Grindr accused of heavy-handed biometric data requests

Grindr seems to have gotten itself into one of the few positions that even its most flexible subscribers have not experienced.

The very adult dating app reportedly demands biometric and other identifiers from anyone wanting to know exactly what personal data Grindr has gleaned from people as they use the service.

The service requires the that curious submit a photograph of themselves holding their passport and a paper with their email address to authenticate their identity, presumably with a biometric match.

Advocacy group the European Center for Digital Rights has formally complained that requiring this information is a violation of the European Union’s General Data Protection Regulation, or GDPR. The center also goes by “noyb,” or none of your business.

An article in the U.S.-based legal publication Jurist, quotes a noyb post saying Grindr’s position is “absurd” because anyone can participate in the service using just an email address and a password.

Initially enrolling in Grindr, according to the service’s privacy policy, requires more, specifically; “that you provide limited Personal Data such as email or phone number and date of birth.”

The comparatively light enrollment is welcome to some because it is easier to hide identifiers like legal names.

The policy also states that Grindr collects systems and activity data from subscribers.

Another adult-entertainment site, OnlyFans, has gotten snagged in Illinois’ Biometric Information Privacy Act (BIPA). In trying to keep minors out of the service (which in part offers sexually explicit content), it began a selfie-biometric process.

That process also did not spell out in detail how each person’s biometric data would be stored and managed.

Jumio named in BIPA suit

A potential class action lawsuit filed under BIPA against leading cryptocurrency exchange Binance also names Jumio in allegations that the plaintiff did not receive the requisite notice that his biometric data would be collected during the onboarding process, according to the Madison – St.Clair Record.

The plaintiff also alleges in a suit filed in St. Clair County Circuit Court that he did not receive the required information about data retention and destruction.

Jumio settled a similar biometric data privacy lawsuit last year for $7 million.

Article Topics

authentication  |  biometric data  |  biometric identifiers  |  Biometric Information Privacy Act (BIPA)  |  biometrics  |  data protection  |  GDPR  |  Jumio  |  lawsuits  |  legislation  |  onboarding  |  privacy