The gay dating app Grindr says it shared its users' HIV status with two companies, a practice it vowed to halt amid concerns about data privacy.
Grindr says Localytics and Apptimize were paid to test and monitor how the app is used. The company says the firms are under "strict contractual terms that provide for the highest level of confidentiality, data security and user privacy." Grindr says data that may include location or information from HIV status fields are "always transmitted securely with encryption."
The dating app is facing a data privacy complaint in Europe, with the Norwegian Consumer Council claiming the company has violated both European and Norwegian data privacy laws.
"Information about sexual orientation and health status is regarded as sensitive personal data according to European law, and has to be treated with great care. In our opinion, Grindr fails to do so," said Finn Myrstad, director of digital services in the Norwegian Consumer Council, in a statement.
Grindr security chief Bryce Case told news site Axios that the company has stopped sharing the HIV status of its users with third-party companies. In a statement, Case confirmed his comments.
"Any information we provide to our software vendors including HIV status information is encrypted and at no point did we sharing sensitive information like HIV status with advertisers," Case said in the statement.
Grindr says it's important to remember it is a public forum and users have the option to post information about their HIV status and date when last tested. It says its users should carefully consider what information they list in their profiles.
Still, Case defended the data sharing, arguing in the statement that it "is standard industry practice for rolling out and debugging software."
He added, "As Grindr is an application that works to serve the LGBTQ community, it's important that we test out new features like HIV Testing Reminders to ensure these features are being utilized appropriately and not creating bugs."