Home >> Opinion >> Twitter and Grindr subject to complaint for breach of privacy laws

Twitter and Grindr subject to complaint for breach of privacy laws

Twitter and Grindr subject to complaint for breach of privacy laws

A study by the Norwegian consumer protection organization details the sharing of very private information carried out by dating applications.

A single application can transmit very personal data, such as geolocation or sexual orientation, to several hundred companies: this is one of the main conclusions of a large study (see PDF ) conducted by the Norwegian council of consumers (Forbrukerradet). The public body responsible for consumer protection has filed a complaint for violation of European privacy law against four companies: Grindr, Twitter and the automated advertising agencies AppNexus and OpenX Software.

The technical analysis of the data transmitted by the applications shows in particular that data sent by Grindr, the famous LGBTQ dating application, to MoPub, the advertising agency owned by Twitter, were then shared with some of the 160 partners of MoPub. Tests have shown that the OpenX control room, partner of MoPub, receives keywords like "gay" or "bi" (for "bisexual") in the data flow which is transmitted to it. MoPub claims to anonymize certain personal data, for example by truncating the IP address of users, but the checks carried out by the Forbrukerradet show that this is not the case for some of its partners.

It is this system of "cascade transmission" which is at the heart of the reproaches formulated by the Forbrukerradet - and of the concerns of many defenders of privacy. Even partially anonymized, the data transmitted to authorities can easily identify an Internet user. By combining data from multiple sources, and by performing basic cross-checks, these companies are able to establish very complete profiles of Internet users, which include very personal information such as geolocation, health or sexuality.

European legislation provides that user data can only be shared if they give their informed consent to this sharing. However, argues the Forbrukerradet, most applications do not comply with this obligation: users do not know how much their data can be shared by advertising agencies. AppNexus, one of the largest companies in the sector, is thus linked to 4,000 different partners.

Questioned by the New York Times , Twitter claimed to have suspended its MoPub service in the Grindr application, and to have opened an investigation into information from the Forbrukerradet.


Sources of article:
https://www.lemonde.fr/pixels/article/2020/01/15/twitter-et-grindr-vises-par-une-plainte-pour-non-respect-des-lois-sur-la-vie-privee_6025974_4408996.html