TikTok allegedly monitoring users’ Grindr activity, digital rights group claims

An internet privacy group is accusing TikTok of violating international law by tracking its users’ Grindr data.

European digital rights group NOYB filed a complaint against the social media platform, as well as Grindr and digital marketing company AppsFlyer, over claims they breached online privacy laws by tracking user’s inter-app activities.

The Austria-based organisation alleged to the country’s Data Protection Authority on Wednesday (16 December) that TikTok was violating the EU’s General Data Protection Regulation (GDPR) and risked exposing its customer’s sensitive data.

It claimed TikTok, owned by China’s ByteDance, and Grindr shared sensitive user data, which AppsFlyer allegedly facilitated.

NOYB told Reuters it was informed by an anonymous user that TikTok was accessing their sensitive details from other apps, including their usage of Grindr and LinkedIn, as well as products they had added to a shopping cart.

TikTok allegedly only told the user that their personal information had been accessed after repeated attempts to inquire about their user data.

Under GDPR’s laws on the right to be informed, organisations must be transparent about how they use an individual’s personal data, typically through a privacy notice. Failing to disclose how a person’s data is used would breach GDPR.

Breaching GDPR can cost companies anywhere from €10 million (£8,700,000) or 3 per cent of their global income, to €20 million (£17,500,000) or 4 per cent of their annual global income.

The breach could also violate GDPR laws on special categories, which protects highly sensitive information such as a person’s race, physical or mental health, religion, sexuality, or gender identity.

NOYB claimed a spokesperson for TikTok said the data was used for “personalised advertising, analytics, security” reasons.

Both the social media company and Grindr have been fined by government authorities over data breaches in the past.

In 2024, Grindr faced mass lawsuits after allegedly sharing users’ personal information, including their HIV status and ethnicity, with a variety of third parties.

Law firm Austen Hays, acting on behalf of the plaintiffs, told the BBC at the time that “thousands” of users in the UK and beyond were likely victims of the alleged actions.

Lawyer Chaya Hanoomanjee said claimants had experienced “significant distress” over the possibility that their private information had been shared with advertisers and other groups.

A spokesperson for the app said it takes privacy “extremely seriously”, claiming the allegations were based on a “mischaracterisation of practices from more than four years ago”.

PinkNews has contacted TikTok, Grindr and AppsFlyer for comment.