Tinder must be joking with their “download your data” option.
You may have noticed PersonalData.IO was recently in the news after helping a journalist from the Guardian, Judith Duportail, retrieve her personal data from Tinder.
Judith’s request was one of several hundred requests we have been managing for our growing users community since we announced a few weeks ago the birth of our data protection robot “Chommy”.
The article from the Guardian exposed how much sensitive data the app is collecting, triggering tons of discussions and questions on social media. We believe this happened because Judith was able to offer her own fresh look on her personal data, and insights into the power this data represents over her: there are indeed risks in having so much personal data circulating around without user’s controlling or even knowing what’s going on. This is especially the case when services like Tinder state in their privacy policy that
- you should not expect your data to be totally secured,
- some of the data can be shared with third parties, and
- you accept that your data is transferred to countries with data protection rules lower than those of your home country.
Well, there are two important aspects that were not emphasized in the article, and that are important to get the full picture:
- Tinder made it extremely difficult for Judith to access her data. In fact, it took lot of efforts of Judith and PersonalData.IO, together with legal assistance, to finally get access to her data. Tinder “personalises” a lot of the experience on their platform with people’s personal data. Well, this definitely required a lot of personal handling!
- Another issue she faced, which remains unresolved, is that Tinder only provided a partial access to her personal data. The data she received from Tinder only covered a tiny portion of the information and answers they should have provided. We believe they disregarded their obligations throughout the process. And we’re of course following up on that for our community of users.
We expected Tinder to react and they did… somehow
The article was widely shared, and no one likes to be exposed in such way. So we expected Tinder to react, and they could certainly have provided to their users access to their personal data, fully and without hindrance.
Then something happened! Tinder now offers a “Data Download” option here. We felt a little skeptical at first, and now that we have carefully looked at what Tinder decided to provide, we feel this is at best a very bad joke.
Why? Because Tinder provides to its users nothing they don’t already know, while still maintaining secret what users do want to know.
What Tinder provides is nothing users don’t know already
After opening what they send (which manifests itself as a webpage stored locally on your computer), you will see something like this appear:
So they show you all the things you kind of know already: your basic profile information (like your age), photos, message with your “matches”, purchase history, and then whether you use the Spotify plug-in. And if you dive into your message section, surprise, you only get to see the messages that you wrote, not the messages written by your matches.
In fact, Tinder’s reaction to the Guardian article is the following: they now tell you what you know already (“the information you provided us”), minus something. In our view, when a user makes a subject access request to a company, it is to know what the user already knows to have provided the company (like their age) plus something.
So what’s missing? A lot!
The chart below shows how we look at it.
- On the left, there is the data that a user provides directly to Tinder. You could expect Tinder to simply provide a full copy of this, but in fact they don’t. Indeed when you use Tinder, you provide them with personal information not only by typing or clicking in the app. The device you use to access the app could also sends tons of information related to you to Tinder (geolocation, access to photo library, phone ID number, sensors information, which other app you use, cookies information, etc).
- On the bottom there is data collected about you from 3rd parties. For example, if Tinder is using personal data acquired from other sources to “personalise” services or acquire new users, they should (i) tell which data they have acquired and provide a copy of it on demand, and (ii) provide you with the names of such sources.
- On the top, there is data transferred to 3rd party companies. Typically that would include, but not only, advertising companies or brands looking to reach certain category of targets consumers. Users have the right to know which data was transferred (receive a copy of it) and to know which companies received such personal data.
- On the right there is the data shared between companies of the Match Group, which includes not only Tinder but a long list of other dating services. We believe this aspect is particularly important for people to understand: as the group is trying to consolidate the dating industry, it is becoming, by nature, a significant point of failure from a privacy point of view. It is not enough to state in their privacy policy that Tinder may share information with other group companies. Individual users have the right to know precisely if data was shared within the group to better “cross sell” various dating services to them. They can also ask a copy of the data that was transferred and know the names of other groups companies that received data from Tinder.
- Finally, another very important category of data is the personal data inferred from all other data: the personal data produced by applying some logic of processing on the data we already talked about. The chart below provide a fictional example of how it may work with (i) the data that Tinder collects from users side directly and (ii) a third party source providing additional information to Tinder on its users:
Let’s note that people also have the right to understand such logic of processing. In this case, for example, Alfonso would be allowed to know about the existence of such user X file and to know how the service deducted that he’s gay, not attractive, and that he has no children. Let’s be clear: this chart is to illustrate the concept of profiling information and how it can be built. We assume for simplicity here that Tinder centralizes the data, but it could be that another player does the centralization, with Tinder acting as a 3rd party supplier; in practice this gets very complex, and the structure will be highly variable and dependent on where the ad is shown. We asked Tinder to disclose sufficient information that users could get a good sense of these arrangements. But we got nothing in return, so far.
It’s worth observing that some of these deductions will be based on data collected originally for another purpose. For instance, if an individual shares their geolocation data with Tinder to find more relevant local matches, this data should not be used to improve the profiling and the inferences about them.
This analysis leaves many questions about Tinder’s “Data Download” option. What value did they think they were adding with this, really? Is it just a quick move under the assumption that their users don’t know about their rights or are so naive that most of them will be happy with this?
Dear Tinder, we’re still waiting for real answers to your users’ requests. If you really care about them, it’s time to be transparent.
Thanks for reading! If you want to ask more questions about the legal subtleties involved here, feel free to use our Community Forums. If you want Chommy the data protection robot to help you ask for your Tinder data, you can do so here.
Jérôme Groetenbriel is co-founder of PersonalData.IO, a startup helping individuals regain control of their personal data, through innovative products built around the GDPR. PersonalData.IO also offers compliance solutions, business innovation and consulting services to companies, as well as expert advice to educators, regulators and journalists.
