Grindr must delete improperly collected data, Norway watchdog says

Norway should force the Grindr dating app to erase illegally gathered data, on top of a recent threat to impose a large fine, the country’s influential Consumer Council said on Wednesday.

Norway’s Data Protection Authority said on Jan. 26 it planned to fine the LGBTQ+ app 100 million Norwegian crowns ($11.8 million) for what the regulator said was illegal disclosure of user data to advertising firms.

“The Consumer Council is now asking the Data Protection Authority to impose measures to ensure that the company also must identify and delete illegally collected personal data,” the council said in a statement.

“As long as this data is out there, it may be shared onward and be used by companies that monetize personal data for surveillance-based marketing and other purposes,” it added.

The demand stems from the council’s 2020 conclusion that Grindr violated Europe’s General Data Protection Regulation (GDPR), which sets guidelines for the collection, processing and sharing of personal information.

U.S.-based Grindr, which describes itself as the world’s largest social networking app for gay, bisexual, transgender and queer people, did not immediately respond to an email seeking comment on Wednesday.

In January, following news of the fine, Grindr said the allegations against it dated back to 2018 and no longer reflected its current privacy policy or practices, and that the company was following the law.

The Data Protection Authority was not immediately available for comment on Wednesday. In January it called the alleged breaches “very severe” and said its fine would correspond to around 10% of Grindr’s estimated global annual revenue.

A final decision on whether to fine the company will be made at a later time, however.

Was it worth reading? Let us know.