Do Dating Apps Care About Your Privacy? Comparing Tinder, Bumble, Hinge, OkCupid, and Grindr
February 14, 2019
Concerned about your privacy while using Tinder, Bumble, Hinge, OkCupid, Grindr, or other dating apps? You should be. Use this guide to stay safe while using dating apps.
You Give Away Tons of Information to Dating Apps
Today is Valentine’s Day, meaning a lot of people are doubling-down on their swiping. Dating apps have reported up to a 230% increase in usage when compared to a typical Saturday.
In today’s digital world, dating apps are a great way to meet people. It means publicizing a lot of your most private information. Your name, birthday, gender, sexual orientation, email address, phone number, and location are usually necessary for signing up. And if you want to find a match, that means at least including a few pictures and a personalized bio, most likely your educational background and current job, and maybe even connecting other third party apps like Instagram and Spotify. Before you know it, the app has information about your personal schedule, where and when you use the app, what kind of phone you have, the kinds of people you like, the silly one-liners you use to start conversations, and much, much more.
“You are lured into giving away all this information,” says Luke Stark, a digital technology sociologist at Dartmouth University. “Apps such as Tinder are taking advantage of a simple emotional phenomenon; we can’t feel data.” When you’re creating your dating app profile, you’re probably not thinking about how the app will use your data, you’re thinking about what might appeal to a potential match. But before you know it, the app has tons of information about you and your behavior, and they’re monetizing it.
Privacy Comparison: Tinder, Bumble, Hinge, Grindr
Privacy Score: 1/5
Although you can login to Tinder using your phone number instead of your Facebook account, users have reported that the app seems to glitch when you do this: it keeps showing the same profiles in the stack, even after you’ve swiped on them. Logging in with Facebook seems to take care of this issue. Furthermore, sharing your location services with Tinder is not optional: the app will not function without it.
The most concerning issue with Tinder is that not all of your information is encrypted. An attacker would be able to see a user’s profile picture and all the pictures he or she is looking at. Although the data sent from the company’s servers in response to left and right swipes is encrypted, it is possible to tell the difference between the two responses based on the length of the encrypted text. By exploiting the two flaws, an attacker can see the pictures that the user is looking at and the direction they are swiping on them. The solution to this is to only swipe while on a secure network, not a public WiFi, or use a VPN.
Privacy Score: 3/5
We could not find any major issues with Bumble’s privacy practices. Like other companies, they sell aggregated information, which is easy to de-anonymize. We recommend using Masked Info from Blur when signing up, as well as a VPN.
Privacy Score: 3/5
Similar to Bumble, we could not find any major issues with Hinge. They also sell aggregated information. It seems that while you can disable location services, the app will not function without them. Again, we recommend using Masked Info from Blur when signing up, as well as a VPN.
Recently, a journalist from The Guardian requested that Tinder send her all of the data that they have about her, as is her right under GDPR. They gave her 800 pages of data, including all of her matches, the profiles that she swiped right or left, her instagram photos (even after she had deleted that account), Facebook likes, and her physical locations whenever she was swiping or chatting.
That’s how these apps are able to make so much profit. While you could get some nice conversations, probably some creepy ones, and hopefully a worthwhile date or two, dating apps are making insane profits.
Mobile dating market revenue in the United States from 2009 through 2017 (in million U.S. dollars):
This is the same monetization of data done by companies like Google, Facebook, Ancestry, and most other services. “The general practice means holding and capturing every little piece of information you can in case you could potentially use them in the future,” Nico Sell, the cofounder and co-chairperson of encrypted messenger app Wickr, told WIRED. This makes your information vulnerable to hackers.
Data Brokers Can Get Info from Dating Apps
Dating profiles can also be sold to data brokers. In 2017, artist Joana Moll and the NGO Tactical Tech purchased one million dating profiles from USData, a data broker website. The profiles came from dating sites including Match, Tinder, Plenty of Fish, and OkCupid. For around $153, they gained access information like usernames, email addresses, gender, age, sexual orientation, interests, profession, as well as detailed physical and personality traits and five million photos.
Companies use this information to help repopulate their site and make it look more popular, as well as to get a better understanding of user behavior on the apps.
“It is pretty clear some of the apps have significant consumer privacy issues,” a researcher, who wishes to remain anonymous, told WIRED. “I don’t think any of these apps have bad intentions but some of them have negligent security practices that would allow an attacker or a person who has bad intentions to find out information about users the app doesn’t intend.”
How to Stay Safe on Dating Apps
1. Don’t give away too much. Keep your information on the vague side, for example by using a nickname (e.g. “Julia” instead of “Julianne”), putting your industry instead of your job or company, and so on. You’d be surprised what can come up in a Google search of just your first name + job!
2. In your bio, avoid sharing any information that you wouldn’t be comfortable telling to a stranger on the street- keep it light and simple (which is also good advice for finding a match).
3. Don’t connect third-party apps. Linking to your Instagram or Spotify probably won’t drastically increase your chances of making a match. If you need to use Facebook to use the app, consider making a disposable Facebook account just for that purpose.
4.Check that the app encrypts your data, and swipe only from secure networks (such as your house, not the pubic WiFi at Starbucks).
5. Take the usual precautions IRL. Meet in a public place, tell a friend where you’ll be, and make sure your phone is charged.
Use DeleteMe and Blur to Stay Safe on Dating Apps
The Masked Phone feature from Blur is particularly useful for dating apps. With a Masked Phone, you can receive calls and text messages just like with your regular phone number. But, not only will you not give away your real phone number to the app, you don’t have to give your real phone number to your dates. A lot of people like texting before meeting in real life- either to keep the conversation going off of the app or just to make meeting up easier. Still, giving your phone number to somebody who you have yet to meet in real life might not be the best idea. With a Masked Phone from Blur, you don’t have to worry.
DeleteMe can help make sure that information that’s already been sold to a data broker doesn’t come back to hurt you in real life. As we mentioned before, it’s pretty easy to find a person online, even from Googling just their first name + city, university, or job description. A stranger from a dating app can find out information like your address, email, or phone number from data brokers like Whitepages, Intelius, Spokeo, or BeenVerified. DeleteMe removes you from sites like this, keeping you safe from creepy Tinder guys, stalkers, or others looking to take advantage of you.
Happy Valentine’s Day from Abine!
Abine, Inc. is The Online Privacy Company. Founded in 2009 by MIT engineers and financial experts, Abine’s mission is to provide easy-to-use online privacy tools and services to everybody who wants them. Abine’s tools are built for consumers to help them control the personal information companies, third parties, and other people see about them online.
DeleteMe by Abine is a hands-free subscription service that removes personal information from public online databases, data brokers, and people search websites.
Blur by Abine is the only password manager and digital wallet that also blocks trackers, and helps users remain private online by providing ‘Masked’ information whenever companies are asking for personal information.
Abine’s solutions have been trusted by over 25 million people worldwide.
Julianne joined Abine in 2018 after studying international justice at Leiden University. She is a dedicated privacy advocate and an opt-out expert. When she’s not fighting data brokers, she enjoys unplugging with a cup of coffee and her cat.