Swipe left on privacy: Mozilla finds dating apps worse than ever
Posted: June 10, 2024
It may be true that there are plenty of fish in the sea, and yet you may want to think twice before using a dating app to snag your catch.
While there is a seemingly endless number of apps available today to help boost one’s ability to meet new people, the latest Mozilla report on dating apps has shed some light on the less-than-desirable features of these apps as well.
Describing a disturbing landscape of privacy violations, inadequate data protection, and questionable practices that put users’ sensitive information at risk, the report has many second guessing if the cons are outweighing the pros of these digital dating helpers.
Mozilla examined 25 popular dating apps and found that most of these platforms fail to safeguard users’ personal data and have gotten worse in this respect compared to Mozilla’s previous review in 2021.
What kinds of data are the apps collecting?
One of the most alarming findings of the report relates to the extensive data collection carried out by dating apps.
Platform to platform, these apps can gather a surprising amount of personal information, ranging from basic details like name and age, to highly sensitive data such as political leanings, religious beliefs, sexual orientation, HIV status, and even intimate details about users’ past sexual experiences.
What’s more, some apps also require biometric information for user verification, which is another highly sensitive type of personal information.
The collection of this information is often framed as voluntary by apps – but some apps, like Tinder, make access to some features fully contingent upon sharing data, like precise geolocation, essentially forcing users to either opt in or look for love elsewhere.
Furthermore, several apps showed a propensity to collect data that the average user may not realize is being collected, such as information from direct messages sent within the app, or even data collected by the user’s camera.
What are the apps doing with this data?
As adept as dating apps have become at capturing and collecting personal data, many remain substandard when it comes to protecting that same information, according to Mozilla’s report.
Just over half of the apps reviewed (52%) did not demonstrate that they met even the minimum security standards when it came to keeping user information safe, and the same percentage of apps were scored as having a “bad track record” when it comes to breaching the personal information of its users.
The lack of robust data protection measures exposes users to a spectrum of risks, including potential discrimination, scams, harassment, and even physical harm.
Furthermore, several apps were “dinged” in the report for not only failing to protect user data, but also for freely sharing it with a variety of outside sources.
Most apps, according to the review, share user data with 3rd party advertisers, and some even sell the information to data brokers. What’s more, as AI continues to be top of mind across the business world, dating apps often utilize user information to train AI-models, in order to deliver more personalized ads and offers to individuals.
The real risks of poor privacy on dating apps
For someone not engrained in the world of data and privacy, some of the things described up to this point may not seem like a big deal at first.
So the app collects a lot of info about me and shows me personalized ads – what’s the big deal?
First, the ability to truly choose the experience described above, if desired, is important. People deserve to really know what they are signing up for when they start using a new dating app, and many times, that isn’t the case.
Mozilla’s report described the privacy notices of most apps as being limited and even purposefully misleading at times. Plain and simple, it’s clear that most users are not aware of what goes on with their data within these apps, and its likely most wouldn’t appreciate it if they were.
For those that are put off by an app’s data practices, though, some caution before moving to the next is also recommended. The report reveals that many apps are owned by the same parent company, such as Match Group owning Tinder, Hinge, Match, and OK Cupid, for example.
A user who is unsatisfied with the practices of one app might mistakenly sign up for the exact same experience if they choose another offering from the same corporation.
To mitigate these risks and protect user privacy, Mozilla offers several recommendations. For users, the report advises treating dating profiles with the same level of caution as professional profiles, assuming anyone could access the information shared. It discourages logging in with third-party accounts or linking social media profiles and suggests limiting app permissions where possible to minimize the amount of data shared.
The dating app companies themselves should also be concerned about the findings of this review by Mozilla. While data collection and sharing practices were typically hidden from the public in times past, these actions are being highlighted now more than ever.
Users are becoming more familiar with the concepts of data brokers, data sharing, and the training of AI-models – and they may be ready to swipe left on all of it. Brands need to take data privacy seriously or risk losing their audience to competitors that offer better experiences.
There is also the looming risk of substantial fines from legislators should organizations be found to be misleading or wrongfully sharing data they don’t have permission to share. Data privacy regulations are ramping up around the world in tow with regulators looking to make examples of the companies getting it wrong.
Importance of consent and preference management in dating apps
Ensuring that users have clear, informed choices about how their data is collected and used is essential for building trust and maintaining user satisfaction. The role of consent and preference management technology is integral for organizations handling high-volume, complex data.
Informed consent
Informed consent is the cornerstone of ethical data collection practices. Users should be fully aware of what data they are sharing, how it will be used, and who will have access to it. This transparency allows users to make educated decisions about their participation. Many dating apps fall short in this regard, with privacy policies that are often lengthy, complex, and difficult to understand. Simplifying these documents and presenting them in a user-friendly manner can significantly enhance user trust.
Granular preferences
Beyond just understanding what data is being collected, users should have the ability to customize their data-sharing preferences. This means allowing users to opt-in or opt-out of specific data collection practices, such as location tracking, sharing data with third-party advertisers, or using personal data for AI model training. Implementing more advanced, granular preference settings can empower users to control their digital footprint and ensure that their comfort levels are respected.
Continuous consent management
Consent should not be a one-time action. Users’ preferences and comfort levels can change over time, so dating apps must provide mechanisms for users to easily update their consent settings. Regular reminders and easy access to privacy settings can help users stay in control of their data. This ongoing engagement demonstrates a commitment to respecting user autonomy and adapting to their evolving needs.
Guard your heart and data
The consequences of these poor privacy practices on users can be far-reaching and severe.
The lack of data protection measures exposes users to a wide variety of risks, including potential discrimination, scams, harassment, and even physical harm.
The consequences are real for dating app companies as well, as there can be a tipping point of losing consumer trust that is impossible to come back from.
There are a lot of apps in the sea. If a company burns a user’s trust, they might find digital happiness elsewhere.
If you’re using a dating app, make sure you know what you are getting into. Don’t just guard your heart – guard your personal information too.
Though AI technology and legislation are rapidly evolving, there is enough of a trending pattern for savvy businesses to get ahead of the AI train. To help an organization make privacy-sensitive and future-proofed AI decisions use our AI top 10 checklist to support:
- Identifying data goals, strategy, and tactics
- Determine legal basis
- Solve transborder data flow concerns
- Consider data sets.