Norway’s data protection watchdog has fined gay dating app Grindr more than €6 million for breaking privacy rules.
Grindr was found to have shared users’ personal data – without their permission – with hundreds of potential advertising partners.
The app had breached strict European Union privacy rules that Norway mirrors, the watchdog said in a statement on Wednesday.
Grindr has been fined 65 million kroner (€6.35 million) – a record for the country’s data privacy authority.
Norway had announced in January that it intended to fine Grindr more than €9 million — or around 10% of its global turnover — for data privacy breaches.
In 2020, the Norwegian Consumer Council had first filed a complaint against Grindr, saying the app had illegally shared users’ GPS locations, IP addresses, ages, gender, and their use of the app.
The personal information had been sent to several third parties for marketing purposes without users’ permission, the council claimed.
Grindr users were not asked specifically if they wanted to allow their data to be shared with third parties “for behavioral advertisement,” the authority added.
“Furthermore, the information about the sharing of personal data was not properly communicated to users.”
The Consumer Council’s director of digital policy, Finn Myrstad, said the data protection agency’s decision “sends a strong signal to all companies involved in commercial surveillance.”
“It is astonishing that the DPA has to convince Grindr that its users are LGBT+ and that this fact is not a commodity to be bartered,” added Ala Krinickyte, from European Center for Digital Rights.