Slashdot Mirror
Gay Dating App Grindr Is Letting Other Companies See User HIV Status, Location Data (buzzfeed.com)
An anonymous reader quotes a report from BuzzFeed: The gay hookup app Grindr, which has more than 3.6 million daily active users across the world, has been providing its users' HIV status to two other companies, BuzzFeed News has learned. The two companies -- Apptimize and Localytics, which help optimize apps -- receive some of the information that Grindr users choose to include in their profiles, including their HIV status and "last tested date." Because the HIV information is sent together with users' GPS data, phone ID, and email, it could identify specific users and their HIV status, according to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF, which first identified the issue.
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months. But the new analysis, confirmed by cybersecurity experts who analyzed SINTEF's data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users' privacy. SINTEF's analysis also showed that Grindr was sharing its users' precise GPS position, "tribe" (meaning what gay subculture they identify with), sexuality, relationship status, ethnicity, and phone ID to other third-party advertising companies. And this information, unlike the HIV data, was sometimes shared via "plain text," which can be easily hacked.
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months. But the new analysis, confirmed by cybersecurity experts who analyzed SINTEF's data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users' privacy. SINTEF's analysis also showed that Grindr was sharing its users' precise GPS position, "tribe" (meaning what gay subculture they identify with), sexuality, relationship status, ethnicity, and phone ID to other third-party advertising companies. And this information, unlike the HIV data, was sometimes shared via "plain text," which can be easily hacked.
Anyone else find it funny when it said plain text can be easily hacked. Author apparently doesn't understand plain text doesn't need to be hacked, it's already plain text
my karma will be here long after I'm gone
Except that Medical Data generally has a higher standard of privacy (HIPPA) which Grindr may well be in violation of. If you're in possession of that data, and you're not the individual to which it applies, you're probably going to have a big problem if you're giving it out freely. In the US for HIPPA, and I'm certain that the EU has even more strict rules.
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
It's not a dating app, it's a hookup app for male homosexuals. There are people for whom it does in fact matter, and the least problematic group of 'em are those who are deliberately seeking sex partners whose HIV status is the same as theirs.
Part of how you can tell the difference is that hookup apps assume that, basically, you're for various reasons unable or unwilling to hire a sex worker--but you probably should, if you're not willing to even talk enough before having sex to discuss things related to safe sex. Of course, that might also be why you may not be able to hire any of the local sex workers anymore...
Disclosure is part of the law in a number of jurisdictions. Others don't want to have that strange moment when one of the two says, "Oh, BTW, I'm poz.". A lot of poz guys get broken hearts that way. Some guys want to be aware of the status, while it doesn't matter to others.
---- Teach Peace. It's Cheaper Than War.
Disclaimer - I believe Grindr sharing this data, and other data is bad. And other sites sharing unknown types and amounts of data without the individuals knowledge is bad. BUT - the person chose to disclose this information to a third party in a non-medical setting. If the same person got up on a bar stool and told the whole bar they were HIV positive, everyone in the bar would NOT magically be bound by HIPAA to keep their secret... Don't disclose private information to untrusted entities.
Well, actually you can. There's more than one strain; HIV-1, HIV-2, and subtypes.
Number one rule of the web: Don't disclose sensitive personal information to startups or apps.
Number two rule of the web: Don't disclose sensitive personal information to startups or apps.
Number three rule of the web: DON'T DISCLOSE SENSITIVE PERSONAL INFORMATION TO STARTUPS OR APPS!
etc..
Debate is a form of harassment. Do not question my truth.
I know, it's so easy. Just add an "I have HIV" checkbox to your dating site that hides the rest of the page when checked, thus preventing the HIV positive user from accessing the site.
Problem solved!
HIPPA applies only to doctors, dentists or pharmacists, as well as healthcare insurance companies, but NOT life insurance companies. If you choose to share your medical data with a cab driver or your barber they are not bound by the strictures of the law. The law does include some 3rd party entities to which you are referred such as companies that make orthopedics and the like.
errr....umm...*whooosh* *whoosh* Is this thing on ?
It makes complete sense, IMO. Maybe a positive person only wants to hookup with another positive person, to avoid uncomfortable conversations that lead nowhere.
Of course, conversely, a lot of misguided negatives will filter out based on HIV status, not understanding that sero-sorting does not work for "negatives". Most people on the site who claim to be negatives haven't had a recent HIV test. Even the most sensitive HIV tests still have a 2 week window period of false negative. The most common and cheaper antibody tests have a 3 months window period for false negatives.
-- Julien Pierre http://www.madbrain.com/blog
Odd, isn't it? That must be why they never have big moustaches and wear lots of leather.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
I'm about one or two more posts like this before I rip the Internet cable out of my property and throw away my phone.
How hard is this for you people to fucking understand
Very hard, as although I'd normally ignore you as a troll, you're dispensing lethally bad advice, so please, let me assure you: You're wrong.
You can get HIV without fucking anybody, and going nowhere near a bat or a monkey.
Learn the transmission vectors and learn how to protect yourself.