The Norwegian Data Protection Authority is planning on fining the dating app Grindr 100 million Norwegian crowns for what the regulator said was illegal disclosure of user data to advertising firms. This amount of money equals 11.7 million dollars.
“Our preliminary conclusion is that the breaches are very severe,” the Norwegian agency said in a statement announcing what it said was a record fine corresponding to around 10% of Grindr’s estimated global annual revenue.
Grindr has time until Feb. 15 to respond to the claims, after which the Data Protection Authority will make its final decision in the case.
“We continually enhance our privacy practices in consideration of evolving privacy laws and regulations, and look forward to entering into a productive dialogue with the Norwegian Data Protection Authority,” a company spokesperson said in an emailed statement to Reuters.
GDPR sets guidelines for the collection, processing and sharing of personal information in the European Union as well as in non-EU Norway.
Reuters reports that the Norwegian Consumer Council (NCC), a watchdog, said in a January 2020 report that Grindr shared detailed user data with third parties involved in advertising and profiling, such as a user’s IP address, advertising ID, GPS location, age and gender.
According to NCC, in some cases, widespred sharing of personal data can become a matter of physical safety if users are located and targeted in countries where homosexuality is illegal. None the less, in cases with platforms like Grindr or Tinder, or other dating apps, user data is highly sensitive and directly can affect on one’s personal life. In that matter, the violation of the users privacy and none the less their trust can be cause serious damage.
In a statement on Tuesday, the NCC hailed the decision to fine Grindr as a historic victory for privacy.