When the Chinese Kunlun Group bought gay dating app Grindr last year, there were concerns raised about users’ privacy. These concerns were serious enough to prompt U.S. officials to get involved, resulting in Kunlun agreeing to sell the app by the middle of next year. Now an investigation by Reuters reveals how the issue of the security and privacy of data from Grindr became a national security concern.
Last year, Kunlun gave its staff access to large amounts of data about the users of the app. This data included highly personal information such as HIV status, as well as private messages between users. For several months, engineers in Beijing were able to access this data.
There are no current indications that this data was misused. But the potential for misuse worried U.S. regulators, drawing the attention of the Committee on Foreign Investment in the United States (CFIUS). CIFUS examines foreign acquisitions of U.S. companies to see if anything in the deals could raise a national security risk, and the Grindr deal caught their attention.
The concern was that not only did a Chinese company have access to sensitive data about U.S. citizens, but also that this data might be particularly compromising for U.S. military or intelligence staff. And if a Chinese company could access this information, it is quite possible that the Chinese government could access it too.
“CFIUS operates under the assumption that, whether through legal or political means, Chinese intelligence agencies could readily access information held by private Chinese companies if they wanted to,” Rod Hunter, an attorney who worked on CFIUS reviews during President George W. Bush’s administration, explained to Reuters.
In September last year, CIFUS ordered Kunlun to restrict access to the Grindr database, which it did within a month. Subsequently, a cyber forensic firm and an auditor were calling in to check compliance and to make sure the data was secure.
By March of this year, CIFUS asked Kunlun to sell off Grindr. Although Kunlun is reported to have tried to salvage the deal behind the scenes, it will now how to divest itself of the app. Currently, the future of the app remains unclear.
- T-Mobile reveals it ended 2020 with data a breach
- TikTok isn’t going anywhere, despite deadline for sale passing
- The digital switch that blocks all websites from selling your personal data
- Ring rolls out end-to-end encryption for video to all customers
- Hackers target U.S. government agencies as FBI investigates