All posts in “Grindr”

Dating apps face questions over age checks after report exposes child abuse

The UK government has said it could legislate to require age verification checks on users of dating apps, following an investigation into underage use of dating apps published by the Sunday Times yesterday.

The newspaper found more than 30 cases of child rape have been investigated by police related to use of dating apps including Grindr and Tinder since 2015. It reports that one 13-year-old boy with a profile on the Grindr app was raped or abused by at least 21 men. 

The Sunday Times also found 60 further instances of child sex offences related to the use of online dating services — including grooming, kidnapping and violent assault, according to the BBC, which covered the report.

The youngest victim is reported to have been just eight years old. The newspaper obtaining the data via freedom of information requests to UK police forces.

Responding to the Sunday Times’ investigation, a Tinder spokesperson told the BBC it uses automated and manual tools, and spends “millions of dollars annually”, to prevent and remove underage users and other inappropriate behaviour, saying it does not want minors on the platform.

Grindr also reacting to the report, providing the Times with a statement saying: “Any account of sexual abuse or other illegal behaviour is troubling to us as well as a clear violation of our terms of service. Our team is constantly working to improve our digital and human screening tools to prevent and remove improper underage use of our app.”

We’ve also reached out to the companies with additional questions.

The UK’s secretary of state for digital, media, culture and sport (DCMS), Jeremy Wright, dubbed the newspaper’s investigation “truly shocking”, describing it as further evidence that “online tech firms must do more to protect children”.

He also suggested the government could expand forthcoming age verification checks for accessing pornography to include dating apps — saying he would write to the dating app companies to ask “what measures they have in place to keep children safe from harm, including verifying their age”.

“If I’m not satisfied with their response, I reserve the right to take further action,” he added.

Age verification checks for viewing online porn are due to come into force in the UK in April, as part of the Digital Economy Act.

Those age checks, which are clearly not without controversy given the huge privacy considerations of creating a database of adult identities linked to porn viewing habits, have also been driven by concern about children’s exposure to graphic content online.

Last year the UK government committed to legislating on social media safety too, although it has yet to set out the detail of its policy plans. But a white paper is due imminently.

A parliamentary committee which reported last week urged the government to put a legal ‘duty of care’ on platforms to protect minors.

It also called for more robust systems for age verification. So it remains at least a possibility that some types of social media content could be age-gated in the country in future.

Last month the BBC reported on the death of a 14-year-old schoolgirl who killed herself in 2017 after being exposed to self-harm imagery on the platform.

Following the report, Instagram’s boss met with Wright and the UK’s health secretary, Matt Hancock, to discuss concerns about the impact of suicide-related content circulating on the platform.

After the meeting Instagram announced it would ban graphic images of self-harm last week.

Earlier the same week the company responded to the public outcry over the story by saying it would no longer allow suicide related content to be promoted via its recommendation algorithms or surfaced via hashtags.

Also last week, the government’s chief medical advisors called for a code of conduct for social media platforms to protect vulnerable users.

The medical experts also called for greater transparency from platform giants to support public interest-based research into the potential mental health impacts of their platforms.

Grindr, other dating apps are working to add STD notification features

Popular dating apps could soon help stop the spread of record high STD infections among their users.

Grindr and other primarily gay dating apps are exploring ways to add the ability for people who test positive for an STD to notify partners using the app, Mashable has learned in multiple interviews with public health experts.

According to Dr. Heidi Bauer, the chief of STD control at the California Department of Health, and Dan Wohlfeiler, director of the health consortium Building Healthy Online Communities (BHOC), STD partner notification messages are currently under consideration by several different app-makers, including Grindr, with one possibility already in the design and piloting phase.

When asked for comment, Jack Harrison-Quintana, director of Grindr for Equality said, “Grindr works very closely with Building Healthy Online Communities on several initiatives including STD related notifications.”

According to Dr. Bauer and Wohlfeiler, the most immediate and likely iteration of this functionality will be through a section in the apps that links out to existing anonymous notification services. Wolfheiler said that this sort of service is “currently being designed and piloted,” but that there is no firm timeline for release. 

In-app messaging — in which an STD notification takes place entirely within the app ecosystem — is on the table as well.

“A number of different possibilities have been discussed,” Dr. Bauer said in a recent phone call with Mashable. “It’s just sort of a matter of feasibility and impact.”

“The decision made was, let’s go forth with this system right now, where we have a link to external website that can do that,” Wohlfeiler told Mashable. “And then we can continue to discuss other options as they go. So we’re really excited.”

This increased integration between gay dating apps and public health initiatives has come about thanks to the Building Healthy Online Communities consortium. Since 2014, BHOC brought hook-up app creators together with public health agencies and officials to promote HIV and STD prevention. 

BHOC participants include Grindr, Adam4Adam, Daddyhunt, and other apps, as well as the National Coalition of STD directors, the AIDS Foundation, and other organizations. Conversations about how the apps can play a bigger role in STD notification have been part of ongoing discussions in the consortium. 

When asked about the decision to link out to STD notification resources referenced by Wohlfeiler, Grindr’s Harrison-Quintana said, “We are exploring several additional sexual health-related features for our application. However, at this time, we are not disclosing any further details around this project.”

Grindr recently launched several features around HIV testing reminders and HIV status sharing. But until now, Grindr has neither shared plans for nor implemented broader STD partner notification.

The app Adam4Adam already includes a link on its Health Resources page to “STD notification services for partners and tricks,” which directs to InSpot.org. Adam4Adam could not be reached for further comment, though they are a BHOC partner.

The app Daddyhunt, another BHOC partner, plans to release a new version of its app this summer that will include an option to log the date of a user’s last STD test, and receive testing reminders every three months. Daddyhunt’s General Manager, Casey Crawford, said that it is also in preliminary discussions with BHOC about including partner STD notification resources as part of an upcoming user interface redesign.

STD rates, particularly syphilis, have climbed among men who have sex with men in recent years. A notification system that’s linked to or integrated into hookup apps would make it easier for infected patients to tell current and past sexual partners they should get tested. 

“I’m super optimistic that we’re going to move in that direction,” Dr. Bauer told Mashable. “We’re not quite there yet, but there are definitely discussions.”

This revelation comes two weeks after the California Department of Health’s chief of the division of communicable disease control, James Watt, told the San Francisco Chronicle he believes social media has played a significant role in the recent increase in STD infection rates. Experts appear to agree with his assessment, but have added the major caveat that other factors have also played a role in the recent uptick in STD infections.  

As for ways that apps can play a role in STD testing and messaging, Bauer said she can see the feature working in a few ways. 

The linking out option would essentially educate and provide access to notification services that app users might not know exist. That would certainly make it easier for people to contact former partners, and would be the simplest and easiest to implement option. However, Dr. Bauer also noted that an option that links out to an existing notification service relied on affected app users having the email or phone number of their past sexual partners. According to Dr. Bauer, most people who find partners on apps like Grindr do have the phone numbers of their partners. But a link out option would miss the swath of people whose communication was contained within the app.

“That is a potential gap,” Dr. Bauer said. “This workaround will work in the majority of situations, because people at least have a phone number. But there are going to be some people missed if no contact information is shared.”

As for in-app options, one iteration would make STD notification messaging an option between users. In this case, the app would allow its users to maintain contact with people through the app, in the event that they needed to be reached for the sake of STD notifications. Dr. Bauer says this could help stop the spread of STDs because it would enable people to notify a person they might have otherwise lost contact with. 

Another option would be that the apps would own the notifications process themselves, which would help a person notify a former partner, while remaining anonymous. 

“The app could take the responsibility, with the consent of the user, to send out a notification to a particular individual,” Bauer said. “The app could send a notification to say: ‘It’s really important that you get tested for STDs, and here’s a link to a zip code based search engine to find the closest STD clinic near you.'”

A capability like that could increase the rates of STD infection notification messages, thereby potentially stopping a chain of infection, and decreasing STD rates overall. That’s because people who might not otherwise notify partners of STDs, because of embarrassment, might utilize an anonymous notification process owned by the app to tell partners that they should get tested — without specifics. This mirrors the capabilities of services like STDCheck.com, that the linking option would direct users to.

App-integrated notification is the direction that Daddyhunt CEO Carl Sandler hopes to move in, as well. He wants to enable Daddyhunt users to notify one another about risks of infection, regardless of whether they exchanged phone numbers or not. However, Sandler acknowledged that creating that capability will be challenging — especially as an industry standard. But he is committed to working with BHOC to increase health and safety for the gay community.

“What we’re trying to move towards is a real dialogue into the intricacies of what it takes to actually deploy these features on a site by site, or app by app, basis, because everyone’s app is built differently,” Sandler said.

In addition to technical challenges, implementing STD notifications, especially anonymous ones, risks misuse and trolls. It’s easy to see how dates or even just conversations gone wrong could lead to retaliatory false STD notifications. 

Bauer said that the conversations between dating apps and the department of health have been an evolving process. 

“I think the initial discussions they were not excited about that,” Dr. Bauer said, about in-app notifications. “When we talk to them, we have to find something that fits in their business model.”

Bauer’s department has already collaborated with apps including Grindr for public health in important ways. The CA Department of Health partnered with Grindr, Hornet, and Scruff to alert users to get vaccinated during a 2016 meningitis outbreak in Los Angeles that was spreading within the gay community. And Bauer is enthusiastic about even further potential collaborations between departments of public health and dating apps. 

She thinks it’s crucial to understand how dating apps play a role in people’s sex lives. The connectivity and communication they offer could potentially provide a lot of a positive opportunities for public health.

“We’re trying to use some of the same technologies in communicating with people, and notifying folks with health alerts,” she told Mashable. “I think we can’t condemn technology by any stretch. We need to just understand it and better use it.”

To that end, BHOC conducted a survey in 2013 that asked app owners, hookup website users, and public health officials to find common ground about the role apps can play in HIV and STD prevention. The resulting study has continued to inform public health efforts, including ways to make STD partner notifications easier.

“Nothing’s off the table,” Wohlfeiler said.

We’ll swipe right on that.

[embedded content]

As Chinese censorship intensifies, gays are back while teenage mothers and tattoos are out

Following the passage of a new cybersecurity law and the removal of term limits from Chinese president Xi Jinping, China’s government is conducting a comprehensive crackdown on online discussions and content, with few companies spared the rod by the central government.

Among the casualties has been Bytedance, the extremely high-flying $20 billion media unicorn startup that was forced to publicly apologize for content that degraded the character of the nation. The government forced the company to shut down its popular Neihan Duanzi comedy app, as well as to remove its headline news app, Jinri Toutiao, for three weeks. The company announced that it would expand the number of human censors from 6,000 to 10,000.

Another high-flying media unicorn, Kuaishou, has been under fire for allowing teenage moms to be depicted in a positive light. The app is unique among China’s top social networks in focusing on ordinary Chinese, and is known for its focus on people outside of large cities like Beijing and Shanghai. The company has faced public criticism from central television channel CCTV, as well as from regulators who have demanded the company act more aggressively in removing the content, a demand to which the company has acquiesced.

Meanwhile, over at Sina Weibo, China’s Twitter-like service, the company announced on Friday that it would ban violent and gay content from its service, following instructions from the State Administration of Press, Publication, Radio, Film, and Television. LGBT content has been in the crosshairs of the country’s media regulators for years; for example, censors banned “abnormal sexual behaviors” from being depicted in any media or mobile apps in 2017, a term which includes homosexuality.

However, in a rare about-face for corporate China and internet censors, the company announced that it would reverse its ban of LGBT-themed content, following thousands of comments and discussions online by gay Chinese citizens. The company’s crackdown on other content, though, is expected to continue.

There are other forms of censorship underway these days in China. China’s soccer players recently were banned from having tattoos, as it depicts a “dispirited culture,” which is banned on all media. Perhaps most importantly, the government has banned the use of private VPNs, in order to better control online discourse.

China’s censorship regime is certainly not new, but its intensity around culture and how it is depicted is relatively novel. While the Chinese government has generally kept a tight lid on political dissent, particularly since the Tiananmen Protests in 1989, it has generally used a lighter touch on non-political subjects.

However, the Communist Party of China is now attempting to control the culture much more directly, not just on broadcast media like television, but also on apps and devices throughout the Middle Kingdom.

Following the National People’s Congress in March, the regulation of China’s media has been reassigned from the government to the party’s Central Propaganda Department. Since then, the party has been working in overdrive to tamp down content that it deems to be foreign, crude, vulgar or not in the best spirit of the Chinese people.

While China’s media startups generally focus heavily on the mainland, their apps are also located in the app stores in other countries. Bytedance, which was forced to shut down its news app, also owns musical.ly, the popular music video app used by approximately 14 percent of American teenagers, according to some estimates. China’s censorship regime doesn’t stop at the nation’s borders then, but can extend its influence far wider.

Another example is Grindr, the popular gay dating app, which sold a majority share of its ownership to Beijing Kunlun Tech Company in early 2016.

The crackdown on speech is expected to continue over the coming weeks as the new rules are applied uniformly across the country. The situation is a reminder of the challenges of Chinese companies operating in the heavily controlled country.

Although there are many trade tensions between the U.S. and China these days, a key issue has been access to the Chinese market for American technology companies. Even if China were to open its borders though, it remains unclear how U.S. companies could faithfully apply the law of China while maintaining their own moral standards.

Grindr sends HIV status to third parties, and some personal data unencrypted

Hot on the heels of last week’s security issues, dating app Grindr is under fire again for inappropriate sharing of HIV status with advertisers and inadequate security on other personal data transmission. It’s not a good look for a company that says privacy is paramount.

Norwegian research outfit SINTEF analyzed the app’s traffic and found that HIV status, which users can choose to include in their profile, is included in packets sent to Apptimize and Localytics. Users are not informed that this data is being sent.

These aren’t advertising companies but rather services for testing and improving mobile apps — Grindr isn’t selling them this data or anything. The company’s CTO told BuzzFeed News that “the limited information shared with these platforms is done under strict contractual terms that provide for the highest level of confidentiality, data security, and user privacy.” And to the best of my knowledge regulations like HIPAA don’t prevent the company from transmitting medical data provided voluntarily by users to third parties as specified in the privacy policy.

That said, it’s a rather serious breach of trust that something as private as HIV status is being shared in this way, even if it isn’t being done with any kind of ill intentions. The laxity with which this extremely important and private information is handled undermines the message of care and consent that Grindr is careful to cultivate.

Perhaps more serious from a systematic standpoint, however, is the unencrypted transmission of a great deal of sensitive data.

The SINTEF researchers found that precise GPS position, gender, age, “tribe” (e.g. bear, daddy), intention (e.g. friends, relationship), ethnicity, relationship status, language, and device characteristics are sent over HTTP to a variety of advertising companies.

Not only is this extremely poor security practice, but Grindr appears to have been caught in a lie. The company told me last week when news of another security issue arose that “all information transmitted between a user’s device and our servers is encrypted and communicated in a way that does not reveal your specific location to unknown third parties.”

At the time I asked them about accusations that the app sent some data unencrypted and never heard back. Fortunately for users, though unfortunately for Grindr, my question was answered by an independent body, and the above statement is evidently false.

It would be one thing to merely share this data with advertisers and other third parties — although it isn’t something many users would choose, presumably they at least consent to it as part of signing up.

But to send this information in the clear presents a material danger to the many gay people around the world who cannot openly identify as such. The details sent unencrypted are potentially enough to identify someone in, say, a coffee shop — and anyone in that coffee shop with a bit of technical knowledge could be monitoring for exactly those details. Identifying incriminating traffic in logs could also be done at the behest of one of the many governments that have outlawed homosexuality.

I’ve reached out to Grindr for comment and expect a statement soon; I’ll update this post as soon as I receive it.

Security flaw in Grindr exposed locations to third-party service

Users of Grindr, the popular dating app for gay men, may have been broadcasting their location despite having disabled that particular feature. Two security flaws allowed for discovery of location data against a user’s will, though they take a bit of doing.

The first of the flaws, which were discovered by Trever Faden and reported first by NBC News, allowed users to see a variety of data not available normally: who had blocked them, deleted photos, locations of people who had chosen not to share that data and more.

The catch is that if you wanted to find out about this, you had to hand over your username and password to Faden’s purpose-built website, C*ckblocked (asterisk original), which would then scour your Grindr account for this hidden metadata.

Of course it’s a bad idea to surrender your credentials to any third party whatsoever, but regardless of that, this particular third party was able to find data that a user should not have access to in the first place.

The second flaw involved location data being sent unencrypted, meaning a traffic snooper might be able to detect it.

It may not sound too serious to have someone watching a Wi-Fi network know a person’s location — they’re there on the network, obviously, which narrows it down considerably. But users of a gay dating app are members of a minority often targeted by bigots and governments, and having their phone essentially send out a public signal saying “I’m here and I’m gay” without their knowledge is a serious problem.

I’ve asked Grindr for comment and confirmation; the company told NBC News that it had changed how data was handled in order to prevent the C*ckblocked exploit (the site has since been shut down), but did not address the second issue.