The Gayborhood

Speaker 1: It's like you walking into a room and saying, okay. I'll share my information with 10 people in this room, and this is where it ends. And then you find out, actually, it's just gone out to the whole whole world.

Speaker 2: In 2020, Norwegian regulators launched a major investigation into the dating app, Grindr. Grindr, for anyone who is unfamiliar, is the world's largest gay dating app. It's got an estimated 15,000,000 monthly active users and a market cap of about 2 and a half billion dollars. Norway, for anyone who is unfamiliar, small Scandinavian country. Were you familiar, Scott?

Speaker 3: I don't know how you could be alive these days and not be familiar. I feel like my 73 year old mother would know what Grinder is.

Speaker 2: I meant with Norway.

Speaker 3: Oh, yeah. So sorry. Yes. Yes. No. No. No. I'm not. Can you give me a background on Norway?

Speaker 2: It's known for its mountains, glaciers, and deep coastal fjords.

Speaker 3: Oh, okay. Okay.

Speaker 2: January 14, the Norwegian Consumer Council, the publishes this technical and legal critique of data share in the country. At the same time as they file an official complaint against Grindr for their data sharing practices. The name of that report, Out of Control. How consumers are exploited by the online advertising industry. The report was mostly a team of people performing like a technical network analysis across about a dozen dating and lifestyle apps. And a lot of it is spent documenting pretty extensive data sharing with ad networks that was going on behind the scenes. We're all familiar with this stuff. The report really honed in on Grindr. The report described Grindr as without valid user consent, sharing GPS location, IP, age, device IDs, and a bunch of other personal user data with a swath of ad and analytics partners for, like, behavioral advertising. Surprising? No. Not really.

Speaker 3: No. Sadly.

Speaker 2: Worthy of a fine according to Norwegian law, it would seem. The complaint turned into a multimillion euro fine. The fine resulted in an appeal. This goes back and forth for a while. Roughly during the same window of time, Ronald de Jesus, former head of privacy for Grindr, claimed that they had fired him after he had raised concerns about retention and sharing practices. He accused them of a corporate culture that prioritized, quote, profit over privacy. He gets fired, follows a wrongful termination suit. Courts in Norway keep ruling against Grindr through the appeals, and eventually, the company pays the Norwegian multimillion euro fine. They bring a new management that was then this is now and they kind of try and wipe their hands of the whole mess. But Norway isn't the only country with privacy laws, which brings us to The UK into our story this episode. In 2024, a law firm called Austin Hayes files a claim in their high court alleging that Grindr had again there shared sensitive data with third parties for commercial purposes without valid consent. As of right now, 12,000 claimants have signed on and I want to dig into this. These cases are technically different in a few interesting ways. We're going to talk about them in our interview this episode. But, at the heart of both of these stories, and these are stories about like data and privacy and what it means when we click yes to terms of use, is this idea of special category data. Special category data, from what I can tell, is just this idea that data is not one big homogeneous thing in the eyes of the law. That there is some kind of difference between say your name and email, and medical data. One belongs in a special legal category due to its sensitivity, call that special category data. In the Norwegian case, that hinged on this idea that just being a user of an app itself can be special category data due to the fact that you can infer something about that user's sexual orientation. In The UK case is a question of whether a different kind of data, medical data, was ever shared with commercial partners. I find this kind of thing fascinating. We've talked about terms of use recently on this show.

Speaker 3: Correct. Yeah.

Speaker 2: The famous number that always floats around is that it would take an average person, over two hundred and fifty hours to read all of the terms of use they encounter in a year, which if we do the napkin math is equivalent to roughly 76 full time workdays.

Speaker 3: Given that Jordan and I have worked in the marketing advertising field, you know, PII, I think, is the term that's commonly used in in North America, personally identifiable information. Protection of PII is at the forefront of all those conversations Mhmm. In in North America anyway.

Speaker 2: And if it isn't protected information, it would be in those terms of use that you would be spending, assuming a five day work week about four months out of every year reading. You're gonna wanna spend q one reading terms of use.

Speaker 3: Yeah. Please, please, and thank you. That even if it's inside of terms of use, I believe I can't speak for the states, but I know for Canada, we have laws that protect it. So even if they are gathering and collecting that information through the terms of use, it can't be relayed to other people like advertisers like us. It can be generalized into large swaths of data and kind of behavioral trends and such, but they can't give us anything that's personally identifiable. So if we wanna drill down in data, the further down we get, the smaller the pool is. And once the pool reaches a legal size, then then we can't drill down any further.

Speaker 2: And just because you put something into terms of use doesn't make it legal. Correct. Ignoring the fact that no one is reading all of these things, we are all kind of assuming and hoping and relying on the idea that someone somewhere up the line in the the, like, ladder of people making this is paying attention to whether or not these agreements are legal. And then on the flip side of it, that when companies that make them violate them, that something at all happens as a result. There's some kind of fallout.

Speaker 3: Yeah. So at if you've read any illegal contracts, you know that the last clause in them is always a if any part of this contract is found to be invalid, illegal, or otherwise, the rest of the contract remains sound. Mhmm. It's always the way that they close all contracts. Yeah.

Speaker 2: Sure. If we made a whoopsie, the rest of it's still good, though. Right? Yeah. Totally.

Speaker 1: The key issue is that as far as our clients are concerned, when they provided their information, this is where it was supposed to stop.

Speaker 2: I wanted to understand more about this story because it's it's about data, and it's about privacy, and it's about the law. I knew that I needed to talk to Chaya Hanumanji, partner and managing director of Austin Hayes, the law firm bringing that claim on behalf of claimants against Grindr. To understand, like, what was the flow of data between these apps and these ad networks? What is the exact point that dodgy, but technically legal business practices end and privacy violations begin? And what does it even mean to try and sue a company worth $2,500,000,000? Scott, should we get into it? Let's do it. My conversation with Chai Hana Manji on this episode of Hacked. Trier, thank you so much for sitting down and, talking with me about this.

Speaker 1: Thanks for having me, children.

Speaker 2: We all give a lot of information to big companies probably on a almost daily basis at this point. I was fascinated by this as a story about what it is we're actually consenting to when we give that information to a company. You are leading a case now representing more than, I believe, it's 11,000 users of Grindr.

Speaker 1: Just over 12,000. Yeah.

Speaker 2: Just over 12,000. And what is it that that case is alleging the company did with those people's data?

Speaker 1: So the the the allegation relates to a certain period. So this is not a current practice. But, in the past, it, transpired that, Grindr was, you know, collecting information as it does from users, as part of them signing up to a dating app. And a lot of this information, on Grindr, is quite sensitive information because being on Grindr itself, indicates sexual preference. And then part of the the information that users provide also includes, information around HIV testing days, whether they have tested. So it's a very, very sensitive information. And, the allegation is that that information was shared with third potentially fourth parties, without, our client's consent. When you talk about consent, you know, when when we give our data to to these platforms, we do that in the in the, expectation that if this is going to be information that gets shared further or made public, that we will get told about this. And when it comes to special category data, there needs to be very explicit consent given. And that was not the case when it comes to to this information, that that Grindr shared.

Speaker 2: Seems like specifically from kind of having read through this between 2018 and 2020, it seems as though Grindr shared personal profile data, including in some cases, things like HIV status, testing dates, and that they shared it with, as you said, not just third party, but allegedly fourth party, groups and companies. I guess, just to start, sort of, like, what evidence are we looking at that shows that, and who were those third and fourth, parties?

Speaker 1: Well, we we have a list of the parties that it went to. So, it's all out in the public domain, companies like Mopub, Optimize, Localytics. But then once, you know, this data is shared with third parties, users have no control over when how far it extends to. And so this is why we say we don't know if it's third, fourth, fifth parties. But we do know that it was shared to a number of specific parties, and that information is out there in in the public domain.

Speaker 2: And those companies that you named, what kind of companies are there? What is it that they do? And maybe what would they even want this information for?

Speaker 1: Well, we don't know. Many of them are advertising companies. Mhmm. Some are not in the business of advertising or may not be. But in their in the business of gathering data and trying to use that data to optimize the use of certain apps, you know, we we are not really interested also in whether what they do with it. I think that the key issue is that, as far as our clients are concerned, when they provided their information, this is where it it was supposed to stop. So where the the data did end up, what was actually done with the data by these third parties, obviously, it it would matter, but it's not something we would ever be able to establish with certainty for 12,000 people. What our clients are very upset about is the fact that they didn't have any say in sharing that information.

Speaker 2: Sure. They consented to give the information over to Grindr for the purposes of operating a dating app, but not necessarily to hand it over to some kind of, commercial enterprise.

Speaker 1: Exactly. I mean, you know, Grindr describes itself as a safe space for LGBTQ people, and this is what, our clients assume when they are sharing that data.

Speaker 2: A former Grindr head of privacy, Ronald de Jesus, had said, claimed this was kinda years prior to this, but that after firing claimed that they'd been fired after raising concerns that the company was prioritizing. I believe their quote was profit over privacy. How does something like that fit into your understanding of what's happened here?

Speaker 1: Well, we can only comment on, you know, to the extent that our clients are affected and, what we see in the press. It's clear that Grindr has not, at least for as long as we can see, prioritized privacy and and using their their clients' data in the way they should be using it as a dating app. Even now, it seems like they're they're really focused on using AI tools to try and maximize, information that their clients provide them, as a dating tool as a tool for for maximizing use of that data.

Speaker 2: Mhmm.

Speaker 1: So they seem to want to spin out into different business models beyond the dating app, but using client data.

Speaker 2: Extremely valuable client data, it would seem. I've seen a few different arguments from Grindr, and I think we'll talk about a couple of them. But one was see seemed to kind of orbit around this idea that, like, we never monetized health data and that we shared it with, the term they used, and I didn't really understand this with service providers. I'm curious if you can help me understand this. Like, it it seems as though they're admitting to having shared information with people outside of Grindr, but that it was okay based on who they shared it with. What is that difference between a service provider and a commercial partner, and why does that distinction matter at all to the users?

Speaker 1: As far as we are concerned and our clients are concerned, it does not matter at all. Because our case is premised on, as I said, someone having autonomy over their data and and being allowed to make a decision as to who they share it with. Well, how Grindr made money out of this. This is to be determined, and we will find out through the process of disclosure and and various things. But, clearly, there is value in them having done that because otherwise, they wouldn't. They have also been, you know, in in not not exactly on the same case, but it they have been fined by the Norwegian regulator in relation to their failures, in their their privacy policies and and their the way they have managed data. It's not, I think it's it's it's something that people are aware of. So I would say they they need to really try and, acknowledge what their feelings have been in the past. And if they want to, you know, try and turn a new a new leaf and and make things right, that's fine, and that's what our clients want. But I think there's got to be some basic acknowledgment that they haven't been the best in the past. And clearly, there were commercial gains to be made, out of using people's data.

Speaker 2: So my understanding of UK law, which is extremely limited, I am here in Canada, is that legally HIV, and you made reference to this earlier, is something called a special category. It sits in special category data, which is its own little special bucket over here, under The UK general data protection regulation. What does that mean? What obligations does that impose on a company that is handling that kind of data?

Speaker 1: So that there is HIV information and also sexual preference that but both of these things, quite important, sort of data points. So the reason it's it's important is, you know, if if you, for example, give your information to what the NHS in The UK, so this is I'm sure you're you're aware of of who the NHS is. Yep. They have to be extremely careful about who they share this information with. So even if you go and see a private doctor outside of the NHS, the NHS is not allowed to share your information with this private doctor without you consenting to it. This is how careful you have to be around that information. I mean, all data is, you know, is is a lot of data is is personal information which you ought to be able to say, I don't want this shared with x y and z. But when it comes to medical data or sexual preference data, there's got to be explicit consent sought from a user before that information is shared. So companies need to be very, very careful around that, and and I think it's it's becoming it's quite widely acceptable that this, explicit consent is being sought across the board. And indeed, we've seen that Grindr is now trying to do that.

Speaker 2: Starting some new isn't just hard. It can be downright terrifying. You put a lot of work into a thing. You're not entirely sure it's gonna work out. You're taking a huge leap of faith. I've started a few things. Now I know I was right for believing in, you know, the idea, the product, despite all of those fears and hesitations. But boy, does it sure help when you have a partner like Shopify on your side. Shopify is the commerce platform behind millions of businesses around the world and 10% of all e commerce in The US. From household names like, well, hacked podcasts merch, to brands just getting started, you can get started with your own design studio with hundreds of ready to use templates. Shopify helps you build a beautiful online store that matches your brand style. Did I mention that that iconic purple shop pay button is used by millions of businesses around the world? I don't know why I wouldn't. I should. It's why Shopify has the best converting checkout on the planet. It also helps boost conversions, meaning less carts, sort of getting abandoned in the parking lot, and more sales for you. It's time to turn those what ifs into sign up for your one dollar per month trial at shopify.com/hacked. Go to shopify.com/hacked. One more time, that's shopify.com/hacked.

Speaker 4: This Father's Day, do more with dad and spend less with low prices guaranteed at the Home Depot. Get him fired up with a new grill and accessories, like the next grill five burner for just $299 so you can spend more time together while he becomes the grill master he was always meant to be. Or build memories with savings on top brand power tools so you can tackle projects side by side. Gift more and do more together this Father's Day with help from The Home Depot. Exclusions apply to homedepot.com slash price match for details.

Speaker 5: Whatever your thing, it could be anything. Canva helps you make that thing a thing. Canva is a simple online tool thing. It's a way to design with our magic AI tool things. You can social media your thing, generate images or videos of your thing, make decks for presentations to show your thing. Whatever needs to be done for your thing, Canva can make it an even better and bigger thing. Canva, the thing that makes anything a thing.

Speaker 6: Study and play. Come together on a Windows 11 PC. And for a limited time, college students get The best

Speaker 2: of both worlds.

Speaker 6: Get the Unreal College Seal, everything you need to study and play with select Windows 11 PCs. Eligible students get a year of Microsoft three sixty five premium and a year of Xbox Game Pass Ultimate with a custom color Xbox wireless controller. Learn more at windows.com/studentoffer. Law supplies last, ends June 30, terms at aka.ms/collegepc.

Speaker 2: We talk about a lot of data breaches on this show when people sort of inadvertently, you know, let some data slip out of their hands. This, alternatively, seems like it's it's this is about intentional data sharing. This might be only interesting to me, but how do you go about sort of proving that intent to share this information under, like, UK data protection law? Like, would the outcome of this be the same if this had been a data leak?

Speaker 1: For two reasons, no. One is, you know, we we are a law firm that considers lots of these cases. People come to us. There's been lots of data breaches, hacking, or cyber cyber, security issues in the in the recent few months. And we have to consider where a a business itself is the victim in this situation and not the the the one who has actually created the issue. And so we don't necessarily feel like, you know, we should really try and, go after a a business where they have been the victim of some, you know, some crime a criminal, try trying to get some kind of ransom money out of it out of them, even though that that there might be, you know, some criticism about their their systems. It's slightly different if a company is really negligent, I would say, where they have the the funds to put in place certain processes to make sure data is safe, and they don't do that. That's, you know, I would say the next step up in terms of us thinking, well, yeah, they they should they should be have to pay some level of compensation. And then you have the the case of Grindr where it's it's beyond that. It's the next step up where they've intentionally shared the data. And it's, you know, the real intention is is something that will come out in evidence. We've obviously done our work. We have very, very talent technical experts who are able to prove these things, and and they they have helped us gather the evidence around this. But that's that's for me, it's the worst thing that you could do in terms of that sort you know, in that scale.

Speaker 2: Sure. There is something just intuitively different about losing information, having taken from you, being the victim of a theft. Even if you were sort of tasked with keeping that information secure, it's a very different beast than you saying, look at how valuable this information we have is. What can we do with it?

Speaker 1: Exactly. And also realizing, well, this actually is a bit more valuable data than just somebody's name.

Speaker 2: It's the the uniquely sensitive nature of the data is in part what makes it so valuable.

Speaker 1: Exactly.

Speaker 2: Grindr, another sort of response that I've seen from them is this argument that that the users have effectively consented not just through the privacy policy that people rapidly scroll past when they're signing up through these things, but that by having this stuff listed listed publicly on a profile, the term I saw was I think it was manifestly made public. This idea that you are already sharing this information publicly through the app, and that that sort of functions as something of a defense in this case. Why, I guess, don't you believe those defenses hold up here?

Speaker 1: Firstly, find out hasn't filed a defense yet, so we don't know exactly what their defenses to to this specific case will be because the ones that you've mentioned, I believe they've already lost into in in other courts. So Okay. You know, if they want if they want to roll out the same defenses, then we'll have to consider that, but they haven't charged a defense.

Speaker 2: It's kind of a win, really, if they do.

Speaker 1: Yes. Exactly. But, I mean, based on our case and what we've seen, and the evidence that we have from our clients, there was no consent solved or given by our clients. And sorry, I think you mentioned one more thing. Was there a second defense? I think you mentioned something else. But

Speaker 2: No. I think we spoke about that one earlier. There was this idea that they manifestly made it public. And then earlier in the conversation, we talked about, the idea that they'd never monetized it intentionally and only shared it with service providers.

Speaker 1: Yes. I think this is one thing that, you know, our clients have given us quite quite a lot of, evidence about in terms of the idea that this is sharing, you know, publicly, a a number of our clients are not even openly gay. And so the fact that they, you know, Grindr would now suggest that they share this information publicly, having made their users feel safe to firstly use the app, provide the information, and then encourage them to share HIV status with the app, on the basis that, you know, let's make this a safe space for LGBTQ people to meet. So share your information freely so that it becomes you know, everyone can make a a an informed choice on who they want to, date or or talk to. That's something that's that that's really upsetting to our clients that that you hear that this could be an issue or that could be suggested even.

Speaker 2: I would imagine it wouldn't feel very good to have a value like that of clarity and commute communication inside of a community marketed at you to get you to come into this application only to have it sort of subverted for, allegedly commercial gains.

Speaker 1: Exactly. And and to give you an idea, you know, it's it's very hard for people to sign up to this claim with us when they feel already violated by a dating app. So we know there's about a million people on Grindr at any point in time in The UK. The fact that we have about 12,000 clients, it I think it it it means two things. One is that not everybody feels comfortable to, again, put themselves out there and share the information. Secondly, you know, these are the people who are really, really affected by it. And like I said, it's not just, well, I wasn't out yet or my family didn't know and I wasn't given the choice. So, certainly, there was no suggestion of this being public information. Some people also feel like they're not safe anymore because they have to work in countries where it's illegal to be gay, so they have to travel to these countries, and they have no idea where their data has now ended up.

Speaker 2: Right.

Speaker 1: And so it's causing, you know, a lot of some so many of our clients have had to, take medication. They have anxiety attacks. They they they have sleepless nights. It's, so far from that idea that they they were happy to openly publicly sharing information.

Speaker 2: I hadn't considered the, like, international reach of Grindr as having that kind of a a knock on effect for people that are potentially using the app in one area of the world that maybe, they wouldn't in another? And what kind of implications a privacy breach like this this would have for those kinds of users?

Speaker 1: Yes. Well, you know, we we don't again, we don't know. Let's say the third parties are international organizations sharing this data across the board. This is the issue when you sort of lose control of your information.

Speaker 2: Once it's out there in the world, it's it's it is literally impossible to know where it goes. It's

Speaker 1: Exactly.

Speaker 2: Wow. I wanna talk about the users in a minute, but, you had alluded to a case in Norway. A a regulator there fined them. I think it was 6 and a half million euros for unlawful data sharing. It was a decision that was then upheld this year, which seems very relevant to what we're talking about. How does that, you know, other European filing strengthen, this case?

Speaker 1: Well, I think there are a number of considerations that the the board looked at that are very transferable to our case and a number of findings that are very transferable. It's not a an exact same case, but, you know, it's it's easy to look at how Grindr has reacted to these things, how they responded, and how their evidence was poor, in relation to showing that they got consent, for example, compliance. Obviously, that's another jurisdiction, but we I think it it's not a stretch to assume that their practices worldwide has has been very consistent and consistently poor in terms of managing private data properly.

Speaker 2: I've seen claims that, you know, this is there there I've seen claims that this is sort of a mischaracterized practice, but that the bigger claim seems to be that this is a older practice, that this was something that happened in the past. We've moved on. Why are we digging up all this old stuff? What is your response to this? And what reason do you have to believe that this has continued past, say, 2020?

Speaker 1: We don't know if it's continued. I mean, this is also part of, you know, the the process of disclosure. We know for sure that it's happening for a certain period. But even if it is historic, I mean, you know, a lot of litigation is in relation to historic behavior. If a big corporate has has behaved badly in the past, just because we're now five, six years later doesn't mean, they they shouldn't, have to pay some level of compensation or at least apologize to their users. And, you know, the fact that they're just saying, well, this is in the past, and we've now changed things. It's just not good enough.

Speaker 2: Depending on what kind of time frame you're talking about, everything people do wrong occurred in the past. And maybe by that logic, it's like, oh, you can't really be held responsible for anything because that was a different person. Let's let bygones be bygones.

Speaker 1: Also, I mean, you know, they they got found out. It's not an a question of them suddenly saying, oh, we we we are now going to be, you know, behaving better. They got found out. They got fined. And it's a result of that that they've they've been forced to change some of their practices.

Speaker 2: I wanna talk about you used the phrase level of compensation, and we've talked about the scale of these fines versus the scale of the behavior. I wanna talk about scale because, you know, Norway, €6,500,000, that's a ton of money to either of us or anyone out there in the world. But to Grindr, I I always hear people use the metaphor when they're talking about big companies, say losing a case or getting a fine. People always refer to it as like, oh, that was just a speeding ticket for them. €6,500,000 to a 2 and a half billion dollar market cap company is like, it's not even a speeding ticket. It's like a a rounding error to someone like them. When you pursue a lawsuit like this, what does accountability to a company this size look like?

Speaker 1: Well, it really it it it you know, we have, very few cases in The UK that have been brought, on the basis that we have brought this case where you have 12,000 users who, can show that they have suffered distress because that's what, measures level of compensation in in in, UK law. And so this is a little bit, you know, we we are looking at levels of compensation in other areas, not necessarily on a dating app. So we're looking at levels of compensation, for example, in the medical field where data has been shared unintentionally or, you know, by negligence. And these are the the the sort of, factors that we are looking at in terms of determining what level of compensation someone could get. Of course, it also depends on their individual circumstances.

Speaker 2: Mhmm.

Speaker 1: So some people would be more affected than others depending on on who they are, what what sort of issues they have had, why why their data is even more sensitive than others.

Speaker 2: Let's let's talk about them. You alluded to this earlier, but, like, what are some of those, like, real world consequences when we look at this type of misuse of data? Like, what have your clients described to you in terms of, like, fear, outing, personal safety risks? Talk to me about the users of this app.

Speaker 1: So I I think the vast majority of our clients would say, you know, they were not ready to come out to their family or friends. Some of our clients, are in, you know, a marriage in heterosexual relationships, and they were on a dating app. Now it's not for us to judge whether they should be on this or not, but that that's their prerogative whether they they decide to be on an app and then, you know, try and trust the the, trust Grindr with that information. And then I think on the more, you know, on the other scale, there's there's also what I mentioned about people feeling very, anxious about traveling to certain countries. Some people feel they are in certain professions where they cannot be openly gay. So, for example, people who are in the military, they, you know, they don't want to be outed in this way. And it it's, you know, at the at the back of my mind, sometimes when I read these things, I think of of the I think it's Ashley Madison or, can't remember. There was this

Speaker 2: Yeah.

Speaker 1: Where people's people's data was just published. Right? And here, that's not that that hasn't happened. But I think people feel when when could that happen that, you know, if this if if our data has been shared in that way, who has that data? When will it be that? Do I now need to, you know, just be upfront and tell my employer I am actually gay?

Speaker 2: Mhmm.

Speaker 1: When I wasn't ready to, how do I protect myself? I think these are the sort of considerations that, you know, a a court would look at.

Speaker 2: Yeah. The the fear that once information is out in the world, you're kind of constantly waiting for it to pop up somewhere else. The Ashley Madison comparison was so apt because that information got leaked. And then there was sort of an entirely secondary, call it media political something, where people started saying, it's a good thing for us to take this information and shine light on it so you can search it, and it's indexable, and it's parsable, and you can look a name up in it and see what's in there. And there's all these no one could have predicted that when the original dataset leaked. But for those users in that middle, there would have been this fear. What if something happens? What if something happens? What if something happens? And then it does. So I I it's that fear.

Speaker 1: Exactly. It's the fear. It it's you know, some of these things may not happen, but the fear is what creates the the the distress in our clients. And that's not something they can really sort of move on from even if it's four, five years later. And and we don't even know if it you know, if that's that practice has stopped. We don't know where the data has ended up at this point, and that that's the sort of transparency we are looking for from Grindr.

Speaker 2: And even if someone listening to this is thinking to themselves, well, you share an inform a piece of information with an application. It is posted publicly on a profile. You should accept the premise that it is going to be public. Those people did not consent when they shared that information allegedly to that party sharing it with third parties, fourth parties without with it going out into the world beyond the confines of a geo locked dating app.

Speaker 1: Yes. I mean, it's, you know, it's like you walking into a room and saying, okay, I'll share my information with 10 people in this room, and this is where it ends. And then you find out, actually, it's just gone out to the whole whole world. That's the difference here.

Speaker 2: Right. One of the 10 people in that room was like, oh, I was live streaming this whole time. Exactly. Should I not have done that? Do would you like me to have told you I was going to do that before you walked in and shared this very personal information? I guess to wrap up, like, what message do you hope something like this sends to tech companies that hold this, you know, in some cases, very deeply personal data, especially those that are marketing themselves as safe spaces for, you know, different communities?

Speaker 1: Well, I think there are different things to think about because if you want to be, you know, a a responsible company, a lot of these companies want to be, you know, to to promote their ESG status and and everything they they stand for, it's very important to be able to demonstrate that they're treating people fairly. So there are different ways you could do that. One is obviously making sure you're getting consent properly from clients. But the other way of doing this in in a very equitable way is actually giving value to the data that you are sharing. So there there is a value to this data, and the more sensitive your data is, the more valuable it is. And so giving me and you the choice to say, well, if you are going to share this data, you pay me, I don't know, £20, £50, or something.

Speaker 3: Mhmm.

Speaker 1: Or I get or I get a free subscription or whatever it might be. That is the way to recognize the value of of our data instead of essentially stealing it and making money off of it and us not even realizing that.

Speaker 2: Chaya, thank you so much for sitting down talking with me about this. I I found it genuinely fascinating.

Speaker 1: Thank you so much. Really, really good to speak to you.

Speaker 7: Have no fear. Foods is here to defend your favorite foods from the forces of seedy oils and sketchy ingredients. With cooking oils, salad dressings, and mayo, all powered by the good fats from 100% pure avocado oil and simple delicious ingredients. Chosen Foods.

Speaker 8: Athletic brewing company crafts award winning non alcoholic beers for those who want to be part of every round with over 185 flavor awards. They're exceptional NA beers that fit your lifestyle and any social occasion. Summer's full of good times and athletic fits right in. Go to athleticbrewing.com to have brews delivered to your door or find them at a bar, restaurant, or store near you. Near beer, athletic brewing company fit for all times.