Even within its confines, Grindr's data are rich for blackmail. (Consider: images and messages sent and received within 100 feet of Capitol Hill.) It was recently acquired by an offshore billionaire [1].<p>[1] <a href="https://www.bloomberg.com/news/articles/2016-01-12/china-tech-billionaire-buys-control-of-us-gay-dating-app-grindr" rel="nofollow">https://www.bloomberg.com/news/articles/2016-01-12/china-tec...</a>
It might be worth making another post to highlight an additional concern: this repository itself appears to leak profile images of many Grindr users. The raw-data folder includes nearly 14,000 files, including many ads and scripts, but also thumbnails of many user profiles. This file[1] for example, once you strip out the HTTP headers, is a JPEG that shows the legs and gym socks of one user. This one [2] shows a user's bare torso.<p>I would link to others, but most of the ones that I've found include clear views of users' faces, sometimes clothed and sometimes shirtless. In some cases it looks like the photos were taken in their homes. It's ironic that in exposing Grindr's mishandling of users' personal data, this party appears to have mishandled personal data themselves.<p>[1]: <a href="https://github.com/SINTEF-9012/grindr-privacy-leaks/blob/master/raw-data/raw/2992_s.txt" rel="nofollow">https://github.com/SINTEF-9012/grindr-privacy-leaks/blob/mas...</a><p>[2]: <a href="https://github.com/SINTEF-9012/grindr-privacy-leaks/blob/master/raw-data/raw/3006_s.txt" rel="nofollow">https://github.com/SINTEF-9012/grindr-privacy-leaks/blob/mas...</a>
If you are using Grindr on Android, install and use NetGuard.<p><a href="https://play.google.com/store/apps/details?id=eu.faircode.netguard&hl=en_GB" rel="nofollow">https://play.google.com/store/apps/details?id=eu.faircode.ne...</a><p><a href="https://github.com/M66B/NetGuard" rel="nofollow">https://github.com/M66B/NetGuard</a><p>NetGuard is an open source local VPN that allows you to block DNS lookups to prevent calls to 3rd parties, and it does not require root access.<p>Calls to all of the 3rd parties mentioned are blockable. Grindr does not need many domains to be operational to work, just their own domains (.grindr.com on 443, grindr.mobi on 443) and a couple of Google static domains like csi.gstatic.com on 443 .<p>Of course this does not prevent Grindr from rolling up the data and sharing that with 3rd parties, but the linked analysis suggests that this is all via the app making calls rather than the company selling it in bulk.
So vending HIV status is a straight up HIPAA violation, I'm fairly sure that's been found to be the case over and over again -- it doesn't matter what your business is, health information is covered by HIPAA.<p>That's 250k per violation fine, and leaking status positive or negative is a violation. And every person, and every time they pass that information to every "partner" is a distinct violation.
Does anyone have any information on how Scruff handles that information? Also, does HIPAA say anything about technology companies outside of the medical field's data that may voluntarily collect HIV status?
I'd be interested to see how Scruff/Jack'd/etc stacks up. My guess is Scruff does better (it has always been a better designed/developed app) but I understand why they focused only on Grindr as it does have the largest market share (admittedly a guess).<p>Grindr has never been exactly a bastion of good programming... Their app has always been subpar at best with infrequent updates, months/year long bugs, terrible UI/Navigation, lack of features that could be coded up in a weeks time that would GREATLY improve the experience (Message archival/hiding), and I could go on. It would be one thing if they features were relegated to the paid version (Grindr Xtra) but the only really big feature for Xtra is push notifications for when you get a new message.<p>All of this is to say the fact they are using HTTP to talk to these analytics/ad companies doesn't shock me at all. My bet is they haven't updated the libraries for these services in forever (which wouldn't be too hard to investigate).<p>As for HIV status getting sent it really depends on the service. They are not subject to HIPAA (even if you wish they were) so they can do this and I'm sure for targeting ads it makes sense. No need to waste ad dollars on "Get tested for HIV" for people who already know they are positive. As someone in this community and knows the orgs that pay for some of these ads are severely underfunded I have hard time saying this isn't important to make sure your ad dollars go as far as they can.<p>Lastly for people saying "just don't enter your status" you clearly don't understand this community, I'm sorry. But people who are positive face a HUGE stigma. Chatting on Grindr/Scruff is already an emotionally draining experience in a lot of cases, I don't you all want the details but let's just say failed conversations (for most people at least) don't exactly fill you with confidence/self-worth (yes there is a whole other discussion to be had there I'm sure). So waiting until you start a conversation to tell someone you are positive (instead of it being in your profile) is going to lead to even more failed conversations. If I were positive I think I'd trade my status away to analytics/ad companies in exchange for not having to talk to people who aren't interested in the first place. I'm saying that as a white male living in the US so depending on your situation you may disagree.
A bit unrelated, but imagine how much data has Tinder collected, if Cambridge Analytica could do that much with just a comparatively unpopular quiz app.
For what it's worth, the most private data here is shared to analytics companies for Grindr's only analytical use. My guess is that Grindr's agreement with Apptimize and Localytics asks for the strictest possible protection of that data. If anyone at Apptimize or Localytics has access to that data, I'd be incredibly surprised.<p>This sort of deal isn't the same as sharing the HIV status to Google or Facebook so that advertisers can target or exclude that user information for the purposes of advertising.<p>For people who think this is still wrong, I'm curious what their pragmatic alternative is. How else are app developers supposed to analyze their app performance? The open source, self-hosted pickings are slim. (I can only think of Piwik, which in my experience has a dated feature set and severe performance issues.) Not everyone can afford to perform their own product analysis. Using a third-party analytics saas is kind of the only way to go and seems like a reasonable tradeoff of security for product visibility.
I used to be a data engineer at an ad tech company, Blis. A huge proportion of the GPS data we relied upon for retargeting and enrichment of the bids came from Grindr, but even so we almost never bid on traffic from them, the brands we worked with were opposed to being associated with that app. So we benefited a lot from Grindr data without giving much back.
Grindr has health-related datas and share it... And I guess that they have some european customers, right? Might be a really nice case for GDPR in 2 months !!! :-)
It's also 100% owned now by a Chinese software company, so might as well assume everything you share there is visible to the Chinese gov't while you're at it.
It's scary that it doesn't surprise me anymore.<p>Especially <i>social networks</i> are considered most lucrative in terms of targeted marketing and data mining, and it's obvious why. Social networking remains a big deal, it's almost mandatory to have some social networking footprint online, or else you miss out on social life. Why is it still OK to trade data distilled from social media accounts? It's not! One of the many reasons and implications are in that article.<p>Is independent social media possible? How to fund basic service infrastructure if not by running online ads, or trading user data? Is decentralized social media feasible, and who maintains a decentralized service if it is?<p>EDIT: If an app developer wants to analyze how the app performs, why share most intimate user data with third parties, Facebook being one of them?
I think we all agree on how stupid is to track all the little details (including positions, hiv status, etc...) for the only purpose of making money, but I would like to underline that there are only two reasons to not use https today. You’re stupid or you’re lazy.<p>Can’t tell the worst, but I can tell that users should completely delete their Grindr account, now.
Also, many mobile users name their device their whole name, effectively deanonymizing all their app usage for the massive ecosystem of marketing companies out there. Having worked in the mobile marketing industry I was shocked at how many people were doing this and probably had no idea this was the case.
This is deeply troubling. Anyone who uses Tinder or any other dating site should try requesting their data and realize that these services could likely label you a sexual deviant, racist or otherwise based on your swipes alone.
1) it's all in the terms of service. Idk why anybody is surprised. They own everything you enter into the app anywhere full stop.<p>2) it's not going anywhere. Its the gay Facebook. It has monopolized the market of an already vulnerable demographic so they can do whatever they want and still charge an extraordinary amount (almost $20 per month??) and provide no customer service.<p>The app doesn't even function as advertised (at least on Android). Push notifications and read receipts have been broken for years. Btw if you restrict the permissions of the app they permanently change your status to offline.
I am shocked, truly shocked at this development. An app that collects user data and passes it on to third parties without users’ consent? Unprecedented!
I remember this paper on ad intelligence I read a few weeks ago: "Exploring ADINT: Using Ad Targeting for Surveillance on a Budget — or — How Alice Can Buy Ads to Track Bob".<p><a href="https://adint.cs.washington.edu/ADINT.pdf" rel="nofollow">https://adint.cs.washington.edu/ADINT.pdf</a>
ISTM that "poz" "tribe" is largely equivalent to a positive HIV status?<p>If they're this sloppy when the client device is on one end of the connection, how sloppy are they once the data is on their end and we can't see what they're doing?
These are 3rd party analytics firms and not any random companies. Both these firms have strong data protection processes and are very secure. From Grindr's perspective, they are probably looking for analytics for different segments of their users and send all data to Localytics who help them with this (vs. trying to build these internally).<p>Here is a thought. Do we think that the data is more secure with Grindr itself or with Localytics? I feel the answer might be the latter given data security means a lot to Localytics (as they provide analytics as a service to thousands of apps) vs. Grindr itself who may not go to the extent of Localytics to safefuard user info.
It's become clear over the last year there is a strong need for a data privacy regulatory agency in US government. I understand that regulation hampers growth, but the tech industry is mature and developed to the point that it's time to reel in "moving fast and breaking things" a bit.
I see they have some instructions there for how they did it. Any chance anyone could make a small instructive tutorial, so we can start replicating this process for other apps as well?<p>Then we can put everything in a giant repo and make it publicly accessible information.
Looks like the repo got deleted. Can't find an arhive.org version either.<p>According to a friend, an article he saw earlier also got pulled. Are Grindr attempting to do some damage control?
Image of the data structure.<p><a href="https://i.imgur.com/hstbZio.png" rel="nofollow">https://i.imgur.com/hstbZio.png</a>
Does anyone actually find this surprising? It's fairly normal to send user data to third party analytics providers. If you want to know which, check your terms of service.
Please don't use allcaps for emphasis in HN comments. This is in the site guidelines: <a href="https://news.ycombinator.com/newsguidelines.html" rel="nofollow">https://news.ycombinator.com/newsguidelines.html</a>.
None of that data seems to be "private" according to Grindr's privacy policy: <a href="https://www.grindr.com/privacy-policy" rel="nofollow">https://www.grindr.com/privacy-policy</a>
So there's lots of talk about how we're going to regulate/manage data protection going forward but what are we going to do about the stuff that is already out there? I mean HIV status is a pretty toxic thing to just be floating around. It doesn't seem that we can even be sure who has this data and who doesn't.