Tinder now required to share user data with Russian authorities

Russian security services might now have access to Russian users’ data on Tinder // Ithmus on Flickr, under CC2.0

On March 31, 2019, Russia’s state censorship agency, Roskomnadzor (short for Federal Service for Supervision of Communications, Information Technology and Mass Media) added Match Group LLC, the parent company of the dating app Tinder, to its registry of “organizers of dissemination of information on the internet.” Roskomsvoboda, a Russian internet freedom and digital rights NGO, broke the news on Monday, June 3:

Roskomnadzor added Tinder to its registry for snooping on users on FSB’s [Russia’s domestic intelligence agency] behalf.

In practice, it means that Tinder, like 174 other websites on the registry which also includes most Russian social media services but also messaging apps such as Threema and Telegram, is now required by Russian law to store six months’ worth of its user data and provide it to the Russian authorities at their request. The data that must be stored and shared, according to a 2014 law, includes anything pertaining to “receipt, transfer, delivery and (or) processing of voice information, written text, images, sounds or any other electronic messages.” They must also comply with other Russian laws, such as the ones banning loosely defined “extremist” materials or “exposing minors to harmful information.”

It is also worth noting that being added to Roskomnadzor’s registry requires at least some participation on the service’s end: at the ministry’s request, they must provide relevant company information that will be added to the database, which means that Tinder did respond to Roskomnadzor’s letter and complied with it. A Tinder representative told Kommersant, a Russian business daily, that, although they have indeed registered in the Russian state database following an official request, they had no intention of sharing their users’ data with Russian authorities.

The good news is that these laws lack in enforceability, especially for large international services. Refusal to comply can result in a fine of up to 300 thousand rubles, or slightly above 4,500 USD — not quite enough to put Tinder or its owner Match Group out of business. It is also unlikely that a popular website such as Tinder can be blocked in Russia without a major backlash. Not that Russia’s censorship ministry is quite up to the task: last time it attempted to ban a popular service, it resulted in a major, embarrassing failure which made Roskomnadzor a national laughingstock. The service in question, Telegram, is still online.

Naturally, Russian social media users could not miss an opportunity for a good laugh.

Roskomnadzor added Tinder to the registry of information disseminators and required it to cooperate with Russian special services. [image says: Comrade Major Super Liked You!]

Roskomnadzor required Tinder to inform FSB who swipes whom. Not a joke! More details inside: [image: What a beauty! That’ll do. Yeah, swipe right]

Despite Tinder's public refusal to share user data, the privacy of the dating app's users in Russia is already at risk. According to investigative media reports, a Moscow-based company called SocialDataHub, has been using bots to harvest the data of the app's users. 

As Andrey Zakharov, an investigative journalist who works for BBC Russian, noted:

About the news that Tinder will now be required to share its data with the FSB. SocialDataHub (a shadow contractor for the security services) has learned to harvest Tinder’s data as well. A bot swipes your profile, learns your location, compares it against against data from other social networks and compiles a full digital portrait.

SocialDataHub provides services to both government agencies and anyone who might be interested in millions of user profiles from a dozen different social media sites. It is just one of several such firms in Russia alone whose activities were investigated in an article by Coda Story in 2018:

One such firm is Moscow-based “Social Data Hub.” It proudly lists the Russian government as a client and boasts that it has a copy of the activity on every Russian social media network going back for the past seven years.

But their online hoovering also includes all the traffic generated by Russian-based users of U.S. and other international online giants such as Facebook, Instagram, Twitter and YouTube. The company also covers sites such as the Tinder dating app, and the Airbnb accommodation service. What this means in practice, for example, is that some swipes on Tinder profiles could actually have been made by bots.

Whether Russian security services will have access to the private messages of Tinder users in the future or not, will largely depend on the company's willingness to hand over such data. It is, however, worth keeping in mind that a private firm — one of many — has already been busy hoovering up users’ clicks, swipes and location data and selling them to the highest bidder, which may well be the very same Russian security services.

Start the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.