Grindr has pushed back against the allegations.
Norwegian regulators announced intentions to hit the popular gay dating app Grindr with a fine of nearly $12 million over alleged data-sharing practices.
The Norwegian Data Protection Authority said in a statement Tuesday that it’s notified Grindr of its intent to fine the company 100 million Norwegian krone (approximately $11.7 million). The agency said Grindr has the opportunity to comment until Feb. 15, and then it will make its final decision.
The regulators accuse Grindr of illegally sharing users’ personal data from the free version of the app with third parties for marketing purposes.
The data allegedly shared includes location, profile data “and the fact that the user in question is on Grindr,” according to the statement.
“Our preliminary conclusion is that Grindr needs consent to share these personal data and that Grindr’s consents were not valid,” the statement added. “Additionally, we believe that the fact that someone is a Grindr user speaks to their sexual orientation, and therefore this constitutes special category data that merit particular protection.”
Bjørn Erik Thon, director-general of the Norwegian Data Protection Authority, said Grindr users weren’t able to exercise real control over the sharing of their data and were pressured into giving consent to the app’s privacy policy when using it without being properly informed.
Thon noted that Grindr is seen as a safe space, and many users may wish to be discrete, but that their data may have been shared with an unknown number of third parties.
If the fine is finalized, this could be the highest Norwegian Data Protection Authority fine to date.
Grindr pushed back against the allegations, saying in a statement to ABC News on Tuesday that the agency’s claims “date back to 2018 and do not reflect Grindr’s current Privacy Policy or practices.”
“We continually enhance our privacy practices in consideration of evolving privacy laws and regulations, and look forward to entering into a productive dialogue with the Norwegian Data Protection Authority,” the company added.
Grindr said that its goal “is to create the leading social and digital media platform that enables the LGBTQ+ community and other users to discover, share and navigate the world around them.”
In addition, it said it is “confident that our approach to user privacy is first-in-class among social applications with detailed consent flows, transparency, and control provided to all of our users.”
In a company blog post on Monday, Grindr Chief Privacy Officer Shane Wiley stated that they “share only the most basic information — which users largely control — and nothing about a user’s Grindr account details.”
“This last point,” Wiley wrote, “is worth repeating: there is nothing from within a user’s Grindr account details that is shared with an ad partner. Full stop.”