The Norwegian Data Protection Authority has imposed a violation fee of NOK 65 million on the company behind the Grindr dating app. This is the highest ever fee the authority has imposed.

“We have ended up imposing an infringement fee of NOK 65 million on Grindr. This is by far the largest infringement fee the Data Authority has ever imposed,” the Data Authority’s Director Bjørn Erik Thon told Norwegian Broadcasting (NRK).

Grindr has shared personal information with marketing partners in violation of Norwegian privacy rules, the authority concluded in its decision.

Great victory

Finn Myrstad, director of the Norwegian Consumer Council, described the reaction as a great victory for all consumers.

“This is a great victory for all consumers because it sends a clear signal to the market that you cannot conduct extensive collection and sharing of personal information when you are online,” Myrstad told the channel.

Grindr is a dating app for gays, bisexuals, and transgender people. Shane Wiley, director of privacy at Grindr, says they have just received the letter from the Data Authority and that they are now reviewing the document.

“The company is now considering the case, including the right to appeal the decision to the Privacy Committee,” Wiley said.

Grindr: Valid consent

He added that they strongly disagree with the authority’s assessments. According to Wiley, this is a consent practice from many years ago and not their current consent practice or privacy statement.

“Although the Data Authority has significantly reduced the fine compared to what they announced earlier, the Data Authority is based on a number of incorrect assessments, they have introduced many untested legal perspectives, and the proposed fine is therefore still completely out of proportion,” Wiley said.

Lack of legal basis

However, the Data Authority believes that the consent practice was invalid. Their conclusion was that the company had disclosed personal information about users to third parties without any legal basis.

“We believe that consent was required to share this personal information, but that the so-called consents Grindr collected were not valid,” Thon said.

The fee applies for the period July 2018 and until April 2020, when Grindr changed the consent solution. The Norwegian Data Protection Authority has not assessed the legality of Grindr’s current consent solution.

Source: © NTB Scanpix / #Norway Today / #NorwayTodayNews

Do you have a news tip for Norway Today? We want to hear it. Get in touch at [email protected]