Grindr sold HIV status of “potentially thousands” of users to advertisers, lawsuit says

Hundreds of people who use Grindr — a dating and social networking app for the gay, bisexual, transgender and queer community — have filed a lawsuit claiming the company monetized sensitive information such as HIV status without users’ consent.

In the suit, which was filed in the U.K., the plaintiffs alleged Grindr disclosed user information about their health, sex lives and sexual orientation to advertisers without user knowledge — breaching data protection laws.

More than 670 people have signed their names to the class action, and “thousands” more Grindr users are interested in joining the suit, according to London-based law firm Austen Hays, which filed the suit.

“Grindr owes it to the LGBTQ+ community it serves to compensate those whose data has been compromised and have suffered distress as a result, and to ensure all its users are safe while using the app, wherever they are, without fear that their data might be shared with third parties,” said Chaya Hanoomanjee, managing director of Austen Hayes.

Users who can join the suit must have been affected prior to April 2020, when Grindr changed its privacy and user consent guidelines.

Grindr denied sharing users’ health information with third parties, and said it intends to “respond vigorously” to the claim suggesting otherwise.

“We are committed to protecting our users’ data and complying with all applicable data privacy regulations, including in the UK. Grindr has never shared user-reported health information for ‘commercial purposes’ and has never monetized such information,” a Grindr spokesperson told The Hill.

“We intend to respond vigorously to this claim, which appears to be based on a mischaracterization of practices from more than four years ago, prior to early 2020,” the spokesperson added.

The lawsuit comes two years after the U.K. Information Commissioner’s Office reprimanded Grindr for failing to “provide effective and transparent privacy information to its UK data subjects in relation to the processing of their personal data.”

The U.K. data protection watchdog also said the company “infringed” on regulation requiring personal data be “‘processed lawfully, fairly and in a transparent manner in relation to the data subject.'”

Austen Hays has stated it believes members of the class action will take home hefty sums “given the severity of the breach.”

For the latest news, weather, sports, and streaming video, head to The Hill.