Gay Dating App Grindr Is Letting Other Companies See User HIV Status, Location Data (buzzfeed.com) 132
An anonymous reader quotes a report from BuzzFeed: The gay hookup app Grindr, which has more than 3.6 million daily active users across the world, has been providing its users' HIV status to two other companies, BuzzFeed News has learned. The two companies -- Apptimize and Localytics, which help optimize apps -- receive some of the information that Grindr users choose to include in their profiles, including their HIV status and "last tested date." Because the HIV information is sent together with users' GPS data, phone ID, and email, it could identify specific users and their HIV status, according to Antoine Pultier, a researcher at the Norwegian nonprofit SINTEF, which first identified the issue.
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months. But the new analysis, confirmed by cybersecurity experts who analyzed SINTEF's data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users' privacy. SINTEF's analysis also showed that Grindr was sharing its users' precise GPS position, "tribe" (meaning what gay subculture they identify with), sexuality, relationship status, ethnicity, and phone ID to other third-party advertising companies. And this information, unlike the HIV data, was sometimes shared via "plain text," which can be easily hacked.
Grindr was founded in 2009 and has been increasingly branding itself as the go-to app for healthy hookups and gay cultural content. In December, the company launched an online magazine dedicated to cultural issues in the queer community. The app offers free ads for HIV-testing sites, and last week, it debuted an optional feature that would remind users to get tested for HIV every three to six months. But the new analysis, confirmed by cybersecurity experts who analyzed SINTEF's data and independently verified by BuzzFeed News, calls into question how seriously the company takes its users' privacy. SINTEF's analysis also showed that Grindr was sharing its users' precise GPS position, "tribe" (meaning what gay subculture they identify with), sexuality, relationship status, ethnicity, and phone ID to other third-party advertising companies. And this information, unlike the HIV data, was sometimes shared via "plain text," which can be easily hacked.
Re: (Score:2)
To be honest, I'd rather be dead than homosexual.
That can be arranged. Polonium or nerve agent?
Grindr rules (Score:1)
Second rule of Grindr: Never tell the truth about your HIV status
Re: Grindr rules (Score:1)
Vaginal sex also transmits HIV, so the key is really safe sex and not being a rabbit. Vaginal sex has lower transfer rates due to natural lubrication and less likelihood of tearing tissue and exposing blood. HIV effects everyone but the higher transmission rate for anal intercourse coupled with the more rampant sex man crave (multiple partners, higher frequency, less screening, etc.) leads to this problem.
Just like IT security, it works best in layers, so you can also throw Truvada in the risk if you're hig
Re: (Score:3)
How hard is this for you people to fucking understand
Very hard, as although I'd normally ignore you as a troll, you're dispensing lethally bad advice, so please, let me assure you: You're wrong.
You can get HIV without fucking anybody, and going nowhere near a bat or a monkey.
Learn the transmission vectors and learn how to protect yourself.
Re: (Score:2)
No, it does not. There are around 20,000 HIV positive women in the UK, they didn't stick their dick anywhere.
Your ignorance risks qualifying you for a Darwin Award.
Re: Grindr rules (Score:2)
All dating sites really should flat out reject anyone who is HIV positive.
Can you actually catch HIV if you already have HIV? This sounds tricky.
Re: (Score:3)
Re: (Score:2)
In practice, superinfection (with multiple strains or subtypes) is exceedingly rare for people who are already on antiretrovirals. At least according to my physician.
Re: (Score:1)
Since there are different straibs of HIV, yes you can catch more than one type.
Also, going back to the idea dating apps should turn away people with HIV, that is a pretty dumb idea. All that will do is encourage people to lie about their status, making everyone less safe.
Re: (Score:3)
Problem solved!
Re: (Score:2)
You realize that doesn't prevent anything, right ?
This very likely violates ADA and all kinds of anti-discrimination laws as well.
Considering the extremely high rate of HIV in the LGBT community, this would be a really bone-headed move by any site
Even with the current option to do so, very few positives ever disclose their status in their profile. Very likely because of uninformed, backwards attitudes like yours. With TasP, PreP and PEP available, the people of known HIV+ status on anti-retrovirals are the
Re: (Score:2)
Makes no sense since HIV isn't a death sentence and hasn't been for years.
Condoms also fail occasionally, even if one is informed of their partner's HIV status.
But at this point, anyone who is positive should go on HAART and become undetectable, which makes HIV untransmittable, regardless of condom use.
Re: (Score:2)
Re: (Score:2)
Plain text can be easily hacked ROFLMAO (Score:3)
Re: (Score:2)
Re: (Score:2)
Author apparently doesn't understand plain text doesn't need to be hacked, it's already plain text
You have to be literate to understand plain text. I guess that's a skill that even befuddles internet "journalists" now.
---
Brought to you by BRAWNDO. The thirst mutilator!
Re: (Score:2)
You still need to tap to intercept the plaintext traffic somewhere.
Re: (Score:2)
I don't find it surprising at all that they haven't got about encryption or hacking. Most content from BuzzFeed is along the lines of more keyboards with more windows open is how you hack stuff. Many consider the average trashy glossy mags to be more reputable.
Apps have sexual preferences ? (Score:2, Insightful)
I wasn't aware that apps, or programs, or code in general had sexual preferences. I think they mean the Grindr app used by homosexuals is making data that ignorant people have inappropriately shared available to others which seems like a case of you get what you deserve for over sharing...
Re:Apps have sexual preferences ? (Score:4, Interesting)
Except that Medical Data generally has a higher standard of privacy (HIPPA) which Grindr may well be in violation of. If you're in possession of that data, and you're not the individual to which it applies, you're probably going to have a big problem if you're giving it out freely. In the US for HIPPA, and I'm certain that the EU has even more strict rules.
Re: (Score:2)
https://en.wikipedia.org/wiki/... [wikipedia.org]
governs the usage and security of medical health information in the US. Very unlikely to appear in employer HR software as it is primarily designed to prevent employers or others from discriminating against individuals based of existing health risks or conditions.
Definitely. Not. HIPAA (Score:2, Informative)
Disclaimer - I believe Grindr sharing this data, and other data is bad. And other sites sharing unknown types and amounts of data without the individuals knowledge is bad. BUT - the person chose to disclose this information to a third party in a non-medical setting. If the same person got up on a bar stool and told the whole bar they were HIV positive, everyone in the bar would NOT magically be bound by HIPAA to keep their secret... Don't disclose private information to untrusted entities.
Re:Apps have sexual preferences ? (Score:5, Insightful)
HIPPA applies only to doctors, dentists or pharmacists, as well as healthcare insurance companies, but NOT life insurance companies. If you choose to share your medical data with a cab driver or your barber they are not bound by the strictures of the law. The law does include some 3rd party entities to which you are referred such as companies that make orthopedics and the like.
Re: (Score:2)
I wasn't aware that apps, or programs, or code in general had sexual preferences. I think they mean the Grindr app used by homosexuals
It's an app intended for gay dating, "Gay Dating App Grinder" is a perfect way to describe it.
"Grindr app used by homosexuals" is both awkward to say and could just as well describe an app for grinding spices that happens to be popular among homosexuals.
is making data that ignorant people have inappropriately shared available to others which seems like a case of you get what you deserve for over sharing...
"Inappropriately shared"? We're talking about HIV status on a dating/hookup app. It's information that can literally saves lives.
Re: (Score:2)
I agree that sharing such information with someone you might potentially be in a physical relationship is wise and should occur, but giving that info to a 3rd party intermediary prior to even establishing a relationship seems a bit umm, reckless ? foolish ?
Re:Apps have sexual preferences ? (Score:5, Insightful)
It makes complete sense, IMO. Maybe a positive person only wants to hookup with another positive person, to avoid uncomfortable conversations that lead nowhere.
Of course, conversely, a lot of misguided negatives will filter out based on HIV status, not understanding that sero-sorting does not work for "negatives". Most people on the site who claim to be negatives haven't had a recent HIV test. Even the most sensitive HIV tests still have a 2 week window period of false negative. The most common and cheaper antibody tests have a 3 months window period for false negatives.
Re: (Score:2)
Maybe a positive person only wants to hookup with another positive person
Unfortunately, while the logic undelying this decision is usually "it doesn't make any difference if we're both already infected", things don't actually work like that and you risk HIV superinfection. [wikipedia.org]
Re: (Score:2)
Yes, it really does work like that. HIV superinfection is not a real concern once one is undetectable. Contacting another strain while on HAART is almost impossible. This is because the strains that are resistant to some meds are also not very "fit" as explained by my doctor.
If you are positive but not on treatment, yes, there is more of a risk that you could contract multiple strains.
Re: (Score:2)
HIV+ individuals who have an undetectable viral load still test positive on HIV antibody tests. They do not "seroconvert to a seronegative state".
As far as risk of transmission not being zero, even the CDC states that "People who take ART daily as prescribed and achieve and maintain an undetectable viral load have effectively no risk of sexually transmitting the virus to an HIV-negative partner." .
Re: (Score:2)
It's an app intended for gay dating, "Gay Dating App Grinder" is a perfect way to describe it.
It's also helpful for people like me that don't use Tindr or Grindr and always mix the two of them up.
Which leads to some interesting misunderstandings when others discuss them.
Re: (Score:2)
The sexual orientation of an app is none of your business and please quit staring at its package.
Name? (Score:1)
Who gave it that name? That's a horrible name. It would be like naming a family horse trail vacation company "rash.com".
Re: (Score:1)
I suspect it was more like a jokish name when the site was small and informal, but the site grew in size.
Re: (Score:2)
(#) He's apparently more into the wholesome heterosexual act of urinating in the mouths of underage girls [spin.com]. (Link goes to music website article entitled "R. Kelly’s Alleged Sex Crimes Are Still Horrific 13 Years Later " in case you're wondering whether it's okay to click).
Re:HIV Status?? WHY! (Score:4, Insightful)
It's not a dating app, it's a hookup app for male homosexuals. There are people for whom it does in fact matter, and the least problematic group of 'em are those who are deliberately seeking sex partners whose HIV status is the same as theirs.
Part of how you can tell the difference is that hookup apps assume that, basically, you're for various reasons unable or unwilling to hire a sex worker--but you probably should, if you're not willing to even talk enough before having sex to discuss things related to safe sex. Of course, that might also be why you may not be able to hire any of the local sex workers anymore...
Re: (Score:2)
You can get double aids, in fact already having aids makes you super sensitive to getting a second strain of it. The HIV status is used by people trying to pretend they are being safe while having unprotected sex with strangers and "bugchasers" whose fetish includes having sex with/contracting AIDs.
Re: (Score:2)
I did say 'least problematic' group. Most of the discussion about all of this isn't happening in public, and some of the people I've met who are offended by bringing it up are involved in shaping the public health response to HIV...so, unfortunately, a decent number of them aren't 'trying to pretend' but rather completely unaware because the people whose job it is to make sure they know better are playing ostrich.
Re: (Score:2)
There is no such thing as double AIDS. If you had AIDS and went on HAART, the chance of being infected with a second strain, ie. superinfection, is remote. Source: my primary physician who is also an HIV specialist.
And the HIV status on hookup apps/ads is primarily used for other cases, not the deranged cases your cited.
Re: (Score:2)
Super infections are common.
https://www.sciencedirect.com/... [sciencedirect.com]
Re: (Score:2)
Not in people already on HAART.
Re: (Score:2)
What does HAART have to do with using a dating app?
Re: (Score:2)
There are missing facts from that page, IMO. People who are on HAART on already contract seldom, if ever, become subsequently infected with another strain which may be resistant to their own meds. If this actually happened, they would cease to become undetectable, ie. their meds no longer would work. As long as the meds work, and the viral load remains undetectable, viral particles that could be analyzed to determine the presence of another strain are simply absent, by definition.
Thus, superinfection is rea
Re: (Score:3)
Disclosure is part of the law in a number of jurisdictions. Others don't want to have that strange moment when one of the two says, "Oh, BTW, I'm poz.". A lot of poz guys get broken hearts that way. Some guys want to be aware of the status, while it doesn't matter to others.
Do we need reminding? (Score:5, Insightful)
Number one rule of the web: Don't disclose sensitive personal information to startups or apps.
Number two rule of the web: Don't disclose sensitive personal information to startups or apps.
Number three rule of the web: DON'T DISCLOSE SENSITIVE PERSONAL INFORMATION TO STARTUPS OR APPS!
etc..
Re: (Score:2)
You do know that people have developed a capability lately that became known to experts as "lying"?
Re: (Score:2)
Long ago, I actually considered this when looking at the whole STD spread thing. I live in a community that has a considerably-high STD rate.
This lead down a rabbit hole of designing an ID card or bracelet that contains medical records (using high-security storage--military-grade chipsets are actually dirt cheap, e.g. what Yubikey uses in $20 devices) and uses RTC tracking. You bring yours up to someone else's, you both acknowledge (physical button press) the exchange, and they blink a color-coded code
Re: (Score:2)
This idea is interesting but as a form of trust verification it still relies heavily on the user, and would instill a sense of false security that could only lead to more not adhering to safe sex practices. It seems to be more of a Rube Goldberg method of sharing lab report printouts.
Technology that could provide a test quickly and accurately on demand would go much further in helping to limit the spread of infection.
Re: (Score:2)
Yeah, that's pretty much it. You'd get closer with medical reporting and some sort of social system (e.g. people anonymously notate details about their sexual partners and the data is correlated, so we can extrapolate sexual habits, risk behaviors, and contact with those infected to identify potential infections); but that involves the back-end to be aware of all of these facts about everyone.
The whole approach was to eliminate any third-party knowledge. That becomes ... difficult at high connection ra
Re: (Score:2)
Diseases that were recently acquired cannot instantly be detected . Individuals who just contracted HIV are actually the most infectious. they have a very high viral load, but test negative on an antibody test, which is typically used for screening. You would need to know for sure that you haven't had any exposure during the entire window period of the test. And moreover, you would need to make sure that your partner either. I fail to see how a technological gadget helps with that problem.
Re: (Score:2)
Yep. The whole thing is a risk control; there's no such thing as risk elimination. You can avoid the risk by not having sex, although you still have the risk of transmission by other bodily fluid contact (e.g. blood). You can mitigate it with condoms (these can fail).
We currently have a sort of voluntary system whereby people give you soft data: "Yes I'm clean, I get tested regularly, I always use condoms". The fact that they're willing to perform oral sex without a condom should be a warning, altho
Re: (Score:2)
Why just startups? Also big companies too like MS, Apple, Google, Facebook, etc.
Re: (Score:2)
No. It is mainly spread because many people don't know their real, current HIV status.
Plain-text and network surveillance (Score:1)
Sandvine (AKA Procera Networks) recently and quietly added a signature for Grindr, more or less directly when that department was out-sourced to India. The plain-text "feature" is a chilling fact knowing this, and knowing that their products can excerpt details from dataflows in realtime, adding only configuration.
Posting AC for obvious reasons.
Re: (Score:2)
So if someone tells you they got HIV they violate HIPAA? Because this it people telling other people (potential hookups) some vital information with Grindr the media they use for communication.
Grindr isn't about coffee dates with hipsters? (Score:2)
I guess I understand the gay thing in theory. I just can't relate on any practical level.
Hey, if it's love, it's love, and love is difficult enough to find in the "straight" world as it is.
Re: (Score:2)
Re: (Score:3)
Odd, isn't it? That must be why they never have big moustaches and wear lots of leather.
just a couple more (Score:3, Informative)
Re: (Score:2)
Still, more people have a pussy as a pet than an ass.
Re: (Score:2)
What fucking gay bashers on here? I've seen maybe two posts in the whole discussion that are critical of homosexuality and they're hardly fucking 'bashing'.
Still, don't let your defensiveness stop you being a bigger arsehole than, well, the goatse guy. Who may or may not be gay.
Re: (Score:2)
Do they get to choose the side they have to wear the star on?