Ever since the Covid-19 pandemic exploded, preventing or greatly restricting opportunities to find partners “in real life”, there has been a real boom in dating apps.
But this, according to the
and Avast, has a negative side because about 70% of dating apps have at least one problem in the management of users' personal data. It doesn’t respect their privacy, in short.
This is no small problem, because once the “match” is made and two profiles start “dating” through the app, it is very likely that they will also exchange very intimate information, photos and videos. If these data are not 100% protected, then, neither are the users and, in the end, the developers of the apps themselves are also at risk. This is the case, very recently, of Grindr: the dating app dedicated to homosexual, bisexual and transsexual men has been fined 10 million euros by the Norwegian Privacy Guarantor, because its management of users' personal data does not comply with the provisions of the European legislation on privacy, the famous GDPR.
Dating and privacy: the point of the situation
The cybersecurity company Avast has taken in hand the “Privacy Not Included” shopping guide drafted by Mozilla Foundation and has highlighted the criticalities of privacy management by dating apps.
A situation emerges that is anything but reassuring and the problem is very simple to understand: these apps are based on the “match” of profiles, that is, on the search for affinities between users. This, as you can easily understand, is easier to do if you have more data on users.
As a result, these apps are based on a massive collection of subscribers' data, which is also their main source of income because then this data is resold anonymously (but not always in a GDPR-compliant way, as seen in the Grindr case) to third-party companies.
Dating apps: the data breach problem
There is then a further problem, besides privacy, when it comes to dating apps: that of data breaches, i.e. theft of user data by hackers. In January 2020 there was a sensational case: 70,000 photos of women registered on Tinder were put up for sale on the dark web, along with 16,000 unique user IDs.
This is aggravated by the possibility, given by almost all dating apps, to login via Facebook profile. Not only does this mean granting all the data uploaded on that app to Facebook as well, but it also means exposing oneself twice to the risk of data breach: anyone who manages to get their hands on the login details of the user’s Facebook profile can know that they have linked the profile to the dating app and, consequently, can access all the data it contains.