Difference between revisions of "Project:Dating Privacy"

From Wikibase Personal data
Jump to navigation Jump to search
Line 122: Line 122:
 
| *Document SAR procedures|| x||  || ||  H
 
| *Document SAR procedures|| x||  || ||  H
 
|-
 
|-
| *Write ethical chart|| ||  || || all
+
| *Write ethical chart + privacy policy|| ||  || || H
 
|}
 
|}
  

Revision as of 19:52, 3 March 2021

Datingprivacy.png

Description

Dating Privacy aims to contribute with data literacy and gaining control over personal information in a secured and ethical manner for end users.

My co-founders and I -with some of us being dating app users- have started this collective as a social movement after identifying several privacy risks one is confronted to when looking for a date online: unwanted ads, harms resulting from incorrect profiling and predictions, the possibility of phishing and identity theft.

Dating Privacy is a collective formed by members coming from different countries and disciplines (mathematics, sociology, journalism, law, physics) and foreparts (academia, private, independent, citizen NGO).

Contact e-mail: mailto:datingprivacy@personaldata.io
Twitter @datingprivacy
Meetings online at https://epfl.meet.switch.ch/dating-data
Every first Wednesday of the month at 8:15 pm (CET)

Past event:
“Dating Privacy” Collective Launch: Our Plan To Change the ‘Data for Dates’ Paradigm – Friday 12th Feb at 7:30 pm (CET)
link to the presentation https://tinyurl.com/20210212datingprivacy
Meetup event: https://www.meetup.com/tech4goodLIN/events/276275535/
Linkedin event https://www.linkedin.com/events/datingprivacy-collectivelaunch-6765208415816974336/about/

Subscribe to our mailing list: https://framaforms.org/dating-privacy-1613154652

Objectives

  1. Implement tools that allow users to request and analyse their data
  2. Find and ask for SAR with a concrete example and cooperate with communities in order to 1 increase the impact 2 relay the info
  3. Enrich the wiki with data structures extracted from the SARs
  4. Develop methodologies that allow for research without dependency on commercial platforms
  5. Formalize the working group and project with an official legal entity

Partners

Partners:personaldata.io and MyData Vaud

Recommended practices

  1. Start requesting your data via this link https://labs.letemps.ch/interactive/2020/demander-ses-donnees/
  • Type in the box the dating app name you use
  • Copy-paste the message and email address
  • Send it and wait for your file
  1. Already requested your data and received a file? Contribute with the wiki and map what your dating app collects: https://wiki.personaldata.io/wiki/Item:Q3569
  2. Are you an Android phone user? Download Exodus Privacy helps you to know which trackers and permissions are embedded in dating apps installed on your device.
  3. Configure your privacy settings on your dating app.
  4. Check out Mozilla privacy test on different dating apps
  5. Request deleting your data on a dating app when you stop using the app via the settings or sending an email. It is not enough to uninstall the app

Problems Identified

APP

  1. Sharing personal data with third parties which is not necessary for the app functioning (ex. for advertisement, see The Grindr case study) and for other purposes unknown (ex. the muslim app providing data to the american army)
  2. Background geolocation when the app is closed
  3. Automatic subscription renewal without notification, when there is a problem you have to contact the headquarter in another country
  4. Fake profiles created by the company (ex. ashley madison)
  5. Between 10-20% of users find a partner in France, Switzerland and United States. Do users really get the outcomes they want from the app in exchange for providing their data? Are users retained in the app?
  6. Subscription rates change according to user demographic characteristics (ex. age on Tinder, sex on Hinge)
  7. The app ignores settings for presenting results (ex. show me only women and the user sees men)
  8. Users are banned without any reason given by the app
  9. One user said it has zero matches on Tinder

Other USERS

  1. Scams, phishing, fake profiles. Users are affected by malicious user behaviours so how are dating apps moderating this and protecting users via the analysis of their personal data?

Members

  1. Jessica Pidoux works on revealing biases in Tinder's secretive matching algorithms.shttps://jessicapidoux.info/ Pidoux
  2. Paul-Olivier Dehaye obtained the first personal data file from Tinder along with author Judith Duportail https://bit.ly/3cUOyTB Podehaye
  3. Marie-Pierre maps the dating app ecosystem and delves into dating app patents Genferei
  4. Frank has revealed privacy risks on Hinge and is currently being messed around by Hinge, Bumble and Tinder having asked for his data https://bit.ly/2J8mKOo Frandrews
  5. HermineL
  6. Judith H. digs into regulation policies and howonline dating interacts with collective practices and communities

TO DO / On going

' planning in progress complete who
*Map the data ecosystem x all
*Next meeting Define the case study with questions we want to analyse x
*Add downloads per app in the wiki. x
*Add ranking per app in CH, FR, UK the wiki. x J, MP
*Dating app list https://tinyurl.com/goaldatingdata
*Add link to privacy policy x
*Add examples of silver dating apps (ref Le Monde) x MP
*Add examples of community apps x MP
*Check if policy documents are the same in different languages FR, EN, ... ( i.e TikTok doesn't)
*Defining the project scope x
*Organize media articles per data
*Develop tools for data literacy
*Define the methodology: data protection protocol and data collection and analysis method (EPFL Grasp tool or other?)
*Data analysis x
*Patent search and analysis MP?
*Privacy policies analysis
*Email us other ideas you have for contributing x all
*Publish launch video x J
*Communicate regularly X F
*Keep updated mailing list subscribers x
*Create a website x
*Document our tests in the website
*Document SAR procedures x H
*Write ethical chart + privacy policy H

Dating apps' list

  • Wiki

-->list of dating apps available on this wiki with ranking on apple and Android

-->list of dating apps available on wikidata


Privacy Policies

Links can be found in the wiki

Princeton-Leuven Longitudinal Corpus of Privacy Policies. Front-end here: https://privacypolicies.cs.princeton.edu/ghfront/ and the repository here: https://github.com/citp/privacy-policy-historical

“Out Of Control” – A Review Of Data Sharing By Popular Mobile Apps published in January 2020
see Technical report https://fil.forbrukerradet.no/wp-content/uploads/2020/01/mnemonic-security-test-report-v1.0.pdf
report https://fil.forbrukerradet.no/wp-content/uploads/2020/01/2020-01-14-out-of-control-final-version.pdf
Complaint letters https://www.forbrukerradet.no/side/complaints-against-grindr-and-five-third-party-companies/

PUbMatic
LUMAscape https://www.okanjo.com/blog/2016/12/14/ssp-dsp-dmp-rtb-wtf

Patents

List of Match Group patents: https://policies.tinder.com/intellectual-property/intl/en
Tinder Patents:

  number={US20160154569 A1},
  author = {Rad, Sean and
            Carrico, Todd M. and
            Hoskins, Kenneth B and
            Stone, James C.},
  url = {https://worldwide.espacenet.com/publicationDetails/biblio?II=0&ND=3&adjacent=true&locale=en_EP&FT=D&date=20160602&CC=US&NR=2016154569A1&KC=A1#}, 
  title = {Matching Process System And Method}, 
  number={US9733811B2},
  author = {Carrico, Todd M. and
            Hoskins, Kenneth B and
            Rad, Sean and
            Stone, James C. and
            Badeen, Jonathan},
  url = {https://worldwide.espacenet.com/patent/search/family/050234419/publication/US10203854B2?q=pn\%3DUS10203854B2}, 
  title = {Matching Process System And Method},
Match Group
SYSTEM AND METHOD FOR USER COMMUNICATION IN A NETWORK 
https://worldwide.espacenet.com/publicationDetails/biblio?CC=US&NR=2020137019A1&KC=A1&FT=D&DB=en.worldwide.espacenet.com&locale=en_EP&date=20200430&rss=true#

Hinge: Brevet publié en 2013 puis abandonné, jamais délivré. https://worldwide.espacenet.com/publicationDetails/biblio?CC=US&NR=2013066972A1&KC=A1&FT=D&ND=3&date=20130314&DB=EPODOC&locale=en_EP#

Facebook Dating: https://worldwide.espacenet.com/searchResults?submitted=true&locale=en_EP&DB=en.worldwide.espacenet.com&ST=advanced&EXTFTXT=%22dating+service%22&PN=&AP=&PR=&PD=&PA=facebook&IN=sharp&CPC=&IC=

Media

Studies conducted scrapping dating app profiles

Emil Kirkegaard. The OKCupid dataset: A very largepublic dataset of dating site users: https://www.researchgate.net/profile/Emil_O_W_Kirkegaard/project/The-OKCupid-dataset-A-very-large-public-dataset-of-dating-site-users/attachment/573b1d7e08aea7adff2f3c8d/AS:362725751443460@1463491966863/download/paper.pdf?context=ProjectUpdatesLog
Konsinski.DEEP NEURAL NETWORKSCAN DETECT SEXUAL ORIENTATION FROM FACES: https://www.gsb.stanford.edu/sites/gsb/files/publication-pdf/wang_kosinski.pdf
John Leuner, a master’s student studying information technology at South Africa's University of Pretoria, attempted to reproduce the aforementioned study. The infamous AI gaydar study was repeated – and, no, code can't tell if you're straight or not just from your face: https://www.theregister.com/2019/03/05/ai_gaydar/

Legal

Tinder Annual report: Tinder on-going accusations. The Irish DPC case, also prices can vary according to users' age https://s22.q4cdn.com/279430125/files/doc_financials/2019/ar/Match-Group-2019-Annual-Report.pdf
My GDPR Complaint Against Tinder https://forum.personaldata.io/t/my-gdpr-complaint-against-tinder/70
Data Protection Commission launches Statutory Inquiry into MTCH Technology Services Limited (Tinder) https://www.dataprotection.ie/en/news-media/latest-news/data-protection-commission-launches-statutory-inquiry-mtch-technology

Data leaks and media scandals

Ashley Madison
Ashley Madison Leak No Big Deal? Think Again https://www.makeuseof.com/tag/priority-ashley-madison-leak-no-big-deal-think/
Les résultats de Grindr révélés grâce au scandale Ashley Madison "Grindr a eu des revenus résultant à la fois des abonnements et de la publicité de près de 16 millions de dollars en 2012" https://www.fugues.com/243577-article-les-resultats-de-grindr-reveles-grace-au-scandale-ashley-madison.html

OkCupid:
Here is a mirror for the OKCupid OSF Emil Kirkegaard dataset https://www.reddit.com/r/datasets/comments/4jj53i/here_is_a_mirror_for_the_okcupid_osf_emil/
Researchers Caused an Uproar By Publishing Data From 70,000 OkCupid Users https://fortune.com/2016/05/18/okcupid-data-research/
Controversy over OKCupid keynote at CHI 2018 https://www.reddit.com/r/sciences/comments/8edxm3/controversy_over_okcupid_keynote_at_chi_2018/

Grindr:
Données privées : le site de rencontres Grindr mis en cause https://www.lemonde.fr/pixels/article/2018/04/03/donnees-privees-le-site-de-rencontres-grindr-mis-en-cause_5279794_4408996.html

Lovoo
LOVOO’s CEO Benjamin Bak resigns https://inside.lovoo.com/en/lovoos-ceo-benjamin-bak-resigns-2/

happn
En détournant l’app Happn, un hacker peut tracer votre chemin en temps réel https://cyberguerre.numerama.com/5827-en-detournant-lapp-happn-un-hacker-peut-tracer-votre-chemin-en-temps-reel.html

MobiFiends Barcelona Based dating app, user data breach https://www.infosecurity-magazine.com/news/data-breach-exposes-four-million/

coffee meets Bagel 2019,Happy Valentine’s Day: your dating app account was hacked, says Coffee Meets Bagel https://techcrunch.com/2019/02/14/happy-valentines-day-your-dating-app-account-was-hacked-says-coffee-meets-bagel/

J crush 2019, Jewish dating app JCrush exposed user data and private messages https://techcrunch.com/2019/06/04/jcrush-exposed-data-messages/

Donal Daters 2018, Donald Daters, a dating app for Trump supporters, leaked its users’ data https://techcrunch.com/2018/10/15/donald-daters-a-dating-app-for-trump-supporters-leaked-its-users-data/

Meet Mindful 2021, Hacker leaks data of 2.28 million dating site users https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/

3somes, CougarD, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating 2020, Report: Breach Exposes 100,000+ Users on Niche Dating Apps https://www.vpnmentor.com/blog/report-dating-apps-leak/

References with databases

Rosenfeld, Michael J., Reuben J. Thomas, and Sonia Hausen. 2019 How Couples Meet and Stay Together 2017 fresh sample. [Computer files]. Stanford, CA: Stanford University Libraries.
The OKCupid dataset: A very large public dataset of dating site users https://www.researchgate.net/project/The-OKCupid-dataset-A-very-large-public-dataset-of-dating-site-users
- Full paper: https://web.archive.org/web/20200728135539/https://openpsych.net/files/papers/Kirkegaard_2016g.pdf

Surveys

Tinder usage statistics: https://www.businessofapps.com/data/tinder-statistics/\#2
Pew Research Center (Feb 2020): The Virtues and Downsides of Online Dating. Retrieved from https://www.pewresearch.org/internet/2020/02/06/the-virtues-and-downsides-of-online-dating/
Swiss Federal Statistical Office (Nov 2019): Families and Generations Survey. Retrieved from https://www.bfs.admin.ch/bfs/fr/home/statistiques/population/enquetes/efg.assetdetail.10467789.html
INED France (2016) https://www.ined.fr/fr/publications/editions/population-et-societes/sites-rencontres-qui-y-trouve-son-conjoint/

Technical references

An Evidence‐based Forensic Taxonomy of Windows Phone Dating Apps https://onlinelibrary.wiley.com/doi/full/10.1111/1556-4029.13820
Privacy Risks in Mobile Dating Apps https://arxiv.org/abs/1505.02906
Technical report by mnemonic with the Norwegian consummer assoc showing data trading and GDPR compliance coded: https://fil.forbrukerradet.no/wp-content/uploads/2020/01/mnemonic-security-test-report-v1.0.pdf
Tinder engineering blog: https://medium.com/tinder-engineering/
TinVec explanation by Tinder's lead engineer: https://youtu.be/j2rfLFYYdfM
Happn by exodus: https://reports.exodus-privacy.eu.org/en/reports/com.ftw_and_co.happn/latest/
OkCupid engineering website: Evaluating Perceptual Image Hashes at OkCupid https://tech.okcupid.com/evaluating-perceptual-image-hashes-okcupid/
How OkCupid organizes its multi-page React app https://tech.okcupid.com/how-okcupid-organizes-its-multi-page-react-app/
Lovoo engineering: dotGo 2016: Go machine learning at large scale https://lovoodotblog.wordpress.com/2016/11/01/dotgo-2016-go-machine-learning-at-large-scale/
Lovoo github: https://github.com/lovoo
bbuzz 17: Anti-Spam and Machine learning at LOVOO https://lovoodotblog.wordpress.com/2017/06/16/bbuzz-17-anti-spam-and-machine-learning-at-lovoo/
Digital methods project "Mapping data ecologies of the dating industry" https://docs.google.com/presentation/d/1n-p_efBmkK2v1KGCbHyHb_csmR6D7KN8SX3qron9Cn4/edit

Tools

  1. Tools to sample how many apps are in the Google and Play stores:

"Google Play Store Scraper" is a simple tool to extract the details of individual apps, collect their related apps, retrieve app permissions, and retrieve a list of apps for a given keyword.
"iTunes App Store Scraper"
https://wiki.digitalmethods.net/Dmi/ToolDatabase

List of apps for which we have obtained our data after a SAR

App Female user Male user Country file format
Adopteunmec 1 0 CH json
Badoo 1 0 CH json.zip
Bumble 1 0 CH html.zip
happn 1 0 CH csv.zip, json, audio, photos (jpeg), gz
HER 1 0 CH different csv.zip, jpeg,
Once 1 0 CH html, jpeg,
Parship 1 0 CH pdf.zip, csv.zip, text, photos,
PlanetRomeo 0 1 CH pdf.zip, json, yaml, jpeg,
Scruff 0 1 CH zip, ds_file, xml, csv, .md, image,
Tinder 1 1 CH json,.zip, html, jpeg,