays used for monitoring fertility periods; and the children's app My Talking Tom 2.
Some 20 months since the EU's General Data Protection Regulation took effect in May 2018, “consumers are still pervasively tracked and profiled online,” the report said.
Users “have no way of knowing which entities process their data and how to stop them,” it added.
“Consumers have no meaningful ways to resist or otherwise protect themselves from the effects of profiling (including) different forms of discrimination and exclusion,” the statement said.
Grindr, which is owned by Chinese gaming company Beijing Kunlun Tech, did not immediately respond to a request for comment.