Grindr Faces $10 Million Fine in Norway for Illegal Data Sharing
Smartphone dating app Grindr faces a record 100-million-kroner (9.6-million-euro) fine in Norway for illegally sharing user data with third parties, the Norwegian Data Protection Authority said on Tuesday.
Grindr, which claims to be "the world's largest social networking app for gay, bi, trans, and queer people", is accused of sharing its users' GPS coordinates, user profile data and the fact that the user is on Grindr, for marketing purposes.
"Our preliminary conclusion is that Grindr has shared user data to a number of third parties without legal basis," Data Protection Authority director general Bjorn Erik Thon said in a statement.
According to the authority, this violates the European Union's GDPR, or data protection rules, on valid consent that were introduced in May 2018.
The authority therefore decided to notify Grindr that it will be fined around 10 percent of its global turnover, or about $10 million, an unprecedented fine in the Nordic country.
The Norwegian Consumer Council, which had filed the initial legal complaint against Grindr, hailed the announcement as a "historic victory for privacy."
Monique Goyens, director general of the Brussels-based European Consumer Organization said: "This is excellent news and sends a clear signal that it's illegal to monitor consumers 24/7, without their consent, to collect and share their data."
Grindr has until February 15 to challenge the decision.
The company's alleged wrongdoing took place before April 2020, when the app changed its user consent terms.
"The allegations from the Norwegian Data Protection Authority date back to 2018 and do not reflect Grindr's current Privacy Policy or practices," Grindr said.
"We continually enhance our privacy practices in consideration of evolving privacy laws and regulations, and look forward to entering into a productive dialogue with the Norwegian Data Protection Authority," it added.
In January 2020, the Norwegian Consumer Council filed legal complaints against Grindr and five other apps, including Twitter-controlled MoPub, for violating personal data protection rules.
The other complaints are still being examined, the Data Protection Authority said.