Grindr, the world’s biggest dating app for the LGBT community, is being sued for allegedly sharing personal information such as people’s HIV status with third parties.
According to the claim, lodged at the High Court in London, “covert tracking technology” was deployed, and highly sensitive information was illegally shared with advertisers.
Law firm Austen Hays says there are more than 650 claimants and “thousands” of UK users were affected.
Grindr says it will “respond vigorously” to the claim.
A Grindr spokesperson said the company takes privacy “extremely seriously”, and added the claim “appears to be based on a mischaracterization of practices from more than four years ago”.
Austen Hays says, if the case is successful, claimants could receive thousands of pounds in damages.
The claim form submitted to the High Court says the law firm hopes to claim more than £100,000 in total.
Chaya Hanoomanjee from Austen Hays, who is the lawyer leading the claim, said the claimants “experienced significant distress over their highly sensitive and private information being shared without their consent”.
“Grindr owes it to the LGBTQ+ community it serves to compensate those whose data has been compromised,” she said.
The dating app is used by 13 million people every month, and an Ofcom report from May 2023 found that it was used by roughly 924,000 people in the UK.
It also had the highest engagement of all dating apps, with people using it for an average time of six hours and 49 minutes that month.
According to the claim, the company shared sensitive data with third parties for commercial purposes, in breach of the UK’s data privacy laws.
It says it included information about the ethnicity and sexual orientation of users.
The claim alleges it mainly occurred before 3 April 2018, though the data was also shared between 25 May 2018 and 7 April 2020.
It names data analytics companies Apptimize and Localytics as third parties which had access to the sensitive data.
However, it says that a potentially unlimited number of third parties used the data to customise advertisements to Grindr’s users.
In addition, it is claimed that firms may then have retained some of the shared data for their own purposes.
It emerged in 2018 that Grindr had been sharing personal data, including HIV status of users, with Apptimize and Localytics.
Those companies were paid to monitor how people used the app in order to improve it.
At the time, Grindr defended the practice, saying it was in line with industry standards – but it said it then stopped sharing HIV data with those companies.
The firm said it had never sold the data to any advertisers.
In 2021, the company was fined £5.5m by Norwegian authorities for breaking GDPR (EU general data protection regulation) rules.
It was found to have shared user data, without seeking explicit consent, to third-party companies for the purpose of advertising.
In 2022, Grindr was reprimanded by the UK’s data watchdog over its data protection practices.
The Information Commissioner’s Office ruled that the company had failed to “provide effective and transparent privacy information to its UK data subjects in relation to the processing of their personal data”.