Online Dating Sites Getting Around With Customers Data

Just in time for Valentine’s Day, the privacy watchdogs over at the Electronic Frontier Foundation have put together a guide for those tempted to dance the algorithm electric. Their findings: online dating services may be getting around with your personal data.

Just in time for Valentine’s Day, the privacy watchdogs over at the Electronic Frontier Foundation have put together a guide for those tempted to dance the algorithm electric. Their findings: online dating services may be getting around with your personal data.

Leading online dating sites hold onto customers’ data, including profiles and photos, even after those customers have deleted them, EFF found. The report is just the latest to raise alarms about the data retention and privacy policies employed by burgeoning social networks, including Facebook.

Dating sites may hold onto profiles after a user believes he or she has deleted it to make it easier for users who have second thoughts to reactivate their account. Its harder to explain away the sites’ poor data security, EFF said. Dating sites reviewed by EFF had failed to implement HTTPS – or secure HTTP- leaving users vulnerable to man in the middle attacks, especially on insecure WiFi hotspots. Worse still, many of the sites have been shown to be riddled with security holes. In a recent incident, the Web site Grindr was compromised, allowing attackers to impersonate other users on the network, which connects gay men with potential partners. The Web site for PlentyOfFish, was also rumored to be the target of an attack that compromised the personal information of its 30 million users, according to published reports.

The EFF recommends that users of online dating sites should first make sure that their dating profile isn’t publicly indexed by Google. Users who want to maintain a separation between their real life and online dating profile also want to be careful about the photos they upload. Image search and facial recognition technologies are becoming more accurate, allowing motivated parties to use photos and other data to connect multiple online personas that may belong to the same person.

Finally, the EFF cautions users about the sale of their personal data to third-party marketing companies, which, depending on the privacy policy everyone must agree to you, is used anonymously or not-so-anonymously to target advertisements.

Suggested articles

election security disinformation video

Cybercriminals Step Up Their Game Ahead of U.S. Elections

Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared.

Discussion

  • Anonymous on

    Not surprising.  They've been using deceptive and outright false advertising online and in spam for so long to dupe hopeful singles, that this isn't very much of a stretch for their record of awful ethics.

  • Mya on

    Nice information bits and this topic has various perspective to view like TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the
    advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing
    endpoint authentication and encryption. web site attack is like chained hub continuing the attacks in all its host websites.

  • Anonymous on

    "web site attack is like chained hub continuing the attacks in all its host websites."

    wtf??

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.