Tinder has come under fire from a Belgian MEP this week, who argued that it could be in breach of EU privacy rules by collecting too much data without consent.
Marc Tarabella called for an investigation into the popular dating app, which lets users swipe left or right depending on whether they want to pursue an interest in their matches.
It apparently syncs with the user’s Facebook account automatically, giving it access to their profile, email address, location, birth date, contacts, photos and more.
"Once you subscribe, the company can do whatever it wants with your data. It can show them, distribute them to whomever or even modify them,” Tarabella is quoted by the BBC as saying.
"Regulators do not like the idea of a company doing whatever it wants with your information just because it is in that company's privacy policy. Most people don't read privacy policies and don't have much choice over their content.”
Europe is currently in the process of migrating its data protection laws to the new EU General Data Protection Regulation (GDPR) regime, which will introduce strict penalties of up to 4% of global annual turnover for firms which contravene the new rules.
Tinder itself hasn’t yet responded to the MEP’s calls for an inquiry.
Kaspersky Lab principal security researcher, David Emm, welcomed the investigation and argued that apps increasingly request unlimited access to a host of our data, eroding personal privacy in the process.
“So as much as Marc Tarabella is right to call into question what Tinder is doing with the information it gathers and why it requires such access, individuals also have to take responsibility for their own data, including reading privacy policies and thinking through what permissions they grant applications,” he added.
Emm recommended consumers only download apps from trusted sources and read the license agreement carefully, as well as noting the permissions the app is requesting.
He also recommended users install a cyber security tool on their handsets to protect against threats.