Pride Month push asks Grindr to default privacy

This Pride Month, Grindr faces a blunt demand: put privacy in front of profits. The Electronic Frontier Foundation argues the dating app for LGBTQ+ people must flip its default settings to shield users, and ensure consent is front and center for any use of personal data.

The core of the call is simple but consequential: make privacy the default across the platform. The EFF says Grindr should stop sharing sensitive user data with advertisers and should not train AI on private information unless users opt in. In plain terms, this means two concrete changes, implemented now. First, opt users out of behavioral advertising by default, so ad targeting cannot proceed unless someone actively chooses to participate. Second, tighten data sharing for advertising and AI purposes so that opt-in consent is required for any use of a user’s sensitive information, including HIV status or precise location, beyond what is strictly necessary for core app functions. The group frames these steps as essential to protect people who may face harassment, discrimination or even worse consequences if data fall into the wrong hands.

The push comes against a backdrop of a long and troubled privacy record. Grindr has faced scrutiny in multiple countries for sharing sensitive data with advertisers and for attempts that revealed or could reveal a user’s sexual orientation or health status. There have been reprimands and fines in several jurisdictions, and a former Gringdr privacy executive has publicly challenged the company, alleging that profits were prioritized over user safety. Critics note that even after exposure of egregious data-sharing practices, Grindr has made some changes, but the core argument from privacy advocates is that real trust requires default protections that cannot be bypassed by a user choice later on.

From a policy and compliance perspective, the EFF’s stance is a warning shot about the regulatory and operational risk of already fragile privacy practices. When a platform serves communities with heightened risk, any data misstep can trigger enforcement actions, civil penalties, or further reputational damage that lasts long after a single incident. The call for immediate changes also signals a potential shift in how digital platforms serving vulnerable groups are expected to design products. In many cases, regulators have sharpened expectations around data minimization, purpose limitation and consent, and the EFF is pressing Grindr to demonstrate it can meet those expectations in real time rather than through later patchwork fixes.

For compliance officers and tech leaders assessing risks and timelines, two practical implications stand out. First, default privacy controls are not a one time toggle but require ongoing governance. Auto opt-out for advertising requires robust opt-out signaling, clear visibility of how data is used, and reliable enforcement across all app components, including marketing integrations and third party partners. Second, explicit opt-in for AI-related data uses can complicate product development and monetization, particularly if predictive features or personalized experiences rely on sensitive data. Operators must align data flows with consent capture, retention limits and user-facing disclosures, while also preparing for cross border privacy regimes that may impose stricter rules or more frequent reporting.

If Grindr acts quickly, it could set a precedent for community-specific platforms that have faced outsized privacy risk. The industry will watch whether auto opt-out and opt-in consent for AI training become standard practice in dating apps, and how regulators respond to such a pivot. The balance between user safety and sustainable business models remains delicate, but the current call underscores a growing expectation that privacy by default is not just good practice, but an operational and ethical obligation.