They don't care to do anything about it, either. Trilateration on Grindr was demonstrated by Wired in 2016[1].
They also don't care when their app facilitates harassment and puts innocent people at risk[2], and they're willing to go to the Supreme Court[3] in order to defend their right to do absolutely nothing about it.
> It all began when my client, Matthew Herrick, a waiter-actor-model, exercised his right to leave an abusive and controlling relationship. His ex retaliated by impersonating Matthew on the gay dating app Grindr. Using Matthew’s picture and name, the ex would say Matthew had rape fantasies and then directly message with men to set up sex dates. Grindr’s patented geo-locating technology resulted in stranger after stranger going to Matthew’s home and the restaurant where he worked expecting sex. Some days, Matthew had as many as 23 visitors.
> By the time Matthew arrived at my office, exhausted and traumatized, he had already gotten an order of protection and reported the matter to the police 10 times. Yet, the flow of strangers—over a thousand at that point—wasn’t slowing. The unwitting strangers would wait for him in the stairwells at home, other times following him into the bathroom at work. “What about Grindr?” I asked. “They’re in the exclusive position to help.” Matthew said he had reported the matter to them 50 times.
If I ran a dating site, I'd jump all over this. Sure it's the right thing to do, but even from a business perspective having your platform appear to be a safe place would be important for gaining new members. If this account is remotely accurate I can't think of an explanation for this other than colossal incompetence or evil.
I don't understand how this would actually work with an impersonated account. The ex's account is going to geo-locate to the ex's phone, not to Matthew's; and the men are interacting with the fake account, not Matthew's actual account.
Many apps try to block it, but that's whack-a-mole.
Other dating sites I have used allow this technology so you can find dates for holidays, or at home while you're away. I assume that's the reason, it could just be so that people in relationships can cast their net further afield, but that's also pure speculation.
Exposed and other tools make it difficult for apps to lock down any aspect of trust on a phone, returning control to the owner of the device. Sometimes this isn't the most desirable thing, but it's never the wrong thing.
The triangulation thing using Grindr's private api is pretty bad. I'm surprised Grindr doesn't "fuzz" the location enough to at least make it much less accurate.
>I'm surprised Grindr doesn't "fuzz" the location enough to at least make it much less accurate.
Why would they? Doing that would make their data less valuable. Just because grindr is the "gay hookup app" doesn't necessarily mean that the people who operate it care about gay people's (or anyone's) privacy. According to this [0], grindr ranks #4 of all mobile apps when it comes to collecting personal information. It's a free app that requires your location to use it, which means that it's a personal info collection app first, and a dating app second.
There's a difference between the location data Grindr serves to its users and the location data they acquire to use internally. You're talking about the latter, but OP is talking about the former.
Is there a difference? I have used grindr, and if someone is close enough, it will say they are "x feet away." They are well aware of the precision of the location data they serve to users, because it's a feature.
Providing everyone's exact location data to anyone that can extract a key from an apk just seems dangerous to me. Fuzzing, rate-limiting, etc, seems prudent. I understand you're saying Grindr doesn't care though.
Most dangerous tools are predictable in their danger. Take firearms; modern firearms are reliable[0] and tend to do exactly what their current handler intends. You would not for example expect your firearm to leave its case in the middle of the night and blow your windows out, for example.
Smart phones are unpredictable in their danger. You would not expect Grindr to sell you out to an oppressive regime, for example. Nor would you expect your private dating profile to get you fired. These are unpredictable outcomes well outside the range of what most users would expect.
0 - Truly accidental discharges where the firearm goes off without a trigger press are rare and make the news. Most negligent discharges are the result of people mishandling the firearm, rather than the firearm doing something unexpected.
>> Nor would you expect your private dating profile to get you fired.
I think the mistake is thinking those profiles are private. How could you ever meet someone without some ability for people to see your profile? I've never tried any dating sites, so may be overlooking something obvious to others.
There’s an expectation that that information is compartmentalized somehow, a bit like how everyone at a gay bar can see you there but only the people at the gay bar can see you.
I've been telling my friends/family/anyone who will listen for two decades plus that anything you type into a computer is probably public now, or will be one day.
Never type anything you wouldn't want to be taken out of context and read out in court, either a law court, or the court of public opinion.
Unrelated to main topic, but a case exactly as described by you made the news yesterday in Italy: a man accidentally firing a gun after falling down (accidental trigger press or not is still investigated) [Article in Italian].
> (accidental trigger press or not is still investigated)
It seems like a moot distinction to me. Take Glock for example; they make a big deal about their guns having "three automatic independently-operating mechanical safeties." But the fact of the matter is a glock has no traditional fire/safe toggle safety. ALL the safety of a glock is based on the premise that the trigger will not be unintentionally pulled when a round is in the chamber. The obvious consequence of this is people getting shot by completely accidental trigger pulls. Whether you drop the gun and it goes off or the trigger snags on your clothing and the gun goes off, a gunshot accident is still a gunshot accident, and both are consequences of the gun's design.
Glocks are still not unpredictable by my metric. Yes, the margins of safety might be narrower than you’d prefer, but it’s not going to go bang without a trigger press. It’s a very predictable firearm in that way.
That being said the first generation was prone to slam fires, where chambering a round sets the firearm off. Now that is an unpredictable tool.
Also, historically snagging the trigger on clothing has always been a source of negligent discharges, even before Gaston Glock was around. The allied army in WW2 officially required that most soldiers issued a handgun carry it with an empty chamber due to the prevalence of injuries, and the M1911 has a grip and manual safety.
> Glocks are still not unpredictable by my metric. [...] it’s not going to go bang without a trigger press. It’s a very predictable firearm in that way.
I agree with this completely. Glocks are predictable. Where we part ways is that I don't believe predictability is the metric that should be optimized for. People not getting shot is the important metric; predictability is only important insofar as it relates to that. But as demonstrated by glocks, predictability is not the end-all-be-all when it comes to people not accidentally shooting themselves.
As for soldiers in WWII, they also had piss-poor to non-existent trigger discipline. A 1911 is a safer gun than a glock due to the manual safety, but still won't protect you from handling it in unsafe ways. Glocks have that same problem, but worse because they lack manual safeties which function as one last line of defense when you fuck up everything else.
Almost certainly a trigger press. True accidental discharges are very rare, and in modern guns they’re usually a product of slam fires rather than drops.
Here in the US guns need to pass a drop test before being legally available for sale. I’m sure Europe has similar restrictions.
I blame UX design, personally. Trying to make everything conceptually trivial made interfaces that glossed over a lot of important details. I'm all for simplicity, but this is shoving complexity under the carpet.
By most definitions you would find that the Catholic Church in its current form is an oppressive regime. It definitely takes a lot of courage for a gay man to become a priest in such an organization.
Being gay and a catholic priest is not a problem at all. Enjoying a special social status as figure of moral authority that renounced to sex in public, while looking actively for casual sex in private, is the real problem.
You must be confusing Catholic for some other denomination. Can you provide a single actual example of someone who publicly admitted to being gay and is still a Catholic priest?
What is so courageous about violating one’s oaths?
If you want to go to gay bars and pick up guys on Grindr, leave the priesthood. If you want to be celibate and follow church teachings, quit going to gay bars. But, there’s nothing ‘courageous’ about trying to have your cake and eat it too.
Doesn't the church teach that we are all born sinners (original sin), meaning that nobody is perfect, but that one can confess their sins, repent, and be forgiven? Doesn't that apply to priests, also? Or do they loose their priesthood if they sin? Have they treated gay priests differently than child abusing priests?
The use of that term is just knee-jerk virtue signaling merely because it involved a gay guy.
Priests are to be celibate. If you don’t like the rules, don’t be a priest.
If it was a priest who got caught having sex with women he met on tinder and going to strip clubs, nobody would call him ‘courageous.’ They’d call him a bad priest... there’s nothing admirable about it.
But replace ‘tinder’ with ‘Grindr’ and ‘strip club’ with ‘gay bar’ and the dipshit priest is suddenly ‘courageous’?
Are adulterers ‘courageous’ for breaking their vows and cheating on their spouse?
Priests go to confession, but they are also held to a higher standard. Not being Catholic, I don't know where the lines are as far as sin that would get a priest defrocked.
But, they have certain rules they are to follow if they wish to be a priest. If you swear to follow the rules, you should do so. If not, quit. It had nothing to do with Catholicism. If you’re a Rabbi leading a synagogue you shouldn’t sneak off on the Sabbath and gorge on pork sandwiches. Nobody would call such a Rabbi ‘courageous.’ They’d call him a hypocrite.
Hell, it doesn’t even have to do with religion. If your job prohibits you from smoking marijuana, and you swear you won’t, nobody should call you ‘courageous’ if you’re busted smoking weed.
So the people doing the outting bought the data to peruse, which at this time is legal. The people selling the data also broke no laws. The data was originally obtained through 3rd party networks that apparently are also not breaking any laws.
Essentially, everything here has been legal. Is doxing illegal?
Even if these people had used a hacked data dump, did they do anything illegal?
Putting a pin in the app selling this data being morally/legally right/wrong, let's talk about people publicly putting their personal information on a site/app that is designed to use that data to connect you with another like minded person. Even if the app/site does not share that data, would it be legally wrong for the matched person to recognize and then do the outting? I get the desire to connect with someone might be very strong, but when you have this much to lose by being outted, you'd think the risk would be too great to actually follow through. Again, I'm not a millenial or newer, so all of thse types of apps/sites are just so different from how I think. <shrugs>
Why is it legal for them to sell personal data? It should be explicitly asked each time, not buried in a ToS and legalese. If it's information you wouldn't just offer to a stranger (like your address or where exactly you went last weekend), why are companies allowed to just offer it?
Because these users did just offer it to a stranger. That's what is so confusing to me. Users claim they would not offer this info to a stranger, yet they gladly post it on social. Maybe there's still confusion on how private settings do/don't work??? Maybe people just are not capable of understanding the difference of the stranger/social post??? Maybe they don't really care, and are only saying they wouldn't give info to a stranger because they don't understand/like the question, and just answer how they think the questioner wants to hear?
I don't know about "all of your data", but yes, it is certainly abundantly clear that you are making your location and other information which appears on your - and everyone else's - profile public.
Before the web, a phonebook was mainly a local thing: you could look somebody up in your area, but you couldn't easily look up somebody across the country. You'd have to dial directory assistance in that other area, and even then, you're only getting a few names that way.
With the web, everything is online and accessible using a simple lookup from a device in your pocket. You can also automate the acquisition and processing of entire phone directories with ease: going through the entire phonebook to annotate profiles on people would have taken weeks with paper, but you can do it in seconds with a Python script.
Indexing and rapid data processing fundamentally changes the character of datasets, both in terms of positive utility and in terms of potential misuses. We still haven't figured that out yet as a society.
> Before the web, a phonebook was mainly a local thing: you could look somebody up in your area, but you couldn't easily look up somebody across the country. You'd have to dial directory assistance in that other area, and even then, you're only getting a few names that way.
Right, but you still can't easily look somebody up across the country - unless you pay for access to that data - which you could've done with phonebooks.
I strongly suspect that Bell sold their phonebook data to companies, but even if they didn't, it wouldn't be particularly difficult to obtain phonebooks from all the areas your business is interested in...
> Right, but you still can't easily look somebody up across the country - unless you pay for access to that data - which you could've done with phonebooks.
Sure you can, all the phone directories are online and aggregated now - for example: https://www.whitepages.com/
> I strongly suspect that Bell sold their phonebook data to companies, but even if they didn't, it wouldn't be particularly difficult to obtain phonebooks from all the areas your business is interested in...
Yes, but there's a lot more effort involved with (1) ordering a phone book from Bell for a city located on the other side of the country, and (2) looking up the persons of interest in the paper directory.
I wouldn't be suprised either if Bell sold phonebook data in the pre-internet age, but that's still a larger barrier to entry than somebody who can search for anything they want to know about somebody using a laptop in coffee shop. We've democratized open source intelligence to the point where the barrier to entry is a bored teenager that doesn't even need to leave their house. I don't think we've figured out the massive societal implications of that just yet.
I'm sorry to break it to you, but nowhere on whitepages.com is there a phonebook-esque listing of names and numbers. (Not for free, anyway.)
I never said that it wasn't possible now. All I said was that it was just as possible then. You really think that ordering something by mail was a barrier to entry at a time when everything which could not be obtained locally was ordered by mail?
If you're implying phonebooks were a net value add to society I strongly disagree. Needing someones consent (not necessarily the person you're contacting) to contact someone should really be the default.
Further selling ad space in a book filled with other peoples information and those people who are the unwilling product get nothing but spam calls in return? Seems pretty gross if you ask me.
In England at least you could opt out for free on landlines in the 90s.
When mobile phones started up (back in the ten digit days) you could call a cellular provider and query a number if you had a name. The STD (yes, yes, laugh at the STI joke) prefix used to signal the network the user was on so you could ask Orange for "John Smith" if the number started 0973.
So your information should be public domain until you opt-out? How is it that somebody else should be making money off of my information and I have to do the extra work to opt-out?
My recollection is that having a totally unlisted number was an extra charge. I think not having your street address listed in the phone book may have been free.
That may be true for your friend, but it was not true for me - caller ID would even display names of people who asked to be unlisted. If it was opt-in I would have no issue, but it wasn't for me at least.
I think the caller ID thing is different. I don't think people should be allowed to opt out of caller ID, except in some pretty narrow cases. If you're going to call someone, you should be required to affirmatively identify yourself.
I do agree that an opt-out-required phonebook sounds crazy now, but it didn't back in the 80s and 90s. Mass data collection was not the norm, and all that information wasn't available in digitized form to any person or company who wanted it. So abuse of that data was pretty low.
Well you can't really require identification and if you do you're placing undue trust in a system that would make no difference to pro-social users and grant malicious users more trust than is deserved.
I agree that phone book data seemed just annoying at the time, but in hindsight it was a bad idea to normalize letting other people sell your data. Just look where we are now - I imagine a society more privacy focused when it was just annoying might not end up in a surveillance state quite so quickly.
Hindsight 20/20 and all, so I'm just looking at the past through todays lens and wondering if the modest (at best) convenience was worth the normalization of letting other people sell our data.
At least you could request to be unlisted in the phone book but still have a phone number. True, you paid a fee for the "privilege," but at least it was possible.
Yes, it may be illegal, in civil court. It's the tort of "public disclosure of private facts". Under California law, the public disclosure of private facts is defined as (1) a public disclosure of (2) private facts about an individual (3) that would offend the average person, that (4) was not of legitimate public concern; and (5) where defendant published private facts with reckless disregard for their truth or falsity.
You could sue for compensatory damages: Loss of reputation, shame and hurt feelings, damage to the plaintiff’s trade or occupation, or loss of business income resulting from the disclosure.
The dating app example probably fails count 3, since one's dating life is not offensive to the average person. For grindr, it might be offensive to some minority of people.
I think the test here is, "would an average person find offensive the idea of someone selling/disclosing their real-time location history without their knowledge?" For which I would hope the answer is "yes".
2) The last point - which must be present, thanks to the word “and” - seems to imply that publishing facts you have good reason to believe are true would be excluded.
I'm not making any conclusions, only that a prima facie case can be made. As the article rightly pointed out, being gay does not mean you are an abusive pedophile. So, I don't see the public concern, more like a private matter for the church. The last clause pertains to belief of offensiveness. More detail is in the link.
They did approach a Catholic organization about having this kind of information:
In his CNA article, Bermudez wrote that the group that approached him had wanted “to provide this information privately to Church officials in the hopes that they would discipline or remove those found to be using these technologies to violate their clerical vows and possibly bring scandal to the Church.”
in a tweet saying that he and his co-author had weighed the question of individual privacy and decided that Burrill’s Grindr use was a matter of public interest because he was a “high-ranking public figure who was responsible in a direct way for the development and oversight of policies addressing clerical accountability with regard to the Church’s approach to sexual morality.”
There's the answer to your public concern from their view point. Whether you agree with it or not, that is their stance.
The sexual orientation is not the issue here. Just being gay is not a sin according to the Catholic Church. He is a Catholic priest and was having gay sex, which is a sin. That is a public concern (at least to the Catholic public).
That does not justify an invasion of privacy, as a general rule. The state should not back off on individual rights because the church cares about something.
Furthermore, these exceptions to privacy are very rarely limited to use against the rich and powerful. Today we’re excusing Grindr violating the privacy of the priest, tomorrow we find out that this loophole has been expanded to the poor and powerless.
Rights have to be extended to those you find distasteful, otherwise they don’t exist at all.
I never said his sexual orientation or actions justify an invasion of privacy. I am not sure where you came to the conclusion I was stating anything like that.
All I was trying to convey was this had nothing to do with his sexual orientation like you said. His actions on the otherhand are of public concern for Catholics.
> I never said his sexual orientation or actions justify an invasion of privacy. I am not sure where you came to the conclusion I was stating anything like that.
> That is a public concern (at least to the Catholic public).
The reason why I came to that conclusion is because you said it clearly.
Something can be of public concern but not justify violating a person's privacy.
For example, a politician being a murderer would be of public concern, but that doesn't mean we should be tracking and invading the privacy of every politician on the off chance they are a murderer.
You’re commenting on a thread where the concept of “public concern” is part of the justification necessary for invading someone’s privacy. If you want people to interpret your speech correctly, be more circumspect with what you say.
Secondly, I do not believe that a priest’s sexual orientation is a matter of public concern. It might be an interest of the parish, but the parish is not the public and the state is not obligated to treat it specially.
I was commenting on your post which you claimed this had to do with sexual orientation. This has absolutely nothing to do with sexual orientation. If the priest was straight and been using Tinder instead of Grindr to hookup with woman it wouldn't make a difference to the story. If instead of anything related to sex this had been stealing or something it wouldn't make a difference.
That is all I said. You jumped to the conclusion I was implying something I didn't say. You need to be more cautious about properly interpreting other's speech.
The fact your are continuing to claim that this had to do with sexual orientation in this post indicates you don't understand what I was saying. The reason this exploded is not because he is gay. There are a lot of gay priests.
The next issue is this priest was not just a regular diocesan priest. He was a very prominent priest who was part of the United States bishop's conference. He held a role in misconduct investigations. This makes it a very public (US wide) not just a parish / diocese issue.
I am not sure why you are bringing up the state. It makes no sense in any context of what we are talking about. I haven't said anything about the state or legality of this issue.
> I am not sure why you are bringing up the state. It makes no sense in any context of what we are talking about.
Because this thread was about whether this creates a tort or not, that’s why mentioning the state is relevant. I’m genuinely confused why you’re confused by this.
This thread is not about a tort. The article doesn't mention it (to my recollection) and your post didn't either. Can you clarify why you think it does?
> Yes, it may be illegal, in civil court. It's the tort of "public disclosure of private facts". Under California law, the public disclosure of private facts is defined as (1) a public disclosure of (2) private facts about an individual (3) that would offend the average person, that (4) was not of legitimate public concern; and (5) where defendant published private facts with reckless disregard for their truth or falsity
It’s right there at the top. I’m actually kind of alarmed that you can’t see that.
The article seemed unclear to me as to whether they were tracking the priests through their location data (maybe filtering on users who spent 8+ hours in churches) or if they were just filtering on known priests' names and ages.
Either way, I think you're right - nothing in here seems explicitly illegal.
I don't think doxxing is illegal, especially if it's publicly available information. Otherwise the phone book would have been outlawed before it became obsolete.
Now if it should be illegal is a tricky one. I think dating "apps" have changed things drastically from dating "websites" of old, because the websites made it obvious that anyone can sign up and find you. The originals anyone could find you without even signing up. The apps try to hide this, which gives a false illusion of privacy. Then at the same time they're requesting more and more information, some of which may not be obvious to the user.
So I guess I think the real fault lies with these apps for not making it obvious to their users that they are making this information public.
The scary part about this is that if this random Catholic lay group can get access to this information, that it's overwhelmingly likely that foreign intelligence agencies and other groups know everyone who uses Grindr and can use this for blackmail.
> The scary part about this is that if this random Catholic lay group can get access to this information, that it's overwhelmingly likely that foreign intelligence agencies and other groups know everyone who uses Grindr and can use this for blackmail.
Hopefully this will lead to some legislative action against data brokers. If privacy rights in and of themselves weren't able to dislodge legislators from their pro-business bias, maybe national security concerns will.
Write your representatives: data brokers are agents for Chinese intelligence.
Blackmail requires a quid pro quo. Otherwise, journalists would be outlawed from "doxxing" persons of interest just like what's now being pursued in England.
Sounds like a reason not to embrace homophobia as policy. So it shouldn't matter if intelligence agencies get this info -- being gay in the military or government is fine.
Even if the military or government were enthusiastically pro-gay blackmail would still be a concern because people who are not out are usually trying to keep it secret from more groups than just their employer.
You need leverage to blackmail somebody, and your blackmail risk is part of whether you can attain clearance. Hence whether some government jobs are open to you.
Why I don't agree with it? - Because I don't care what anyone does as long as it doesn't negatively affect anyone/anything else. I just don't have time to care about other people's shit as I have enough of my own shit to worry about.
It's in a different bracket? - Because in the USofA, religions are put in a separate bracket. That's how it was founded.
Religions get to do things others can't? - Because SCOTUS has decided that churches get to ignore certain protections of protected classes because of their religious dogma. They have spoken, so that's how it is.
> Religions get to do things that normal people cannot do.
In the past, people used their religions to oppose things like interracial relationships, and even judges[1] in the US would use religion to defend discrimination against interracial couples.
Turns out that people don't get to use religion to discriminate[2]:
> Instances of institutions and individuals claiming a right to discriminate in the name of religion are not new. In the 1960s, we saw objections to laws requiring integration in restaurants because of sincerely held beliefs that God wanted the races to be separate. We saw religiously affiliated universities refuse to admit students who engaged in interracial dating. In those cases, we recognized that requiring integration was not about violating religious liberty; it was about ensuring fairness. It is no different today.
That's not universally applied though. Religous organizations do not have to provide birth control to employees. Religious schools can not employee teachers based on differing beliefs. Religious business does not have provide services to people they do not like.
This is exactly the same 'cancel culture' behavior that many US Republicans like to decry. In the same way that, in many recent high profile cases, right-leaning knowledge workers like professors have been forced from positions for sinning against the dogma of their professions in semi-private settings, this priest has been forced from his profession for his sinning against his employer's dogma.
I guess the difference here is that the priest thought he was not doing so publicly, though on the other hand he was going against clearly stated requirements, which is not reliably true in the other case. But hopefully everyone on this site is well enough aware that anonymity is a myth in far more anonymous settings than ones where you provide demographics, photos, self description, and your location (I presume, if grindr is anything like other dating platforms I've seen.)
The position of a cleric is different than, say, a celebrity or a professor. Adherence to religious dogma (in both thoughts and actions) is a strict requirement.
Yeah, for this to be exactly the same the assumption would be that adherence to a certain dogma is a strict requirement for continued participation in society. Oh wait...
Not all religions demand the same adherence to dogma as Catholics do. Some more, some less. This also varies across political movements, professors and celebrities in difference countries, etc.
And it is probably safe to assume that even in those cases where they do that a sizeable fraction of those under that particular edict break the rules. You can impose all the rules you want if they go directly against some of the most basic human needs you can expect them to be broken.
I understand. That's how it works in practice. But catholics have confession, they teach that as long as you believe and are repentant all is forgiven. Perhaps that doesn't apply to priests.
> they teach that as long as you believe and are repentant all is forgiven. Perhaps that doesn't apply to priests.
In Catholic teaching forgiveness does not mean there isn't just punishment due, or that prudential decisions need to be made. An embezzler may be truly sorry but keeping them in a position where they control money would be bad for a variety of reasons (such as putting them in a near occasion of sin). In catholic Theology even those sins which are forgiven still require cleansing due to retained attachment to sin after death, this punishment / purification is called purgation and occurs in purgatory.
> In 2018, Grindr, which uses highly granular location information, was found to have shared users’ anonymized locations, race, sexual preferences, and even HIV status with third-party analytic firms.
I've become pretty cynical at this point to the endless stream of privacy issues but even I found this part shocking. Even extremely private health conditions were shared with 3rd-party advertisers? And they thought anonymizing a few attributes was good enough protections while including timestamped GPS locations?
I’d be curious to see how secure Grindr’s servers actually are, because if someone really enterprising could combine this location hunting and get access to someone’s message history…hoo boy.
Not solely for the purposes of out-ing people. Grindr messages are, well, I’ve seen things, man. It’s one thing to get outed—it’s another to get your scandalous message history splashed across the internet as well. The blackmail potential is huge.
It's not like you telling me to stop using an app that allows me to do something illegal. You're litterally telling someone to don't be a certain sexual orientation just because the current segment of socialtal beliefs doesn't like it. It doesn't work that way.
Well, rather they shouldn't pick a profession dedicated to not doing that thing. Even if they were straight, I believe relationships wouldn't be allowed for them.
And in the meantime... maybe don't post really not well thought out comments on Hackernews. This is shockingly naive and ignorant.
There's 1000s of things people could potentially get blackmailed for by bad actors. Not just sexual behavior. Brushing that aside like it's a non-issue show lack of maturity.
For example, there are some religious schools that require you to agree to certain living standards in order to attend (such as Biola, BYU, etc.). For example, no premarital sex, no drugs, etc (rules depends on religion and institution).
Say you attend such a school and decide to break the agreement you signed and go to a party and do drugs and have sex, etc. Then, at the party, you get raped. So, you report the rape to the police and during the investigation into the crime the university discovers you were at the party breaking the agreement you signed. Does the university have a right to terminate your membership at the institution based on information it got from a police report?
Already a settled issue, Universities have removed students who had "extreme" beliefs in the past, or for going to parties without masks, or not being vaccinated. Because "extreme" is arbitrary, and universities can remove students, no reason why not. She might sue, but that's up to her.
If you can remove a student for not being vaccinated, you can remove a student for violating your code of conduct.
Don't sign these sort of moronic agreements if you aren't willing to keep them. Instead, go to a secular school that doesn't make such demands. If more people chose not to give these schools their tuition money, they will be pressured to reform.
You may as well go to their church then complain when they shun you. It's self-inflicted. Don't go to their dumb church and don't go to their dumb school either.
A secure phone or more importantly a secure phone OS would not allow an app to collect information like this. The exact geo-location is not something an app like this needs. A "find someone with in 10 kms" is probably good enough, but "allow me to be found within less than a meter" is just waiting for abuse. If it is a 911/999 app, then sure, let them have my exact location. However, the center of the "within 10 km" needs to be significantly offset from my position, otherwise, it's kinda pointless.
That’s just a tiny example of the data that can be abused. In this instance, the existence of a profile at all is abusable data, and there’s not much of a way around that other than being able to trust the application.
Is this a problem solely on smart phone security? Let's say the data being collected by the app someone is using is on a hypothetically secure phone. Isn't the real breach from the apps collecting more data than necessary to provide the functionality the app provides, and then selling that data to anyone with the right amount of cash?
If the app is free so the selling of the data is the number one source of income, then as "enlightened" technerds we shouldn't be too surprised this can happen. However, it's not illegal. Is it the selling of user data collected by your service the thing that needs to be made illegal? How would that even work?
Grid-snapping GPS locations are the way other dating apps happen to do this kind of thing (tracking only to the nearest 1KM, for example, or in dense cities maybe 500M). Two permissions like "GPS (Nearby)" and "GPS (Exact)" could do this at the OS level rather than relying on applications to do the right thing.
Navigation apps likely need very fine resolution but dating apps, shopping apps, browsers, etc. could snap to a predefined intersection point on a grid. The OS could even allow the decision to be in the hands of the device owner - a simple dialogue when prompted for GPS permission to pick one of Exact, Nearby, Deny could handle it.
There is no such thing as a "properly secure smart phone" because of how people define properly. Also, so many "secure" phones are only secure because NSO and Friends ignore them - if they start paying attention, they'd burst from a thousand bugs.
I'm torn on this one. I feel bad for the priest, but at the same time he chose to devote his life to an organization that hates people like him and has played a role in anti-gay sentiment throughout the world. Also, nothing wrong with being gay, but there is something wrong with having a libido so out of control that you're looking for hookups literally every day.
You don't know that he was looking for hookups. I know that the data for a competitor of scruff showed that at least 1/3 of the people just wanted to find someone to chat with. I still can't see why the assumption here was that he broke his vow of celibacy. If he's gay and closeted, I can see the human need for connection (whether in real life at gay bars or on Grindr) of like kind even if he doesn't participate with an 'out of control libido.' You're snapping to judgement.
So, it's his fault for being part an institution that's judgmental of certain sexual preferences, but also you're, like, totally judging him for his sexual preferences?
Yes. If you elide/abstract all details away, you can make anything sound hypocritical.
Let's take a food analogy: The Catholic church has the equivalent viewpoint of "Anyone who likes pizza more than hamburgers is wrong and has no place here". My viewpoint is "Binge eating disorders are bad and you should seek professional help if you have that disorder".
Except sex addiction is, gay or not. It seems uncertain if he really was having gay hookups all the time, or just was using the app. It does seem implied that the data points towards lots of hookups though.
Notice how I never said that being gay was a disorder, and even said "There is nothing wrong with being gay". It seems like you have issues with the Catholic church rather than me. The disorder I spoke of would be sex addiction, which exists independently of what gender a person is attracted to.
Add that to 3rd party apps that can find your exact location (https://www.engadget.com/2018-09-15-grindr-location-info.htm...) and Grindr becomes a dangerous weapon against LGBT people.