惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Archives - TechRepublic
Security Archives - TechRepublic
Project Zero
Project Zero
K
Kaspersky official blog
G
Google Developers Blog
T
Threat Research - Cisco Blogs
T
The Blog of Author Tim Ferriss
Cyberwarzone
Cyberwarzone
Y
Y Combinator Blog
Recorded Future
Recorded Future
Blog — PlanetScale
Blog — PlanetScale
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
Microsoft Security Blog
Microsoft Security Blog
H
Help Net Security
S
Schneier on Security
P
Palo Alto Networks Blog
H
Hacker News: Front Page
N
News and Events Feed by Topic
N
Netflix TechBlog - Medium
博客园 - Franky
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
SecWiki News
SecWiki News
Cloudbric
Cloudbric
TaoSecurity Blog
TaoSecurity Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The Hacker News
The Hacker News
C
Check Point Blog
L
LangChain Blog
腾讯CDC
小众软件
小众软件
T
Tenable Blog
Google DeepMind News
Google DeepMind News
GbyAI
GbyAI
L
LINUX DO - 最新话题
A
About on SuperTechFans
Google Online Security Blog
Google Online Security Blog
C
Cisco Blogs
Recent Announcements
Recent Announcements
Hacker News: Ask HN
Hacker News: Ask HN
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Vercel News
Vercel News
雷峰网
雷峰网
美团技术团队
D
DataBreaches.Net
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
F
Full Disclosure
博客园_首页

Electronic Frontier Foundation

EFFecting Change: LGBTQ+ Solidarity Against the Tide of Surveillance EFFecting Change Site Banner 6.17.26 Victory! 702 has Expired! Yes to California's Bill to Ban Surveillance Pricing ‘News’ Site Keeps Hallucinating EFF Staffers LGBT Q&A: We’re Back With Season 2! Congress Just Rushed Through a Disastrous Copyright Office Overhaul The 702 Ultimatum: Warrant Requirement or Bust Enshittification Merch That Actually Fights Enshittification 🔊 Mass Surveillance for… Loud Music? | EFFector 38.11 How and Why to Fight Back Against Social Media Bans Tell Congress: Just Say No to NO FAKES VICTORY: Meta Strips Facial Recognition Code From Smart Glasses App After Public Outcry Cheers to the Winners of EFF’s 18th Annual Cyberlaw Trivia Night! EFFecting Change: If You Own It, Why Can't You Fix It? Internet Age-Gates Are a Growing Global Threat LGBT Q&A Season 1 Recap: Staying Safer Online EFF at TechCrunch Disrupt California’s AB 412 Still Demands Developers Do The Impossible Pulte Appointment Underscores Need to Reform Section 702 Spying EFF Testifies to Congress on Protecting Americans’ Rights from Government AI Move Fast, Surveil Things EFF at DEF CON 34 We're Fighting Mass Surveillance Tech—and Winning Welcome New EFF Executive Director Nicole Ozer One Step Forward, Two Steps Back: CA's AB 1856 Exempts Open Source But Expands Age-Gating Barcelona Cybersecurity Congress Age Verification is a Privacy Nightmare More License Plate Reader Mission Creep: School Residency Verification, Background Checks, and Noise Complaints 🔒 A Win for Encrypted Messaging | EFFector 38.10 Microsoft Took a Step Toward Human Rights Accountability. Google and Amazon (and Others) Should Pay Attention! Your Privacy Shouldn't Be A Corporate Decision EFFecting Change: LGBTQ+ Solidarity Against the Tide of Surveillance We Updated Our Privacy Policy. Here's What Changed and Why. We Must Not Normalize Digital Surveillance Abuses. EFF’s New Guide Underlines Concrete Steps to Fight Back. EFF at Black Hat USA Help EFF Solve an Issue That's Bigger than Creepy Ads The Science is Not Settled: How Weak Evidence is Fueling a National Push to Ban Social Media for Youth Broken Promises: RIP Instagram’s End-to-End Encrypted DMs Victory! End-to-End Encrypted RCS Comes to Apple and Android Chats EFF Launches New Offline Campaign for Saudi Wikipedian Osama Khalid A Hackers Guide to Circumventing Internet Shutdowns Canada’s Bill C-22 Is a Repackaged Version of Last Year’s Surveillance Nightmare EFF to Fourth Circuit: Electronic Device Searches at the Border Require a Warrant EFFecting Change Site Banner 5.14.26 EFF Stands in Solidarity With RightsCon and the Global Digital Rights Community Congress Narrowed the GUARD Act, But Serious Problems Remain Free Signal Guide Milestone 1.0.0 Release of APK Downloader `apkeep` Powers Research on Android Apps 👎 California's Terrible, No Good, Very Bad Social Media Ban | EFFector 38.9 The SECURE Data Act is Not a Serious Piece of Privacy Legislation Offline: Osama Khalid EFF and 18 Organizations Urge UK Policymakers to Prioritize Addressing the Roots of Online Harm Shut Down Turnkey Totalitarianism EFF Submission to UK Consultation on Digital ID Getting Digital Fairness Right: EFF's Recommendations for the EU's Digital Fairness Act A Bridge to Somewhere: How to Link Your Mastodon, Bluesky, or Other Federated Accounts Utah’s New Law Targeting VPNs Goes Into Effect Next Week Open Records Laws Reveal ALPRs’ Sprawling Surveillance. Now States Want to Block What the Public Sees. Digital Hopes, Real Power: From Connection to Collective Action Aaron v. Bondi EFF Submission to UN Report on the Role of Media in the Context of Israel’s Policies Toward Palestinians Former EFF Activism Director's New Book, Transaction Denied, Explores What Happens When Financial Companies Act like Censors The Open Social Web Needs Section 230 to Survive The GUARD Act Isn’t Targeting Dangerous AI—It’s Blocking Everyday Internet Use Congress Must Reject New Insufficient 702 Reauthorization Bill The Internet Still Works: SmugMug Powers Online Photography Act Now to Stop California’s Paternalistic and Privacy-Destroying Social Media Ban EFF Challenges Secrecy In Eastern District of Texas Patent Case California Coastal Community Must Reject CBP's AI-Powered Surveillance Tower EFF to 9th Circuit (Again): App Stores Shouldn’t Be Liable for Processing Payments for User Content 📁 How ICE Got My Data | EFFector 38.8 EFF Sues DHS and ICE For Records on Subpoenas Seeking to Unmask Online Critics Bay Area Members' Speakeasy with WISP Copyright and DMCA Best Practices for Fediverse Operators Palantir Has a Human Rights Policy. Its ICE Work Tells a Different Story Keep Pushing: We Get 10 More Days to Reform Section 702 EFF at RightsCon Stop New York's Attack on 3D Printing How Push Notifications Can Betray Your Privacy (and What to Do About It) Google Broke Its Promise to Me. Now ICE Has My Data. EFF Calls on Kuwait to Release Journalist Ahmed Shihab-Eldin Digital Hopes, Real Power: The Rise of Network Shutdowns EFF to State AGs: Investigate Google's Broken Promise to Users Targeted by the Government The Dangers of California’s Legislation to Censor 3D Printing The Bay Agenda: Security for Journalists EFF 🤝 HOPE: Join Us This August! Hot Off the Press: EFF's Updated Guide to Tech at the US-Mexico Border War as a Pretext: Gulf States Are Tightening the Screws on Speech—Again Speaking Freely: Dr. Jean Linis-Dinco We Need You: Our Privacy Cannot Afford a Clean Extension of Section 702 Yikes, Encryption’s Y2K Moment is Coming Years Early Comparison Shopping Is Not a (Computer) Crime EFF is Leaving X Banning New Foreign Routers Mistargets Products to Fix Real Problem Another Court Rules Copyright Can’t Stop People From Reading and Speaking the Law 👁 Selling Mass Surveillance | EFFector 38.7 Digital Hopes, Real Power: How the Arab Spring Fueled a Global Surveillance Boom Privacy Index Workshop EU Parliament Blocks Mass-Scanning of Our Chats—What's Next?
EFF to Grindr: This Pride Month, Put Safety and Privacy Over Profits
Lena Cohen and Paige Collings · 2026-06-27 · via Electronic Frontier Foundation

This Pride month, we’re calling on the dating app Grindr to prioritize LGBTQ+ user safety by making privacy the default across its platform. That means no more sharing personal data with advertisers or training AI on private information without users’ opt-in consent.

Grindr is a dating app for the LGBTQ+ community; and for queer people, privacy violations can have life-altering consequences. Information that reveals someone’s sexual orientation, gender identity, or HIV status can be used by employers, governments, family members, scammers, or bad actors to inflict harassment, discrimination, arrest, or violence. For example, data from Grindr and other gay dating apps was sold by data brokers and used to 'out' (the act of disclosing someone's sexual orientation without permission) a gay priest in 2021. 

Despite being the world's most popular gay dating app, Grindr has repeatedly mishandled users' sensitive data. Grindr has been caught sharing users' HIV status and precise location with advertisers without obtaining valid consent, resulting in reprimands and fines in several countries. Its former Chief Privacy Officer even sued, alleging the company fired him for raising concerns about Grindr prioritizing “profit over privacy."

Grindr ended several of its most egregious data sharing practices after they were exposed. But more changes are needed if Grindr wants to earn back trust and prove its commitment to users’ privacy and safety. This Pride month, we’re calling on Grindr to make privacy the default and ensure the immediate implementation of two changes to better protect its users:

Opt Users Out of Behavioral Advertising by Default

Grindr currently allows users to opt out of behavioral advertising, but that protection is not enabled automatically (except in some unspecified regions). As we’ve long warned, behavioral advertising relies on the collection and sharing of personal data across a vast network of advertisers, intermediaries, and data brokers. Once information enters this ecosystem, users have little control over where it goes or how it is used: people’s most private and intimate information can be aggregated, sold, and combined with information from other sources to create detailed personal profiles.

By default, Grindr appears to share data with numerous advertising and tracking companies. Using TrackerControl, an app developed by privacy researcher Konrad Kollnig, we recorded Grindr contacting 20 third-party tracking domains during 15 minutes of app activity (see Grindr_TrackerControl_06-23-2026.csv for exported results). TrackerControl observed Grindr contacting Big Tech companies and ad-tech intermediaries, many of which have faced significant legal scrutiny for privacy violations. Several of these companies auction off ad space through a process called “real-time bidding,” which can expose user data to hundreds of additional companies and be exploited by data brokers

The dangers of Grindr’s default settings exposing users’ personal data to this ecosystem are not hypothetical. Between approximately 2017 to 2020, a location data broker collected the precise movements of millions of Grindr users from digital advertising networks and made them available for sale. The commercially available data was allegedly so detailed that, in some cases, it could be used to infer romantic encounters between specific Grindr users. 

Although Grindr has stated that it no longer shares precise location data or profile information with advertisers, it acknowledges sharing other personal data, including mobile advertising identifiers (MAIDs)—unique, persistent device IDs that allow advertising companies and data brokers to connect data about the same individual across different sources. MAIDs are not anonymous, and an entire industry exists to link them to more directly identifying information, like emails and phone numbers. According to Grindr’s privacy policy, companies receiving users’ MAIDs “are aware that such data is being transmitted from Grindr,” which could expose a users’ sexuality to the advertising and data broker ecosystem.

Opt Users Out of AI Training on Personal Data by Default

Grindr should stop training its AI models on users’ personal data without opt-in consent. 

Grindr has been investing heavily in AI features as its CEO strives to make Grindr an “AI-first business.” New AI features include a wingman chatbot, profile recommendations based on users’ inferred “type”, summaries of previous interactions with other users, and AI-generated insights about other profiles (like responsiveness, typical online hours, and engagement patterns). By default, Grindr uses its users’ personal data to train the AI models behind these features.

Grindr claims to never use sensitive health information for AI training and requires users to opt-in to AI training on “special-category” data, which includes chat content and precise location. But Grindr automatically enrolls users in AI training on other private information, including profile photos, age, taps, and display names. Users must navigate several levels of Grindr settings to prevent these personal details from being used to train Grindr’s AI.

AI systems trained on personal data create new privacy risks, including the possibility that personal information may be retained, reproduced, or exposed in unexpected ways. For example, researchers have been able to extract training data from AI systems like ChatGPT.

Beyond AI training, Grindr enables AI-powered features by default and allows both “special-category” data and other personal information to be processed by those features. Even users without access to premium-subscription AI features could have their data automatically used to power those features for other users. “Behavior-based profile insights” (pictured below) could expose information that users would never choose to share publicly, like the types of people they interact with on Grindr, their typical online hours, and how often they initiate conversation with other users.

AI-powered profile insight stating that a Grindr user is "most likely to interact with Tops, ages 22-43, and tribes Discreet and Jock." Insight also displays the user's response rate, initiation rate, and when they're most active on Grindr.

Image of the “Profile Insights” feature from a Grindr blogpost promoting its premium, AI-first subscription

Regardless of whether new AI features leak private information, users deserve meaningful control over how their personal data is used and by whom. Grindr notifies users that their personal information may be used to train AI and that they can opt out on a separate settings page, but this notice does not specify the type of data used (i.e. profile photos, taps) and it is unlikely that people carefully read or understand it. Closing the notice or clicking its only button (which is “Proceed”) maintains Grindr’s default of using personal information for AI training. To respect users’ autonomy, Grindr should require opt-in consent before training AI models on personal data.

Notice entitled "AI for Personalization & Connection" describes the use of personal data for AI features. The only prominent button is "Proceed"

Notice displayed in the Grindr app about the use of personal data for new AI features

Celebrate Pride by Demanding Better Privacy

Grindr must immediately stop prioritizing profits over users’ safety. The ability to opt-out is not an acceptable substitute for opt-in consent, especially given the added risks of data sharing for LGBTQ+ users. Defaults matter—studies show that most people cannot or do not change the default settings of technologies they use.

If Grindr wants to back up its claim that it “takes user privacy very seriously,” it should make privacy the default across its platform, rather than something users need to go through complicated processes to opt in to.