Dating app Grindr and Mopub (Twitter's ad platform) are facing a barrage of criticism today over their data sharing practices as part of an investigation by the nonprofit Norwegian Consumer Council (NCC), which describes their data handling as ‘out of control’.
The body found that the companies were guilty of unlawfully sharing user data, exposing both businesses to the possibility of large fines of up to 4% of global turnover if found to have breached EU general data protection regulation.
Outlining their findings the NCC wrote: “None of the apps provided the information necessary for the consumer to make an informed choice when launching the apps. Furthermore, we found a near-complete lack of in-app settings to regulate or prevent the sharing of personal data with third parties ... If the consumer does not want their apps to transmit personal data to commercial third parties, the only option is often not to install the apps in the first place.”
Grindr, for instance, is accused of passing on personal details such as GPS coordinates, IP addresses and sexual orientation to advertising partners without offering the ability to opt-out, prompting Twitter to disable Grind’s MoPub account while it investigates the ‘sufficiency’ of its consent procedures.
For its part, Grindr has said it is already in process of ‘implementing an enhanced consent management platform’ to address concerns.