Grindr faces the prospect of legal action by hundreds of users who will allege that the dating app shared highly sensitive personal information, including in some cases their HIV status, with advertising companies.
The law firm Austen Hays is to file a claim on Monday in London’s high court alleging that the US owner of the app breached British data protection laws.
The firm alleges that thousands of UK Grindr users had their information misused. So far 670 people have signed up to the claim, and the firm said “thousands” more people had expressed interest in joining.
Grindr said it would respond vigorously to the claim, which it said relied on a mischaracterisation of past policies.
Grindr was founded in 2009 to make it easier to coordinate hookups for gay men. It now claims to be the world’s largest dating app for gay, bi, trans and queer people, with millions of users around the world.
The high court claim against Grindr will focus on the company’s alleged sharing of personal information with two advertising companies. It will further allege that those companies may have sold on the data to other businesses.
The law firm said the claim against Grindr will be focused on the periods before 3 April 2018 and between 25 May 2018 and 7 April 2020, meaning newer users are unlikely to be able to join. Grindr changed its consent mechanisms in April 2020.
Grindr, based in Los Angeles, announced it would stop sharing users’ HIV status with third-party companies in April 2018 after a report by Norwegian researchers revealed data sharing with two companies. In 2021 Norway’s data protection authority fined Grindr 65m Norwegian krone (£4.8m) – 10% of its global revenues – for violating the General Data Protection Regulation, and the country’s privacy appeals board upheld the decision last year.
Grindr appealed against that decision.
Norway’s decision did not focus on the alleged sharing of users’ HIV status, but rather found that sharing the fact that someone was signed up to Grindr in itself was sensitive information, as users were very likely to be part of the gay or bi community.
Chaya Hanoomanjee, managing director of Austen Hays, who is leading the claim, said: “Our clients have experienced significant distress over their highly sensitive and private information being shared without their consent, and many have suffered feelings of fear, embarrassment and anxiety as a result.
“Grindr owes it to the LGBTQ+ community it serves to compensate those whose data has been compromised and have suffered distress as a result, and to ensure all its users are safe while using the app, wherever they are, without fear that their data might be shared with third parties.”
The law firm said it believed some users could be entitled to thousands of pounds in damages, without giving further details.
A Grindr spokesperson said: “We are committed to protecting our users’ data and complying with all applicable data privacy regulations, including in the UK.
“We are proud of our global privacy program and take privacy extremely seriously. We intend to respond vigorously to this claim, which appears to be based on a mischaracterisation of practices from more than four years ago, prior to early 2020.”