Grindr’s wingman chatbot learns your type by studying your tap patterns, your chat history, and your profile photos—all without explicit permission.
The Electronic Frontier Foundation this week called on Grindr to flip two critical defaults: stop training AI models on users’ personal data without opt-in consent, and disable behavioral advertising by default. The demand arrives as Grindr’s CEO pushes the company toward becoming an “AI-first business,” a pivot that, for LGBTQ+ users, transforms an intimate dating app into a data-harvesting machine with uniquely dangerous consequences. For queer people, a leaked sexual orientation signal can trigger employment discrimination, family rejection, arrest in hostile jurisdictions, or violence. The question is whether Grindr will treat that risk as a feature to protect—or a cost of doing business.
- The Tracking Exposure: Grindr contacted 20 third-party tracking domains in just 15 minutes of app use, according to EFF research using TrackerControl.
- The Default Enrollment Problem: Users are automatically enrolled in AI training on profile photos, tap patterns, age, and display names, with opt-out buried across multiple settings screens.
- The Data Broker Pipeline: Grindr acknowledges sharing mobile advertising identifiers with advertisers, funneling sexuality signals into a supply chain that an entire industry exists to de-anonymize.
- The Historical Pattern: Between 2017 and 2020, Grindr’s precise location data was collected by a data broker and sold commercially—a practice the company only ended after public exposure.
Grindr has a documented history of mishandling the most sensitive user data. Between 2017 and 2020, the app’s precise location data—detailed enough to infer romantic encounters between specific users—was collected by a data broker industry and sold commercially. In 2021, data from Grindr and similar apps was weaponized to out a gay Catholic priest without his consent. The app has faced reprimands and fines across multiple countries for sharing HIV status and location with advertisers. A former Chief Privacy Officer sued the company, alleging it fired him for raising concerns about prioritizing “profit over privacy.”
Grindr ended some of its most egregious practices after public exposure. But the new AI infrastructure, the EFF argues, opens a different door to the same problem: default enrollment in systems that users don’t understand and can’t easily control.
How Does Grindr’s Ad Network Expose Sexual Orientation Signals?
Using TrackerControl, a privacy research tool, the EFF recorded Grindr contacting 20 third-party tracking domains in just 15 minutes of app use. These aren’t random ad networks—they include Big Tech companies and ad-tech intermediaries that have faced FTC penalties and SEC probes for privacy violations. Many of them operate through “real-time bidding,” an automated auction system that can expose user data to hundreds of additional companies in milliseconds. Once a Grindr user’s mobile advertising identifier (MAID)—a unique, persistent device ID—enters this ecosystem, it becomes linkable to email addresses, phone numbers, and other identifying information. An entire industry exists to make those connections. Grindr acknowledges sharing MAIDs with advertisers, which means the app is funneling sexuality signals into a data broker supply chain.
• 20 third-party tracking domains contacted by Grindr within 15 minutes of app use, per EFF research
• Real-time bidding auctions can expose a single user’s data to hundreds of additional companies within milliseconds
• Grindr faced regulatory action across multiple countries for sharing HIV status and location data with advertisers
• The app’s location data was commercially sold via data brokers for at least three years before public exposure forced a change
This mirrors a structural pattern from the Cambridge Analytica era: the harvesting of intimate behavioral data at scale, its aggregation across third-party networks, and its conversion into psychographic profiles used for targeting. Where Cambridge Analytica built political micro-targeting on Facebook’s data exhaust, Grindr’s ad network is building commercial micro-targeting on sexual orientation and preference signals. The data flows differently, but the mechanism—default consent, opaque intermediaries, behavioral inference, and the erasure of user control—is the same. That parallel is not incidental: as documented in the analysis of behavioral profiling at scale, the Cambridge Analytica model did not disappear after the scandal—it was absorbed into the standard operating procedures of the ad-tech industry.
What Does Grindr’s AI Training Actually Use Your Data For?
The AI training problem operates on a parallel track. Grindr automatically enrolls users in AI training on profile photos, age, taps, and display names. The company claims it excludes sensitive health data and requires opt-in for chat content and location. But the definition of what’s “sensitive” is narrow, and the opt-in process is buried in settings. Users must navigate multiple screens to prevent their intimate preferences from being fed into Grindr’s AI models. By default, the app uses your data to train the algorithms that power the wingman chatbot, profile recommendations based on inferred “type,” and behavior-based insights that expose your typical online hours and the age range and “tribe” of people you interact with.
The ethical dimensions of this default enrollment extend beyond individual inconvenience. Research examining AI-based digital marketing ethics has raised pointed questions about whether machine learning algorithms can be designed to prioritize personal data protection while still delivering commercial value—a tension Grindr has not publicly resolved. The answer, in practice, appears to be that commercial value wins by default.
• Analysis by the Office of the Victorian Information Commissioner identifies training machine learning algorithms on large personal datasets as a core privacy challenge, noting that data collected for one purpose can be repurposed in ways users never anticipated
• Security researchers have repeatedly demonstrated that personal data can be extracted from trained AI models, meaning intimate details fed into a system today may be recoverable from the model itself in the future
• Default enrollment structures—where users must actively opt out rather than opt in—are consistently shown to result in near-universal participation, regardless of user awareness or intent
Is “Notification” the Same as Consent?
The EFF notes that AI systems trained on personal data create new risks: information can be retained, reproduced, or extracted in unexpected ways. Researchers have demonstrated the ability to pull training data out of systems like ChatGPT. For a dating app, that means intimate details about sexual preference, health status, or relationship patterns could theoretically be recovered from the model itself—or used to train future systems in ways users never anticipated.
Grindr’s response has been to claim transparency. The company says it notifies users and allows opt-outs. But notification without meaningful default protection is a hollow promise. Studies show most people don’t change default settings. A notice that says “Proceed” as its only button is not consent—it’s the illusion of choice. The same logic applies to the disable ad personalization problem that affects users across the broader digital ecosystem: the burden of action is placed on the individual, while the system profits from inaction.
What the EFF Is Actually Demanding—and Why It Matters
The EFF’s demand is specific: make opt-out behavioral advertising the default everywhere (except in unspecified regions where Grindr already does this), and require opt-in consent before training AI on personal data. These are not radical asks. They reflect a principle: for a community whose privacy violations have historically led to violence and persecution, the burden should not be on users to figure out which settings to flip.
• The EFF’s framing centers on structural default design rather than individual user behavior—arguing that the architecture of consent, not the content of disclosures, determines whether privacy protection is real or performative
• For LGBTQ+ users in jurisdictions where homosexuality carries legal penalties, a sexuality signal that enters a real-time bidding ecosystem is not a recoverable privacy loss—it is a permanent, potentially life-altering exposure
• The distinction between opt-in and opt-out consent is not procedural: it determines whether the population enrolled in data harvesting is those who actively chose it, or everyone who failed to notice a buried setting
Grindr will face this pressure during Pride month, when the company’s commitment to LGBTQ+ safety is most visible. Whether the company treats that commitment as marketing or as principle will determine whether its AI pivot becomes a tool for personalization—or another chapter in the long history of intimate data turned into infrastructure for harm.
