Difference between revisions of "Project:Dating Privacy"
Line 269: | Line 269: | ||
2021, Hacker leaks data of 2.28 million dating site users | 2021, Hacker leaks data of 2.28 million dating site users | ||
https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/ | https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/ | ||
+ | |||
+ | '''3somes, CougarD, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating''' | ||
+ | 2020, Report: Breach Exposes 100,000+ Users on Niche Dating Apps | ||
+ | https://www.vpnmentor.com/blog/report-dating-apps-leak/ | ||
==References with databases== | ==References with databases== |
Revision as of 18:59, 1 March 2021
Description
Dating Privacy aims to contribute with data literacy and gaining control over personal information in a secured and ethical manner for end users.
My co-founders and I -with some of us being dating app users- have started this collective as a social movement after identifying several privacy risks one is confronted to when looking for a date online: unwanted ads, harms resulting from incorrect profiling and predictions, the possibility of phishing and identity theft.
Dating Privacy is a collective formed by members coming from different countries and disciplines (mathematics, sociology, journalism, law, physics) and foreparts (academia, private, independent, citizen NGO).
Contact e-mail: mailto:datingprivacy@personaldata.io
Twitter @datingprivacy
Meetings online at https://epfl.meet.switch.ch/dating-data
Every first Wednesday of the month at 8:15 pm (CET)
Past event:
“Dating Privacy” Collective Launch: Our Plan To Change the ‘Data for Dates’ Paradigm – Friday 12th Feb at 7:30 pm (CET)
link to the presentation https://tinyurl.com/20210212datingprivacy
Meetup event: https://www.meetup.com/tech4goodLIN/events/276275535/
Linkedin event https://www.linkedin.com/events/datingprivacy-collectivelaunch-6765208415816974336/about/
Subscribe to our mailing list: https://framaforms.org/dating-privacy-1613154652
Objectives
- Implement tools that allow users to request and analyse their data
- Find and ask for SAR with a concrete example and cooperate with communities in order to 1 increase the impact 2 relay the info
- Enrich the wiki with data structures extracted from the SARs
- Develop methodologies that allow for research without dependency on commercial platforms
- Formalize the working group and project with an official legal entity
Partners
Partners:personaldata.io and MyData Vaud
Recommended practices
- Start requesting your data via this link https://labs.letemps.ch/interactive/2020/demander-ses-donnees/
- Type in the box the dating app name you use
- Copy-paste the message and email address
- Send it and wait for your file
- Already requested your data and received a file? Contribute with the wiki and map what your dating app collects: https://wiki.personaldata.io/wiki/Item:Q3569
- Are you an Android phone user? Download Exodus Privacy helps you to know which trackers and permissions are embedded in dating apps installed on your device.
- Configure your privacy settings on your dating app.
- Check out Mozilla privacy test on different dating apps
- Request deleting your data on a dating app when you stop using the app via the settings or sending an email. It is not enough to uninstall the app
Problems Identified
APP
- Sharing personal data with third parties which is not necessary for the app functioning (ex. for advertisement, see The Grindr case study) and for other purposes unknown (ex. the muslim app providing data to the american army)
- Background geolocation when the app is closed
- Automatic subscription renewal without notification, when there is a problem you have to contact the headquarter in another country
- Fake profiles created by the company (ex. ashley madison)
- Between 10-20% of users find a partner in France, Switzerland and United States. Do users really get the outcomes they want from the app in exchange for providing their data? Are users retained in the app?
- Subscription rates change according to user demographic characteristics (ex. age on Tinder, sex on Hinge)
- The app ignores settings for presenting results (ex. show me only women and the user sees men)
- Users are banned without any reason given by the app
- One user said it has zero matches on Tinder
Other USERS
- Scams, phishing, fake profiles. Users are affected by malicious user behaviours so how are dating apps moderating this and protecting users via the analysis of their personal data?
Members
- Jessica Pidoux works on revealing biases in Tinder's secretive matching algorithms.shttps://jessicapidoux.info/ Pidoux
- Paul-Olivier Dehaye obtained the first personal data file from Tinder along with author Judith Duportail https://bit.ly/3cUOyTB Podehaye
- Marie-Pierre maps the dating app ecosystem and delves into dating app patents Genferei
- Frank has revealed privacy risks on Hinge and is currently being messed around by Hinge, Bumble and Tinder having asked for his data https://bit.ly/2J8mKOo Frandrews
- HermineL
- Judith H. digs into regulation policies and howonline dating interacts with collective practices and communities
TO DO / On going
' | planning | in progress | complete | who |
*Map the data ecosystem | x | all | ||
*Next meeting Define the case study with questions we want to analyse | x | |||
*Add downloads per app in the wiki. | x | |||
*Add ranking per app in CH, FR, UK the wiki. | x | J, MP | ||
*Dating app list https://tinyurl.com/goaldatingdata | ||||
*Add link to privacy policy | x | |||
*Add examples of silver dating apps (ref Le Monde) | x | MP | ||
*Add examples of community apps | x | MP | ||
*Check if policy documents are the same in different languages FR, EN, ... ( i.e TikTok doesn't) | ||||
*Defining the project scope | x | |||
*Organize media articles per data | ||||
*Develop tools for data literacy | ||||
*Define the methodology: data protection protocol and data collection and analysis method (EPFL Grasp tool or other?) | ||||
*Data analysis | x | |||
*Patent search and analysis | MP? | |||
*Privacy policies analysis | ||||
*Email us other ideas you have for contributing | x | all | ||
*Publish launch video | x | J | ||
*Communicate regularly | X | F | ||
*Keep updated mailing list subscribers | x | |||
*Create a website | x | |||
*Document our tests in the website | ||||
*Document SAR procedures | x | H | ||
*Write ethical chart | all |
Dating apps' list
- Wiki
-->list of dating apps available on this wiki with ranking on apple and Android
- Wikidata https://wikidata.org
-->list of dating apps available on wikidata
- Forum https://forum.personaldata.io
- Notes https://annuel2.framapad.org/p/dating-data-9kf7 (old notes)
Privacy Policies
Links can be found in the wiki
Princeton-Leuven Longitudinal Corpus of Privacy Policies. Front-end here: https://privacypolicies.cs.princeton.edu/ghfront/ and the repository here: https://github.com/citp/privacy-policy-historical
Advertisement third parties
“Out Of Control” – A Review Of Data Sharing By Popular Mobile Apps published in January 2020
see Technical report https://fil.forbrukerradet.no/wp-content/uploads/2020/01/mnemonic-security-test-report-v1.0.pdf
report https://fil.forbrukerradet.no/wp-content/uploads/2020/01/2020-01-14-out-of-control-final-version.pdf
Complaint letters https://www.forbrukerradet.no/side/complaints-against-grindr-and-five-third-party-companies/
PUbMatic
LUMAscape https://www.okanjo.com/blog/2016/12/14/ssp-dsp-dmp-rtb-wtf
Patents
List of Match Group patents: https://policies.tinder.com/intellectual-property/intl/en
Tinder Patents:
number={US20160154569 A1}, author = {Rad, Sean and Carrico, Todd M. and Hoskins, Kenneth B and Stone, James C.}, url = {https://worldwide.espacenet.com/publicationDetails/biblio?II=0&ND=3&adjacent=true&locale=en_EP&FT=D&date=20160602&CC=US&NR=2016154569A1&KC=A1#}, title = {Matching Process System And Method},
number={US9733811B2}, author = {Carrico, Todd M. and Hoskins, Kenneth B and Rad, Sean and Stone, James C. and Badeen, Jonathan}, url = {https://worldwide.espacenet.com/patent/search/family/050234419/publication/US10203854B2?q=pn\%3DUS10203854B2}, title = {Matching Process System And Method},
Match Group SYSTEM AND METHOD FOR USER COMMUNICATION IN A NETWORK https://worldwide.espacenet.com/publicationDetails/biblio?CC=US&NR=2020137019A1&KC=A1&FT=D&DB=en.worldwide.espacenet.com&locale=en_EP&date=20200430&rss=true#
Hinge: Brevet publié en 2013 puis abandonné, jamais délivré. https://worldwide.espacenet.com/publicationDetails/biblio?CC=US&NR=2013066972A1&KC=A1&FT=D&ND=3&date=20130314&DB=EPODOC&locale=en_EP#
Media
- June 2020, "Exclusive: Winning bidder for Grindr has ties to Chinese owner" https://www.reuters.com/article/us-grindr-m-a-sanvicente-exclusive-idUSKBN2391AI
- 2021, ""Grindr" to be fined almost € 10 Mio over GDPR complaint. The Gay Dating App was illegally sharing sensitive data of millions of users." https://noyb.eu/en/gay-dating-app-grindr-be-fined-almost-eu-10-mio
- 2016, "What Tinder and Halo Have in Common" https://www.theatlantic.com/entertainment/archive/2016/01/how-tinder-matchmaking-is-like-warcraft/424350/
- Top iOS dating apps are exposing your personal life to hackers https://www.wired.co.uk/article/the-dating-apps-exposing-your-personal-life-to-hackers
- Investidating: why deep photo analysis has become part of online hook-ups https://www.theguardian.com/technology/2018/jul/05/tinder-online-dating-apps-photos
- How algorithms on dating apps are contributing to racism in our love lives https://officialfamemagazine.com/2020/06/28/how-algorithms-on-dating-apps-are-contributing-to-racism-in-our-love-lives/
- April 2017, "Dans le laboratoire de la «fake science» [...] le Danois Emil Kirkegaard, nouvelle coqueluche de l'extrême droite" https://www.letemps.ch/sciences/laboratoire-fake-science
- Live streaming drives growth in chinese dating app momo (2017) https://techcrunch.com/2017/03/09/momo-live-streaming/
- Blinq dating app uses AI to judge hotness https://techcrunch.com/2016/01/11/blinq-dating-app-uses-ai-to-judge-hotness/
- Why we need a dating app that understands Nash’s equilibrium https://hackernoon.com/why-we-need-a-dating-app-that-understands-nashs-equilibrium-2dc4a862b47e
- Tinder Select: You’re Not Cool Enough To Get the Secret Version of Tinder https://fortune.com/2017/03/08/tinder-select-exclusive-members/
- Tinder Elo Score: https://www.fastcompany.com/3054871/whats-your-tinder-score-inside-the-apps-internal-ranking-system
- Irish Data Protection Commission: https://www.dataprotection.ie/en/data-protection-commission-launches-statutory-inquiry-mtch-technology-services-limited-tinder
- Tinder and GDPR Paul-Olivier D. https://www.theguardian.com/technology/2017/sep/27/tinder-data-privacy-tech-eu-general-data-protection-regulation
- Match Group financial report: https://s22.q4cdn.com/279430125/files/doc_financials/2020/q1/MTCH-1Q-2020-Earnings-Release_Final.pdf
- Gillette study on Tinder: https://web.archive.org/web/20150323010313/http://shavetest.com/
- https://youtu.be/HSYaRgKYeek
- https://www.esquire.com/style/grooming/a32478/women-on-tinder-dont-like-beards-020514/
- Data privacy "Five Reasons You Should Delete Hinge" https://bit.ly/2J8mKOo
- How the U.S. Military Buys Location Data from dating apps like Mingle https://www.vice.com/en/article/jgqm5x/us-military-location-data-xmode-locate-x
- Video integration on Hinge "Seeking a Partner for the End of the World" https://www.nytimes.com/2020/10/06/style/cuffing-season.html
- Fake profiles in online dating "Online-Dating: Auf diesen Portalen flirten Fake-Profile" https://www.verbraucherzentrale.de/wissen/digitale-welt/onlinedienste/onlinedating-auf-diesen-portalen-flirten-fakeprofile-21848
- MENSTRUAPPS – How to turn your period into money (for others) https://chupadados.codingrights.org/en/menstruapps-como-transformar-sua-menstruacao-em-dinheiro-para-os-outros/
- "Tinder lance son chat vidéo. Quid de la modération ?" https://siecledigital.fr/2020/07/09/tinder-chat-video-moderation/
- "Après huit mois de retard, le service de rencontres de Facebook arrive en France" https://www.lemonde.fr/pixels/article/2020/10/22/apres-huit-mois-de-retard-le-service-de-rencontres-de-facebook-arrive-en-france_6056968_4408996.html
- "Tesla owners looking for love can now join a dating network exclusively for 'like-minded Elon stans'" https://www.businessinsider.com/tesla-dating-app-owners-only-car-obsessed-elon-musk-stans-2020-8?r=US&IR=T
- "We do not believe in algorithms: Happn CEO" https://www.cnbc.com/video/2016/10/05/we-do-not-believe-in-algorithms-happn-ceo.html?__source=sharebar%7Clinkedin&par=sharebar
- Video documentary: How dating turns into business.... "Chat moderators" are employees with fake profiles replying 24/7 to users who pay per message and believe they are writing to "potential partners" https://www.youtube.com/watch?v=tttHVfn_joo&feature=share
- Judith Duportail article "I asked Tinder for my data. It sent me 800 pages of my deepest, darkest secrets" https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold?utm_source=esp&utm_medium=Email&utm_campaign=GU+Today+main+NEW+H+categories&utm_term=245390&subid=20455723&CMP=EMCNEWEML6619I2
- Emmanuel Kessous, sociologue du numérique "La vie privée dans l'économie numérique. Une approche par les usages" https://www.slideshare.net/lpg/la-vie-prive-dans-lconomie-numrique-une-approche-par-les-usages
- Coffee Meets Bagel dating app "trying to end #ghosting" by showing user activity stats! http://engt.co/2ngTA2u
- How To Get A Match, According to Tinder’s Sociologist https://www.fastcompany.com/3062454/how-to-get-a-match-according-to-tinders-sociologist
- Intéressant car il existe aussi Pokémon GO Dating "« Pokémon Go » : les multiples facteurs des inégalités géographiques" https://www.lemonde.fr/pixels/article/2016/08/03/pokemon-go-les-multiples-facteurs-des-inegalites-geographiques_4977738_4408996.html
- Love at first swipe, What happens to your data when you look for love, Lunchtime conference of European Data Protection Supervisor trainees, Brussels, 12 February 2018 https://youtu.be/9XJWtFhtWd8
- How I [engineer] Decide Who Gets Banned on OkCupid https://www.thecut.com/2017/02/banned-from-okcupid-sexting-moderation.html
- OkCupid inferences: The 8 Personalities You’ll Meet When Dating in the U.S. https://theblog.okcupid.com/the-8-personalities-youll-meet-when-dating-in-the-u-s-9d87a5a40274#db60
- October 2, 2020, Tinder Is the Latest Social Media Battleground in Thai Protests https://foreignpolicy.com/2020/10/02/tinder-is-the-latest-social-media-battleground-in-thai-protests/
- July 17, 2017, Match Group appoints global head of privacy in Paris https://iapp.org/news/a/match-group-appoints-global-head-of-privacy-in-paris/
- April 6, 2020, Phone tracking is having a moment, but gay dating app Scruff wants no part of it https://www.protocol.com/scruff-rejects-selling-location-data
- Aug 11, 2020, Tinder slammed over mysterious premium pricing, transparency and data use concerns https://mashable.com/article/tinder-plus-different-prices-age-discrimination/?europe=true
Studies conducted scrapping dating app profiles
Emil Kirkegaard. The OKCupid dataset: A very largepublic dataset of dating site users: https://www.researchgate.net/profile/Emil_O_W_Kirkegaard/project/The-OKCupid-dataset-A-very-large-public-dataset-of-dating-site-users/attachment/573b1d7e08aea7adff2f3c8d/AS:362725751443460@1463491966863/download/paper.pdf?context=ProjectUpdatesLog
Konsinski.DEEP NEURAL NETWORKSCAN DETECT SEXUAL ORIENTATION FROM FACES: https://www.gsb.stanford.edu/sites/gsb/files/publication-pdf/wang_kosinski.pdf
John Leuner, a master’s student studying information technology at South Africa's University of Pretoria, attempted to reproduce the aforementioned study. The infamous AI gaydar study was repeated – and, no, code can't tell if you're straight or not just from your face: https://www.theregister.com/2019/03/05/ai_gaydar/
Legal
Tinder Annual report: Tinder on-going accusations. The Irish DPC case, also prices can vary according to users' age https://s22.q4cdn.com/279430125/files/doc_financials/2019/ar/Match-Group-2019-Annual-Report.pdf
My GDPR Complaint Against Tinder https://forum.personaldata.io/t/my-gdpr-complaint-against-tinder/70
Data Protection Commission launches Statutory Inquiry into MTCH Technology Services Limited (Tinder) https://www.dataprotection.ie/en/news-media/latest-news/data-protection-commission-launches-statutory-inquiry-mtch-technology
Data leaks and media scandals
Ashley Madison
Ashley Madison Leak No Big Deal? Think Again https://www.makeuseof.com/tag/priority-ashley-madison-leak-no-big-deal-think/
Les résultats de Grindr révélés grâce au scandale Ashley Madison "Grindr a eu des revenus résultant à la fois des abonnements et de la publicité de près de 16 millions de dollars en 2012" https://www.fugues.com/243577-article-les-resultats-de-grindr-reveles-grace-au-scandale-ashley-madison.html
OkCupid:
Here is a mirror for the OKCupid OSF Emil Kirkegaard dataset https://www.reddit.com/r/datasets/comments/4jj53i/here_is_a_mirror_for_the_okcupid_osf_emil/
Researchers Caused an Uproar By Publishing Data From 70,000 OkCupid Users https://fortune.com/2016/05/18/okcupid-data-research/
Controversy over OKCupid keynote at CHI 2018 https://www.reddit.com/r/sciences/comments/8edxm3/controversy_over_okcupid_keynote_at_chi_2018/
Grindr:
Données privées : le site de rencontres Grindr mis en cause https://www.lemonde.fr/pixels/article/2018/04/03/donnees-privees-le-site-de-rencontres-grindr-mis-en-cause_5279794_4408996.html
Lovoo
LOVOO’s CEO Benjamin Bak resigns https://inside.lovoo.com/en/lovoos-ceo-benjamin-bak-resigns-2/
happn
En détournant l’app Happn, un hacker peut tracer votre chemin en temps réel https://cyberguerre.numerama.com/5827-en-detournant-lapp-happn-un-hacker-peut-tracer-votre-chemin-en-temps-reel.html
MobiFiends Barcelona Based dating app, user data breach https://www.infosecurity-magazine.com/news/data-breach-exposes-four-million/
coffee meets Bagel 2019,Happy Valentine’s Day: your dating app account was hacked, says Coffee Meets Bagel https://techcrunch.com/2019/02/14/happy-valentines-day-your-dating-app-account-was-hacked-says-coffee-meets-bagel/
J crush 2019, Jewish dating app JCrush exposed user data and private messages https://techcrunch.com/2019/06/04/jcrush-exposed-data-messages/
Donal Daters 2018, Donald Daters, a dating app for Trump supporters, leaked its users’ data https://techcrunch.com/2018/10/15/donald-daters-a-dating-app-for-trump-supporters-leaked-its-users-data/
Meet Mindful 2021, Hacker leaks data of 2.28 million dating site users https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/
3somes, CougarD, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating 2020, Report: Breach Exposes 100,000+ Users on Niche Dating Apps https://www.vpnmentor.com/blog/report-dating-apps-leak/
References with databases
Rosenfeld, Michael J., Reuben J. Thomas, and Sonia Hausen. 2019 How Couples Meet and Stay Together 2017 fresh sample. [Computer files]. Stanford, CA: Stanford University Libraries.
The OKCupid dataset: A very large public dataset of dating site users https://www.researchgate.net/project/The-OKCupid-dataset-A-very-large-public-dataset-of-dating-site-users
- Full paper: https://web.archive.org/web/20200728135539/https://openpsych.net/files/papers/Kirkegaard_2016g.pdf
Surveys
Tinder usage statistics: https://www.businessofapps.com/data/tinder-statistics/\#2
Pew Research Center (Feb 2020): The Virtues and Downsides of Online Dating. Retrieved from https://www.pewresearch.org/internet/2020/02/06/the-virtues-and-downsides-of-online-dating/
Swiss Federal Statistical Office (Nov 2019): Families and Generations Survey. Retrieved from https://www.bfs.admin.ch/bfs/fr/home/statistiques/population/enquetes/efg.assetdetail.10467789.html
INED France (2016) https://www.ined.fr/fr/publications/editions/population-et-societes/sites-rencontres-qui-y-trouve-son-conjoint/
Technical references
An Evidence‐based Forensic Taxonomy of Windows Phone Dating Apps https://onlinelibrary.wiley.com/doi/full/10.1111/1556-4029.13820
Privacy Risks in Mobile Dating Apps https://arxiv.org/abs/1505.02906
Technical report by mnemonic with the Norwegian consummer assoc showing data trading and GDPR compliance coded: https://fil.forbrukerradet.no/wp-content/uploads/2020/01/mnemonic-security-test-report-v1.0.pdf
Tinder engineering blog: https://medium.com/tinder-engineering/
TinVec explanation by Tinder's lead engineer: https://youtu.be/j2rfLFYYdfM
Happn by exodus: https://reports.exodus-privacy.eu.org/en/reports/com.ftw_and_co.happn/latest/
OkCupid engineering website: Evaluating Perceptual Image Hashes at OkCupid https://tech.okcupid.com/evaluating-perceptual-image-hashes-okcupid/
How OkCupid organizes its multi-page React app https://tech.okcupid.com/how-okcupid-organizes-its-multi-page-react-app/
Lovoo engineering: dotGo 2016: Go machine learning at large scale https://lovoodotblog.wordpress.com/2016/11/01/dotgo-2016-go-machine-learning-at-large-scale/
Lovoo github: https://github.com/lovoo
bbuzz 17: Anti-Spam and Machine learning at LOVOO
https://lovoodotblog.wordpress.com/2017/06/16/bbuzz-17-anti-spam-and-machine-learning-at-lovoo/
Digital methods project "Mapping data ecologies of the dating industry" https://docs.google.com/presentation/d/1n-p_efBmkK2v1KGCbHyHb_csmR6D7KN8SX3qron9Cn4/edit
Tools
- Tools to sample how many apps are in the Google and Play stores:
"Google Play Store Scraper" is a simple tool to extract the details of individual apps, collect their related apps, retrieve app permissions, and retrieve a list of apps for a given keyword.
"iTunes App Store Scraper"
https://wiki.digitalmethods.net/Dmi/ToolDatabase
List of apps with SAR
App | Female | Male | Country | file format |
---|---|---|---|---|
Adopteunmec | 1 | 0 | CH | json |
Badoo | 1 | 0 | CH | json.zip |
Bumble | 1 | 0 | CH | html.zip |
happn | 1 | 0 | CH | csv.zip, json, audio, photos (jpeg), gz |
HER | 1 | 0 | CH | different csv.zip, jpeg, |
Once | 1 | 0 | CH | html, jpeg, |
Parship | 1 | 0 | CH | pdf.zip, csv.zip, text, photos, |
PlanetRomeo | 0 | 1 | CH | pdf.zip, json, yaml, jpeg, |
Scruff | 0 | 1 | CH | zip, ds_file, xml, csv, .md, image, |
Tinder | 1 | 1 | CH | json,.zip, html, jpeg, |