December 17, 2021 | Online

Grindr takes financial hit in Norway

Grindr just received a lump of coal for Christmas, in the from of a fine from Norwegian authorities.

This week, the Norwegian Data Protection Authority (DPA, aka Datatilsynet) said Grindr was sharing users' data with third-party advertisers. The company was found to be sharing users’ IP addresses, ages, GPS location and more.

According to the European Union’s General Data Protection Regulation, it is illegal to share personal without a user's full consent.

DPA fined the company for $7.3 million. The fine was initially higher, but Grindr proved it was struggling financially and had also put into place new permissions policies.

Grindr was also ordered to erase all of the illegal data.

“This sends a strong signal to all companies involved in commercial surveillance," Finn Myrstad, who is the digital policy director at the Norwegian Consumer Council, said in a statement. "There are serious repercussions to sharing personal data without a legal basis. We call for the digital advertising industry to make fundamental changes to respect consumers’ rights.”

“We strongly disagree with Datatilsynet’s reasoning, which concerns historical consent practices from years ago, not our current consent practices or Privacy Policy,” Grindr responded. “Even though Datatilsynet has lowered the fine compared to their earlier letter, Datatilsynet relies on a series of flawed findings, introduces many untested legal perspectives, and the proposed fine is therefore still entirely out of proportion with those flawed findings.”

Grindr has three weeks to decide if it will appeal the fine.