back to article Dating apps kiss'n'tell all sorts of sensitive personal info

Dating apps ask people to disclose all kinds of personal information in the hope of finding them love, or at least a hook-up. What many may not know is that the majority of these lonely-hearts corners vacuum up way more user info than they need to, and they also do a terrible job safeguarding private data that they've …

  1. FlamingDeath Silver badge

    Baiting apps

    Everyones a scammer these days

  2. Snake Silver badge

    Never give out your correct information

    It has always been up to you, the power to say "No". I was just at an optometrist who asked to scan my state ID.

    "No".

    *pikachu face response*

    "What is your IT security? You're asking for details that you don't need, like my state ID number and full legal name. Someone breaks into your systems and they'll have everything they need for ID theft. You don't *need* it, so I'm not giving it to you"

    *woman listening along side* Absolutely! I'm in IT security and you've got it right, they don't need that information!

    Companies asking questions, like date of birth? Lie. First of the year or first day of your birth month is MORE than adequate to fulfill their age monitoring systems. Same with weight, height, etc.

    Don't give them specifics just because they ASK!!

    1. Korev Silver badge
      Pirate

      Re: Never give out your correct information

      My mother's maiden name is pD=`ro$<Q(nbQGL7;u37gE~J0/C#l5L^ - what's yours?

      1. Anonymous Coward
        Anonymous Coward

        Re: Never give out your correct information

        Marjory Drop-Tables .... here let me type it in for you

        1. Korev Silver badge

          Re: Never give out your correct information

          > Marjory Drop-Tables .... here let me type it in for you

          Hi Bobby's mum

      2. Bebu Silver badge
        Trollface

        Re: Never give out your correct information

        《My mother's maiden name is pD=`ro$<Q(nbQGL7;u37gE~J0/C#l5L^ - what's yours?》

        I reckon she married early! :)

      3. MachDiamond Silver badge

        Re: Never give out your correct information

        "My mother's maiden name is"

        These days that's very easy to find. I've been lying on that question for ages now and started not long after I was at the age where clipboards full of boxes to tick were presented to me. The trick is to come up with something you'll remember so you can lie consistently long term. For some things I just write down the first thing that comes to mind since even if caught out, big deal. Care has to be taken if you lie where there can be criminal repercussions, but that's not going to come up when you are getting an exam for a new set of specs.

    2. Jason Bloomberg Silver badge
      Devil

      Re: Never give out your correct information

      Don't give them specifics just because they ASK!!

      I never do and it's often well rewarded by their insistence they need to have it and some ridiculous "because" when asked why?

      I have had ejits tell me I must hand over email addresses and personal details just to buy something over the counter with cash. I could simply lie but "no" is so much more fun. And don't step aside to let them serve other customers once you have demanded to speak to a manager; inconvenience them, make them lose customers and money, for their nonsense. Turn it against them.

      1. Doctor Syntax Silver badge

        Re: Never give out your correct information

        "I have had ejits tell me I must hand over email addresses and personal details just to buy something over the counter with cash"

        It's ceo@$(company's own domain)

        1. MachDiamond Silver badge

          Re: Never give out your correct information

          "It's ceo@$(company's own domain)"

          Joe.Smith@IRS.gov

          If you want to turn it around on them use cust.svcs@(company's corporate domain). Leave them thinking you work as a secret shopper to asses employee and store performance. In the case of a doctor, use the domain name of the licensing board that oversees the doctor's certification. I've found that if you put your mobile telephone number in the box for a "home" phone, and a false number in the box for a mobile, you wind up not getting texts since some office robot is typing that information into the system without much thought added and if you don't want texts, you have to make sure all of the telephone boxes are filled or the system may copy your home phone into the mobile field.

    3. Ian Johnston Silver badge

      Re: Never give out your correct information

      To sell a single ticket on the Gallanach to Kererra ferry - a five minute crossing - CalMac demand to know the passenger's full name, address, date of birth, phone number and email address. Because.

      1. MachDiamond Silver badge

        Re: Never give out your correct information

        "To sell a single ticket on the Gallanach to Kererra ferry - a five minute crossing - CalMac demand to know the passenger's full name, address, date of birth, phone number and email address. Because."

        Somehow I doubt they are going to check what you put down with any authority. If you have to show an ID, using a real name may be necessary although use a shortened version of your given name and blame a recent move on everything else not matching.

  3. MONK_DUCK

    The regulators have a lot to answer for allowing companies to request, store and share unrequited data.

    The fines need to be massively hiked and criminal charges made possible against the executives, legal team, security team, testers and developers if they haven't acted appropriately e.g. By not raising issues, concerns, lack of testing or not dealing with those identified issues.

    1. Doctor Syntax Silver badge

      GDPR doesn't allow them. It needs to be enforced; pro-actively enforced.

      1. 43300 Silver badge

        Indeed. The ICO seems to mostly go after some little bloke / woman who did something they probably shouldn't do with some data, frequently just through ignorance of the rules rather than any ill-intent, and which caused nobody any issues.

        They ignore the blatant way in which large companies fail to comply. In particular, the 'legitimate interet' justification for data processing which gets stretched well beyond breaking point on a regular basis and rarely does any company get pulled up for it.

      2. MachDiamond Silver badge

        "GDPR doesn't allow them. "

        Uh huh, sure. There's lots of things that are prohibited that nobody pays any mind to. This is due to very little or zero enforcement and punishments are not even slightly inconvenient compared to the value gained by ignoring the regulation.

    2. elsergiovolador Silver badge

      It's an interesting conundrum. For instance if you allow anonymous users to register, if they do something illegal, would you be held responsible because you couldn't give any information about them to law enforcement?

      1. Dan 55 Silver badge

        It's a liability for the business to hold unnecessary data if there's a data leak and there's no law that says they have to ask and store for extra unnecessary data in case plod wants to go fishing.

        1. Mike 137 Silver badge

          "there's no law that says they have to ask and store for extra unnecessary data in case plod wants to go fishing"

          Indeed there's a law in Europe and (for the moment) in the UK -- the GDPR -- that explicitly says they must not.

          1. 43300 Silver badge

            Yes, and the concept of not collecting data unless there's a good reason which can be clearly explained (and especially so when it's special category information such as medical data) is often one which is hard to get people to understand!

        2. Missing Semicolon Silver badge

          No there's not. Not "liability" at any rate. Liability implies recourse, and compensation, and that does not happen.

          For most large companies, data loss is a consequence-free failure. But the extra revenue form resale is a free bunce!

        3. MachDiamond Silver badge

          "It's a liability for the business to hold unnecessary data if there's a data leak and there's no law that says they have to ask and store for extra unnecessary data in case plod wants to go fishing."

          I'm fascinated over your concept of "unnecessary data". There's money in PII, so you have to define what you mean by unnecessary if that data is seen as a product to harvest and sell.

          The fiber internet company started asking me to give them things like my date of birth, full name, etc and I said no and that was them not getting my money. I didn't see why they'd need any of that for a service they sell at $50/month that can be shut off instantly if the bill isn't paid. I'd even have been happy to pay the bill in advance since it would have been a good savings over the cable company. What's their cost anyway? $5? As I own the house, I'd be chopping off an appendage if I had service terminated for non-payment.

  4. chuckufarley Silver badge

    Repost!

    Who can you trust...

    ...When it comes to your privacy? Yourself.

    "Two men can keep a secret if one of them is dead." -- by Unkown.

    "You can trust everyone but the question is: What can you trust them to do?" -- by chuckufarley.

    The lesson here isn't that Google wants you to think it's being good and trustworthy because anyone with an ounce of sense knows they just want to make money, which is why they had an IPO. The real lesson is that trust is based on patterns of behavior. I trust my neighbor to play loud music every weeknight for 8 to 9 P.M. If they didn't do it I would know something was not right. When someone says "Trust me with your valuables," then I know that the chances of them being trustworthy are very low.

  5. Anonymous Coward
    Anonymous Coward

    Desperate and dateless

    I blame the hormones.

    Many bad decisions are made by the wrong appendage.

  6. Shalghar Bronze badge

    How about a time out rule ?

    As the copyright initiatives show, its possible to deny access to any site deemed illegal.

    As the current censor hysterics show, there is a lot of political will to censor anything disliked by certain parties.

    So how about a simple three strikes rule ?

    Three incidents or three severe issues and your site (or in case of more than one site, all of your content - including ADnoyance) gets blocked for a month or until you prove you have corrected the issue.

    Three blocks and your site/content gets perma blocked.

    In the current censor frenzy "to protect" $whatever, why not remind the censor acolytes of what nonsense they keep on spouting and direct them in a much more needed direction ?

    If its really some incident that has been handled appropriately from the start - including all parties involved - one might decide to avoid the block. This could lead to a more responsible corporate nonculture.

    1. MonkeyJuice

      Re: How about a time out rule ?

      Because if you did that then Facebook would instantly vanish and you'd need to hire more CIA dumpster diving technicians.

      1. Shalghar Bronze badge

        Re: How about a time out rule ?

        "Because if you did that then Facebook would instantly vanish and you'd need to hire more CIA dumpster diving technicians."

        Reading your answer, it seems that my idea would solve several problems at once.

        Not only a direct hit into the cesspit of asocial media but also a job incentive.

        Dumpster diving is more personal, more hygienically compatible with the filth of three letter parasites and you also get someone to actually do the job instead of some foggy automatic "deciding", categorizing, etc.

  7. Bebu Silver badge
    Windows

    Silly me...

    I had always assumed that the profile data collected for matching was anonymized and encoded purely for matching purposes. Perhaps it was back in the late 1990s when the personal column in the daily newspapers were still a thing (and the papers themselves.)

    Years ago when a student first showed me Tinder on his phone, I thought its like online grocery shopping. What's the saying ... you are the product?

    As a grumpy old bugger, people tell me I should get out more - also salient advice for the younger, better tempered looking for... well... just about anything.

    1. Anonymous Coward
      Anonymous Coward

      Re: Silly me...

      people tell me I should get out more

      They're only jealous of your ability to escape them.

  8. Khaptain Silver badge

    Original Intent

    One wonders whether or not this was the original intent for some of these companies.

    We already know about the scamming of offers/candidates in order that people remain online as long as possible, so I wouldn't be surprised to learn that data collection was an for alternate purposes was an actual objective

    1. veti Silver badge

      Re: Original Intent

      A lot of those companies have been around for a long time. (Well, their websites have anyway. They may have changed ownership a few times, of course.) OK Cupid, for instance, was launched in 2004,and it's not even one of the older sites.

      And back then, I'm pretty sure, there was no significant market in user data. It's only in the past 10-15 years that business has blown up, as an ever increasing percentage of ad money goes online.

      No, the history of the sector shows that they all started out with their own ideas of how to make money. Some were always pretty scummy, some comparatively clean. (OKC, for one, was originally downright idealistic.) But I'm pretty sure the whole "monetising data" thing is a relatively recent step for most of them, and only now because everybugger else is doing it.

      1. Anonymous Coward
        Anonymous Coward

        Companies have been buying and selling your data way before the year 2000

        There were just less of them, and their reach wasn't as far.

        The dot-com revolution made it CHEAP. That's where it all started to change more quickly. So instead of a half dozen firms straddling marketing and credit markets, you now have a dumpster fire of a million companies, criminal groups an government agencies. All buying, selling or trading with each other, with no burden to be accurate, or to disclose their activity to those they are spying on. Before that accessing mass data like that cost a fortune and was the domain of things like the Tobacco industry.

        OKCupid's golden age was just a smokescreen to attract users. Like Google's don't be evil line. Sure, they were LESS evil, up to a point. Then they cashed out and handed everyone's PII to Match. And they had enshitified long before they sold out to the great satan of dating.

    2. MrReynolds2U

      Re: Original Intent

      I remember talking to industry people in the late 90s and they were certain that information was the next big commodity. The idea probably goes back further. I'm my experience websites were set up to either provide a service, make money, provide (dis) information or a combination.

      Some dating sites probably were originally set up to provide a service to wannabe daters. Somewhere along the way they switched to providing a service to those interested in their customer's data.

  9. Anonymous Coward
    Anonymous Coward

    Men who have sex with men

    There is an additional issue with dating sites catering to men who have sex with men. Many men who have sex with men engage in serosorting where they only have sex with someone with the same HIV status so they don't risk passing it on. It's not fail-safe as there are two major strains of the HIV virus and you could theoretically still be infected with the other strain, but research has shown that it's quite effective as an additional measure.

    To cater to this, apps such as Grindr allow people to set this status so, for instance, you could search only for people who have an HIV positive status too. This is obviously quite sensitive information outside of these apps and information leaks can be disastrous for someone.

  10. This post has been deleted by its author

  11. Excused Boots Bronze badge

    Can someone please explain the following to me, these dating / one night stand / I fancy a shag tonight apps, are they free to use? If so then how the hell do you think they get the money to operate?

    Could it be that they sell on the data you provide to them?

    Well colour me shocked!

    1. Anonymous Coward
      Anonymous Coward

      Most of them aren't actually "free" at any level

      You may pay monthy, and also micropay per transaction, be that called a wink, kiss, nudge or message. You might be able to pay to "boost" your profile. You might pay for a profile stylist to groom your profile.

      That won't stop them from selling your info either. And all those lonely Russian onlyfans models, victims of human traffickers trapped in some south Asian sweatshop, and good old Nigerian scammers are paying to screw you over too. So don't expect Match to fix any of those issues anytime soon.

      If you want to get screwed your going to get screwed. Just not laid.

  12. b1k3rdude

    Coloured me suprised.....And it not only the Apps, but the websites has been selling data for years and are an even bigger security problem.

  13. xyz Silver badge

    Thank christ I lied about my dick size...

    on BeNaughty. I am that elephant in the room!

    1. Bebu Silver badge
      Joke

      Re: Thank christ I lied about my dick size...

      "on BeNaughty. I am that elephant in the room!"

      Only an ass* would attempt a porky like that. :)

      *aka donkey.

  14. Mayday
    Unhappy

    Demongraphics

    Some people who use these apps (bear in mind we are users in an IT forum) are far more likely to spill the beans because asked. Also consider the superficial nature of many (yes I said it!) users in this domain. "Oh I'll only date a guy who is at least 6ft tall and of race X".

    Desperation, wanting to be accepted, nasties who "manage" the information.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like