Grindr Faces $12 Million Fine in Norway Over Data Sharing
(Bloomberg) -- Grindr LLC, maker of a popular dating app, may face a 100 million-krone ($12 million) privacy fine from Norwegian regulators for not giving users enough control over their data.
An important objective of European Union data protection rules “is precisely to prevent take-it-or-leave-it ‘consents,’” said Bjorn Erik Thon, director general of the DPA.
“Grindr is seen as a safe space, and many users wish to be discrete,” he said. “Nonetheless, their data have been shared with an unknown number of third parties, and any information regarding this was hidden away.”
Last year, the Norwegian Consumer Council filed a complaint against Grindr claiming unlawful sharing of personal data with third parties for marketing purposes. The service -- described as the world’s largest social-networking app for gay, bi, trans, and queer people -- gave user data such as location and sexual orientation to third parties involved in advertising and profiling, according to the report.
“We believe that the fact that someone is a Grindr user speaks to their sexual orientation, and therefore this constitutes special category data that merit particular protection,” the regulator said.
Under EU rules, data fines can be as much as 4% of a company’s revenue or 20 million euros, whichever is higher. While Norway isn’t a formal member of the EU, it follows most of the bloc’s rules.
A final decision on the financial penalty won’t be made until after the company has had time to comment on the preliminary findings.
Finn Myrstad, director of digital policy at the Norwegian Consumer Council, said the draft decision is a “milestone” to protect privacy online. “It is unacceptable for companies to collect and share personal data without user’s permission,” he said.
©2021 Bloomberg L.P.