While you probably already know that you need to be aware of scammers who take to dating sites and apps to lure unsuspecting victims into financial fraud, you may not be aware that online dating companies themselves don’t have the greatest reputation for protecting your privacy. In fact, many popular dating sites and apps have a history of security vulnerabilities and privacy violations — something you might want to be aware of if you’re trying to figure out how to make online dating work for you.
We’ve known for years about the privacy compromises you make when you sign up for an online dating site or app, as Rainey Reitman reported for the Electronic Frontier Foundation a few years ago. For instance, your dating profile and photos can hang around on the company’s servers for years, even after you cancel your subscription. Depending on your privacy settings, your profile can be indexed by search engines, and services like Google Image Search can connect the photos on your profile with your real identity, as Carnegie Mellon researchers demonstrated. Dating sites collect data on you — such as your age, interests, ethnicity, religion, and more — and lend or sell it to marketers.
And popular dating services rarely prioritize strong privacy practices, which means they’re often riddled with vulnerabilities. As Min-Pyo Hong of SEWORKS recently reported for VentureBeat, the top dating apps are “just waiting to be hacked.” Each app that SEWORKS analyzed was decompilable, which means that hackers could reverse-engineer and compromise the app. None had protections to prevent or delay unauthorized decompiling; none had obfuscated their source code, which means hackers could access sensitive data; and one wasn’t even using secure communication, which would make it easy for hackers to intercept data being exchanged between the app and the server.
