Under Dataveillance, Privacy and Security Risks of Tinder

As Lindgren highlighted (2022):

Digitally networked media now dominate people’s social internet uses.

Case intro

With the rise of digital technologies, people are increasingly using online platforms to connect and engage with diverse groups of people. One significant area of social use is the changing landscape of romance through the emergence of various dating apps. Plus, the Covid-19 pandemic has further accelerated the online engagement of dating apps than in previous years, with Curry’s (2022) research indicating that the number of global dating app users increased by over 300 million in 2021, with Tinder being the most downloaded app.

How Tinder works

The main reason why Tinder is so popular is that it offers an intuitive and fun swiping mechanism. That is, each user is presented with a profile created by themselves, which includes up to 9 photos, personal information and several short bios. After that, users can simply swipe right for like or swipe left for pass on different profiles, if two users both swipe right, they are automatically matched. Next, they can message each other and eventually decided whether or not to have a real-world date.

Based on that, it is worth noting that if users want to match with others and get better matchmaking services, they need to provide detailed personal information first. Thus, Tinder is relied heavily on personal data to provide matches, including basic information, such as names, ages, and educational backgrounds, and sensitive information, like sexual orientation, and drug and alcohol use. This is true that a potential partner would want to know these essential things. On the other hand, it is also hard for people to maintain privacy on Tinder which could put them in potential danger. As Ellis (2022) shows that dating apps contain a wealth of information, and they are often targeted by cyberattacks seeking to extort or humiliate users. The Ashley Madison data breach in 2015 can be an example, which exposed the personal information of millions of users, including those who used their work email addresses, potentially putting their employment at risk (Zetter, 2015).

Apart from that, as a location-based app, Tinder requires tracking location information from users to help them find potential matches nearby and provides flexible choices for users to create a profile, allowing users to link Facebook accounts to Tinder. However, while users enjoy the convenience of Tinder, this also gives Tinder the chance to access more information about its users. Consequently, privacy and safety concerns could be raised from detailed personal information, IP tracking and social media connections. The blog decided to take a critical look at these concerns on Tinder.

Critical analysis

Dataveillance on the informative Tinder: the privacy concerns

As mentioned before, users have to agree their personal information such as GPS locations, and social media accounts be collected, tracked and used on Tinder to enjoy matchmaking services, and what they do are inadvertently give their trust to the platform, that they believe Tinder can keep their data safe and help them find the right person. However, when information technologies are used in private sectors to constantly know more about people, users are gradually under dataveillance on Tinder.

Dataveillance refers to the surveillance of individuals by gathering and analysis of their data, to obtain insights into their behaviours (Flew, 2021). In this case, dataveillance be used for gaining valuable information about users to get potential matches on Tinder, but how Tinder collects and uses personal data is a question that deserves deeper scrutiny, as it is related to the concerns of privacy invasion.

The biggest privacy concern is Tinder obtains much more user data through social media connections than users are informed of during the login process. According to Hayes & Snow (2018), their static analysis of Tinder’s SQLite database observed that Tinder uses deep-linking technology to connect to Spotify if users chose to link their Spotify accounts to Tinder. The feature linking Spotify was designed to help users to know more about their potential matches, because more and more people are realizing that music taste is an important element to determine their relationship compatibility (Hird & North, 2021), However, what users do not know is Tinder uses their music playlists on Spotify to improve its algorithm to raises matches by deep-linking, and the absence of information on deep-linking in Tinder’s privacy policy may be a cause for concern among users, as it raises questions about how their profiles are being analyzed and tracked.

In addition, Hayes & Snow (2018) found that the user’s personal information, including birthday, city, language, data provider, device model, etc. are stored in Tinder’s Taplytics SQLite database. Surprisingly, this information is not obtained directly from the user, but from their Facebook accounts, and there is not explicitly revealed in the company’s privacy policy about how Tinder captures information from social media account connections. This raises concerns for Tinder subscribers, especially since this information is shared with third-party providers.

What is worse, one of the users has requested Tinder to grant her access to her data under the EU data protection law, and she found that even though she had unlinked her social media accounts from her Tinder account, her Facebook information and her photos on Instagram were still in the Tinder database (Duportail, 2017). It can be frustrating and disempowering for users, as after they link their social media accounts to Tinder, they have little control over how their personal data is collected and used. Just as Tinder states in order to provide personalized services to users, it always needs information from users and Tinder’s privacy policy explicitly mentions that user data may be utilized for delivering personalized advertisements. What Tinder has done confirms Cohen’s argument, as cited in Flew (2021, p. 74), due to the processing of personal information on a large industrial scale is enabled by privacy agreements and terms of service that leave users with few options but to surrender their information for use by private sectors and third parties.

Based on the above, Tinder claims to provide better services for users based on social media connections, but at the same time, users are under dataveillance by Tinder, as the trend towards data captures to them seems to be unstoppable after they log in, and are unconsciously accept high-tech exploitation to enjoy further services. This reflects how Tinder could silently invade the privacy of its users and use it to improve its business model and sells it for revenue.

Taking advantages of Tinder: the security risks

The study by Lutz & Ranzini (2017) found that users are more concerned about their social privacy when they are using dating apps. The term social privacy is related to an individual’s ability to control access to their personal information in social contexts. Put it into dating apps, as they are easy to share and disseminate personal information, users are worried about if their social privacy is violated, and this can lead to security risks, such as stalking and scams.

In the case of Tinder, matchmaking only happens between geographically close users, but the feature of geolocation discloses exposes a risk that it could be used maliciously by attackers. Based on the research from Hoang, Asano & Yoshikawa (2017), the user’s location can be estimated from Tinder by the trilateration method, which involves putting three circles with radii corresponding to the distances reported by Tinder and then pinpointing the user’s location at the intersection of the circles. After that Tinder offers a location hiding option as a countermeasure to location estimation, but attackers still have the potential to use the method to calculate the user’s location, if they gain access to the distance data from Tinder and combine it with other publicly available information.

What is more, the Netflix documentary ‘The Tinder Swindler’ exposes how dating apps can lead to deceptive crime (Dililo, 2022), which exposure another security risk on Tinder that some people can use the app in a bad way to hide their real identities and misled the person to a romance scam. The difficulty to address this issue is, even Tinder is using photo verification to protect users away from the dangers of fake accounts and catfish, but the type of verification only confirms that the verification selfie and profile pictures belong to the same person, other information on the profile, such as name, age, and occupations, could still be inaccurate or misleading. Whether Tinder has the responsibility to check users’ personal information and how to check if they are involved in identity falsification is a debatable and difficult issue.

Therefore, the possibility of data misuse and the safety of user data in the event of a security breach can be concerning due to these practices. People express their worries about using dating apps can result in cyberstalking and scams more than other social platforms because of their personal nature (Kaspersky, 2021), even if users are trying to be cautious about the information they share and see on dating apps they also want platforms could do more to protect their safety.

Conclusion: possible ways to look at how to address privacy and security concerns on Tinder

To sum up, the huge amount of personal data from user profiles, IP tracking and social media connections can be used for Tinder to improve their own services and sell to third parties for commercial purposes without users fully informed, at the same time, due to the wealth of user information on Tinder, attackers and scammers can take advantages from Tinder to pose security threats to users. It is vital to address these concerns, requiring the platform to put more effort is not enough, as platforms tend to have financial incentives to put their interests above the public’s interests. Therefore, it needs the involvement and intervention of external governance.

Firstly, the General Data Protection Regulation (GDPR) under EU regulation could be a good example that provides a clear framework to protect users’ personal data from digital platforms. According to the Rights of the data subject (GDPR, n.d.), after using an app for a while, users can make a subject access request to the platform to find out how their information has been accessed by the platform. Additionally, after deleting the app, users can request the platform to delete personal information. The platform has to respond within one calendar month and confirm that all data about the user has been deleted. The GDPR assists users in taking their personal data rights back into their own hands, thus protecting their privacy. At the same time, another possible way to protect users’ privacy is for users could able to opt out of certain third-party tracking services, as there is no choice for users to not choose their data to be used for personalised experience from Tinder.

Next, security is a challenging issue to manage for both platforms, external parties and users. At the moment, Tinder has implemented several features to protect the safety of its users. For instance, resources and support are available for users who experience cyberstalking or other forms of online harassment and allow users to report and block other users who engage in harassing behaviour (Tinder, n.d.). Beyond that, more than 4,000 dating sites are planning to integrate RealMe, by granting users access to a database of more than 275 million reputation profiles that include information such as sex offences, and criminal records status, thus protecting users (Travers, 2021).

Overall, external oversight can be a specific and efficient way to give users the right to protect their data from Tinder, and self-regulation is also essential, as it can reduce regulation costs and save effect. Such as Tinder constantly improve its security monitoring to keep the platform a secure place for users. Thus, when adopting regulatory approaches to tackle privacy and security issues on Tinder, it is important to mix platforms’ autonomy and external oversight and find a balance between each other. Furthermore, there is something want to share with users. When Tinder changed the way people approach dating and relationships in the digital age, it is necessary to note that we are living in the real world in the end. For users, it would be good to not heavily rely on platforms to fully control the relationship, using dating apps moderately could be a possibly good way to help the user protect their privacy and security from the individual user’s point of view.


Curry, D. (2022). Dating app revenue and usage statistics. https://www.businessofapps.com/data/dating-app-market/

Dililo, J. (2022). Who Is the Tinder Swindler? https://www.netflix.com/tudum/articles/who-is-tinder-swindler-real-shimon-hayut

Duportail, J. (2017). I asked Tinder for my data. It sent me 800 pages of my deepest, darkest secrets. https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold

Ellis, M. (2022). 5 Dating app privacy disasters and how to protect yourself. https://www.makeuseof.com/tag/dating-app-privacy/

Flew, T. (2021). Privacy and security. In T. Flew (Eds), Regulating platforms (pp, 71-75). Polity Press.

GDPR (n.d.). Rights of the data subject. https://gdpr-info.eu/chapter-3/

Hayes, D. R., & Snow, C. (2018). Privacy and security issues associated with mobile dating applications. Information Systems & Computing Academic Professionals, 11, 1-13.

Hird, E., & North, A. (2021). The relationship between uses of music, musical taste, age, and life goals. Psychology of Music49(4), 872–889. https://doi.org/10.1177/0305735620915247

Hoang, N. P., Asano, Y., & Yoshikawa, M. (2017). Your neighbors are my spies: Location and other privacy concerns in GLBT-focused location-based dating applications. 2017 19th International Conference on Advanced Communication Technology (ICACT), 851–860. https://doi.org/10.23919/ICACT.2017.7890236

Kaspersky (2021). Dating apps in 2021: technically safer but threats of stalking and doxing still loom. https://www.kaspersky.com/about/press-releases/2021_dating-apps-in-2021-technically-safer-but-threats-of-stalking-and-doxing-still-loom

Lindgren, S. (2022). Digital media & society (2nd edition). Los Angeles: SAGE.

Lutz, C., & Ranzini, G. (2017). Where Dating Meets Data: Investigating Social and Institutional Privacy Concerns on Tinder. Social Media + Society3(1), 205630511769773–. https://doi.org/10.1177/2056305117697735

Tinder (n.d.). Security at Tinder. https://policies.tinder.com/security/intl/en/

Travers M. (2021). Dating app insiders remain ‘highly concerned’ about user security, according to a recent survey. https://www.forbes.com/sites/traversmark/2021/07/15/dating-app-insiders-remain-highly-concerned-about-user-security-according-to-a-recent-survey/?sh=5d186ae04ed7

Zetter, K. (2015). Hackers finally post stolen Ashley Madison data. https://www.wired.com/2015/08/happened-hackers-posted-stolen-ashley-madison-data/

Be the first to comment

Leave a Reply