Norwegian authorities said on Wednesday that they were fining dating app Grindr more than six million euros for illegally sharing users’ personal data with third parties.
The fine of 65 million Norwegian kroner ($7.2 million, 6.3 million euros) is the largest ever handed out for such a case in the Scandinavian country.
“Our conclusion is that Grindr has disclosed user data to third parties for behavioural advertisement without a legal basis,” said Tobias Judin, head of the Norwegian Data Protection Authority’s (DPA) international department.
Grindr, which bills itself as “the world’s largest social networking app for gay, bi, trans, and queer people,” is accused of sharing GPS coordinates, elements of its users’ profiles such as age or sex and the very fact that they use the app, thus giving indications of their sexual orientation.
The lack of clear information about this practice given to users and lack of explicit approval on this point from them violates the General Data Protection Regulation (GDPR) adopted by the European Union in 2018, according to the Norwegian DPA.
“We consider that data revealing the fact that someone is a Grindr user strongly indicates that they belong to a sexual minority,” the DPA said adding that this merits particular protection under the GDPR.
In January, DPA warned that Grindr faced a fine of 100 million kroner, or about 10 percent of its global revenue, but gave the company until February 15 to explain its position.
The company now has three weeks to appeal against the decision.