NEWS16 January 2020

Twitter removes Grindr from ad network over GDPR complaint

Data analytics Europe GDPR Media News Privacy Technology UK

UK – Twitter has suspended dating app Grindr from its advertising network following the publication of a report claiming the app had breached GDPR.

Mobile social media twitter snapchat_crop

Earlier this week, the Norwegian Consumer Council (NCC) published a report on a wider investigation into what it termed ‘out of control’ adtech practices, alleging that the industry has engaged in ‘comprehensive illegal collection and indiscriminate use of personal data’.

The NCC commissioned cybersecurity company Mnemonic to analyse data traffic from 10 mobile apps including Grindr. The report alleges that the apps were transmitting user data to more than 100 third parties involved in advertising or behaviour profiling.

Finn Myrstad, director of digital policy at the council, said: "These practices are out of control and in breach of European data protection legislation. The extent of tracking makes it impossible for us to make informed choices about how our personal data is collected, shared and used."

The report accused Grindr of sharing user data with third parties, including IP address, Advertising ID, GPS location, age and gender. According to the analysis, Twitter’s adtech subsidiary MoPub was a mediator for sharing this data, passing it to advertising third parties.

A Twitter spokesperson said: "We are currently investigating this issue to understand the sufficiency of Grindr’s consent mechanism. In the meantime, we have disabled Grindr’s MoPub account."

The NCC has filed complaints for GDPR breaches to the Norwegian Data Protection Authority against Grindr, MoPub and four other adtech companies.

A Grindr spokesperson said: "User privacy and data security is, and always will be, a high priority for Grindr. Examples of this commitment include sharing our revised privacy policy in its entirety to every Grindr user in order to gain their consent and provide even greater transparency about Grindr’s privacy-forward practices. In addition, Grindr is currently implementing an enhanced consent management platform with OneTrust to provide users with additional in-app control regarding their personal data."

The spokesperson said Grindr has "enhanced" its information security policy, and added: "So while we reject a number of the report’s assumptions and conclusions, we welcome the opportunity to be a small part in a larger conversation about how we can collectively evolve the practices of mobile publishers and continue to provide users with access to an option of a free platform. As the data protection landscape continues to change, our commitment to user privacy remains steadfast."