Grindr Dating App Deemed Security Risk

Grindr Cyber Security Risk

Grindr Foreign Ownership of Data Threatens National Security

The Committee on Foreign Investment in the United States (CFIUS) ordered the sale of dating app Grindr due to cyber security concerns. Grindr is a social and dating app for gay, trans, bi and queer people owned by Beijing Kunlun Tech Co Ltd. CFIUS expressed concerns that the personal data collected by Grindr could be used to blackmail individuals with security clearances. Foreign ownership of personal data threatens national security.

Beijing Kunlun Tech Co Ltd, formerly Kunlun Ltd., is a Chinese gaming company that owns Grindr. Beijing Kunlun Tech Co., Ltd. conducts research, development, and the distribution of mobile game platforms in China and internationally. It also provides online financial services and has a stake in web browser, Opera. Kunlun purchased a majority stake in California based Grindr in 2006 and then bought out the rest of the company in 2016 and 2018. Since August 2018, Kunlun was preparing for an initial public offering of Grindr but now is looking to sell.

CFIUS concern centers around the fact the Chinese ownership of the app and its data. As a dating app, it’s no surprise Grindr collects highly personal information about its users. Grindr users post photos and share personal details including age, sexual preferences, HIV status as well as current location. The security concern is that China could access and exploit the personal data collected by Grindr to target security workers, officials, and even ordinary citizens and coerce them into spying on the US.

What is CFIUS?

The Committee on Foreign Investment in the United States (CFIUS) and operates under the US Treasury Department. According to its website, CFIUS is authorized to review certain transactions involving foreign investments in the United States in order to determine the effect of such transactions on US national security. CFIUS rarely reverses an acquisition after the sale is completed.

What is Grindr?

Grindr was launched in 2009 and is an online social network and dating app for gay, bisexual, transsexual, and queer people. Grindr is available on iOS and Android mobile devices and is free to use. The app also has a subscription-based version, known as called Grindr Xtra. In 2018, Grindr had 3.6 million daily active users in 196 countries.

In 2.018 Grindr was found to be sharing users’ HIV statuses with third-party app optimization companies, Apptimize and Localytics. Grindr was sharing private data with its contracted ad agencies including their gay subculture, relationship status, and location data. This information was connected to individual users through their email addresses and device IDs. Data-harvesting is a common revenue generator amongst tech companies. Grindr does not work with third party data brokers or sell user information to advertisers.

This is not the first time the US Government has taken issue with Chinese companies buying US firms loaded with data on US citizens. In the last two years, the US Government has stopped Chinese investors from acquiring MoneyGram International Inc and AppLovin. The US still has an ongoing dispute with Huawei, the Chinese telecom company.

How Does the Chinese Government Convince US Citizens to Spy on Their Behalf?
China is known to approach Chinese expats to convince them to spy on behalf of the Chinese government. Then it’s pressure with “your family lives here. The exploitation of personal data makes it easier for Chinese intelligence agencies to make successful “cold pitches” to Americans to those with security clearances and persuade them to spy.