The Norwegian Data Protection Authority has fined the dating app Grindr 100 million Norwegian Krone ($11.7m) for illegally sharing personal information with advertisers, a recent investigation has revealed.
Due to the highly personal nature of the information shared, which included details on user location, sexual orientation, and mental health, the fine was notably high, roughly 10% of Grindr’s global annual revenue.
The director of digital policy in Norway’s Consumer Council, Finn Myrstad, states, “This is a milestone in the ongoing work to ensure that consumers’ privacy is protected online. The Data Protection Authority has clearly established that it is unacceptable for companies to collect and share personal data without users’ permission.”
As part of a counter-argument put forward by Grindr, the app argued that sexual orientation was not exposed as some users may actually be heterosexual. This claim was rejected by the Norwegian authorities as Grindr promotes itself explicitly as “exclusively for the gay/bi community”.
“If you rely on unlawful ‘consent’ you are subject to a hefty fine. This does not only concern Grindr but many websites and apps,” explained Ala Krinickyte, data protection lawyer at noyb, the European Center for Digital Rights.