US Government: Gay App Grindr is a National Security Risk

The intrusiveness of social media platforms allowed Russia to influence the 2016 presidential election and in the process mined all kinds of personal information about unwitting Americans.  Now, the gay chat/dating app Grindr is in the spotlight as concerns grow over the purchase of the app by a Chinese company and possible access to account holder information by the Chinese government.  A piece in Metro Weekly picks up on a story in Reuters that indicates the US government views the gay chat/dating app Grindr as a national security risk seemingly because of its use by so many members of the U.S. military and intelligence personnel.  Yes, here in Hampton Roads, there are LOTS of service members on Grindr.  Apparently the same holds true for intelligence personnel, all of whom can be geographically located with precision via Grindr.  Similarly, all of the personal information can be accessed.  Here are article highlights:

Gay dating app Grindr is to be sold by its Chinese owners because of a potential threat to national security.

That’s the news from Reuters, which reports that the Committee on Foreign Investment in the United States (CFIUS) has told Beijing Kunlun Tech Co Ltd that its ownership of the app is a national security risk.

[S]peculation is rife about why Grindr is considered a security risk, though both Reuters and Engadget have speculated that the presence of U.S. military and intelligence personnel on the app could be to blame.That’s in part because the U.S. government is becoming increasingly interested in how app developers handle their users’ personal information, particularly private or sensitive data — such as the location of U.S. troops or an intelligence official using the app.

Misuse of data is a particularly sore spot for Grindr, which has been hit with a number of unflattering headlines over the past year, including the revelation that the app was sharing users’ HIV status with other companies.

Grindr, which is currently celebrating its tenth anniversary, admitted to sharing users’ HIV status with two outside companies for testing purposes, as well as the “last tested date” for those who are HIV-negative or on pre-exposure prophylaxis (PrEP).

[T]he data being shared was so detailed — including users’ GPS data, phone ID, and email — that it could be used to identify specific users and their HIV status.

Another insight into Grindr’s data security policies came early last year when a D.C.-based developer created a website that allowed users to see who had previously blocked them on the app — information that is normally inaccessible.

The website, C*ckBlocked, tapped into Grindr’s own APIs to display the data after developer Trever Faden discovered that Grindr stored the list of who a user had both blocked and been blocked by in the app’s code.

Faden also revealed that he could use Grindr’s data to generate a map showing the breakdown of individual profiles by neighborhood, including information such as age, sexual position preference, and general location of users in that area.

With regards Grindr’s sale, Reuters reports that the app will be put up for auction, after Kunlun’s original plans to float Grindr for an initial public offering (IPO) were abandoned. Kunlun assumed control of Grindr in 2016, buying total control of the app in 2018.

Be it Facebook, Twitter, or now Grindr, apparently we have no secrets from those who want to spy on us.