Technology These popular apps are sharing personal data with dozens of companies, study says

Ten popular apps -- including dating services Tinder, OkCupid and Grindr -- are sharing people's personal information with dozens of digital marketing and ad tech companies without explicitly letting users know, according to a new study. The only way for many users to protect their information, the report says, is for them to have never installed the apps at all.

© Provided by CNET Do you know where your data's going? Getty Images

The study, released Tuesday by the Norwegian Consumer Council (Forbrukerradet), found that the apps, which also included period-tracking apps Clue and My Days, were collectively sharing user data with at least 135 advertising-related companies. The shared data included GPS locations and IP addresses, as well as personal details about gender, sexuality and political views, according to the study.

Instagram, Oculus and WhatsApp are missing from Facebook's privacy booth at CES

The social network doesn't address privacy tools for other apps it owns.The space, which Facebook calls a privacy booth, includes a large screen that displays the revamped privacy checkup it unveiled at the Consumer Electronics Show on Monday. The checkup guides users through privacy and security settings on the social network.

In response to the study, a spokesperson for Clue said Monday that it doesn't share users' health or menstrual cycle data, and it doesn't sell data to any third-party service, including advertisers. The company does share usage data with Braze, which it says is clearly outlined in its privacy policy, in order to "make improvements to the Clue app and its features."

Match Group, which owns Tinder and OkCupid, said it uses third-party companies to assist with "technical operations and providing our overall services."

"We only share the specific information deemed necessary to operate our platform, in line with the applicable laws including GDPR and CCPA, said a Match Group spokesperson on Monday, referring to the European Union's General Data Protection Regulation and the California Consumer Privacy Act. "All Match Group products obtain from these vendors strict contractual commitments that ensure confidentiality, security of users' personal information and strictly prohibit commercialization of this data."

Grindr said to share users' locations, sex preferences

Apps fed advertisers data that included info about "personalities, predispositions and secret desires," study found.The popular matchmaking apps collected and processed large amounts of highly sensitive information pertaining to individuals' sexuality, drug use, political views and more to help advertisers send consumers more targeted ads, the Norwegian Consumer Council said in a report entitled "Out of control: How consumers are exploited by the online advertising industry.

© Getty Images

The other apps cited in the study didn't immediately respond to requests for comment.

"Every day, millions of Americans share their most intimate personal details on these apps, upload personal photos, track their periods and reveal their sexual and religious identities," Burcu Kilic, of Public Citizen, said in a release. "But these apps and online services spy on people, collect vast amounts of personal data and share it with third parties without people's knowledge."

Public Citizen, along with the American Civil Liberties Union of California and nine other advocacy groups, has called on the US Federal Trade Commission, Congress and the attorneys general of three states to investigate the app companies' data-sharing practices.

The study also said the apps didn't clearly inform users that data would be shared with third-party ad companies. Though some of the data-sharing is described in the apps' privacy policies, the descriptions are long, complex and unlikely to be read by consumers, according to the study. The majority of the apps also didn't offer options or settings to prevent or reduce the sharing of data with third-party companies. The NCC said this leaves most people with one option if they don't want their data shared: Don't install the apps at all.

The NCC tweeted that it'll file complaints against six companies based on its findings.