Grindr has found itself in a bit of a sticky situation. The dating app, which is used predominantly by gay, bisexual, and transgender men, currently has over 3.6 million daily users. It recently came under fire when it was discovered that the app had allowed third parties to access encrypted data. As a result, Grindr announced that it will stop sharing this data, which includes the HIV status of its users, effective immediately.
Among other kinds of sensitive data, Grindr admitted that it had shared its users HIV status and date of last testing with two companies, Apptimize and Localytics. Those companies were paid to monitor and analyze the data that Grindr provided.
Because Grindr users are required to use email addresses and GPS locations for their accounts, that identifying information could be used to specify which users self-identify as HIV positive.
According to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF, which first identified the data breach, the sharing of HIV status is troubling.
“The HIV status is linked to all the other information. That’s the main issue. I think this is the incompetence of some developers that just send everything, including HIV status.” Other experts, including Cooper Quintin, senior staff technologist and security researcher at the Electronic Frontier Foundation, agree with Pultier’s assessment.
“It allows anybody who is running the network or who can monitor the network — such as a hacker or a criminal with a little bit of tech knowledge, or your ISP or your government — to see what your location is. When you combine this with an app like Grindr that is primarily aimed at people who may be at risk — especially depending on the country they live in or depending on how homophobic the local populace is — this is an especially bad practice that can put their user safety at risk,” Quintin said to BuzzFeed News.
Prior to announcing that it would no longer disseminate information relating to HIV status, Grindr defended itself in a point-by-point rebuttal on Tumblr.
Some Grindr users argue that given this recent systemic disclosure, the app should be required to follow HIPAA, when it comes to HIV status.
Just because some Grindr members feel comfortable disclosing their HIV status on their profile, does not mean that they feel safe having that information shared and distributed to a wider audience. One man spoke with CBC news about the stigma surrounding HIV status disclosure. “Public perception of HIV is still somewhere between 1986 and 1992,” said Kiki, a Toronto-based artist
Other men, have spoken about the personal safety risks of having status disclosed without permission.