Senators Markey, Blumenthal to Grindr, Third Parties: How Do You Protect Users’ Sensitive Information?
Recent reports suggest Grindr shared information about users’ HIV statuses with third parties
Washington (April 3, 2018) – Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.), members of the Senate Commerce, Science, and Transportation Committee, today sent a letter to the CEOs of Grindr, Apptimize, and Localytics inquiring about their policies for protecting the sensitive information of Grindr’s millions of users. According to a press report, Grindr, a popular dating app tailored for the LGBTQ community, is sharing the most personal and sensitive information of its approximately 3.6 million active daily users without their informed consent. The data includes personally identifiable and sensitive user information such as HIV status, email address, telephone number, precise geolocation, sexuality, relationship status, ethnicity, and “last HIV tested date.”
“Simply using an app should not give companies a license to carelessly handle, use, or share this type of sensitive information,” the Senators write. “Grindr and those with whom it shares its users’ sensitive information has an obligation to both protect this data and ensure users have meaningful control over it.”
A copy of the letter to Grindr can be found HERE.
In the letter, Senators Markey and Blumenthal ask these companies a series of important privacy and data-security questions, including whether they obtain affirmative opt-in consent prior to using, sharing, or selling users’ sensitive information; what privacy requirements they apply to third parties with whom they share user data; and what data-security practices they adopt to protect this sensitive information from unauthorized breaches.