Priest sues Grindr for sharing data
A priest from Wisconsin has filed a lawsuit in California Superior Court against the dating app Grindr. Monsignor Jeffrey Burrill, who until his resignation in 2021 was the top administrator at the US Conference of Catholic Bishops (USCCB), said in the lawsuit that his data was sold without his knowledge or consent. In July 2021, data from the app was published indicating that Burrill was a user of the app and had apparently patronized gay bars.
Burrill was made to leave his position in the church in the wake of the forced outing. Now he says that the release of his data caused “significant damage” to his reputation – especially given his vow of celibacy and the Catholic Church’s stance towards homosexuality.
Grindr did not inform Burrill that his information was being sold to data vendors, the lawsuit alleges. According to the lawsuit filing, the dating platform sold the priest’s data to companies and data vendors between 2017 and 2021.
Burrill filed the lawsuit on July 18, after a request from one of his lawyers that Grindr pay $5 million in compensation was denied. Burrill hopes that the lawsuit will force the platform to pay damages and will in the future prevent the company from sharing users’ data without informing them.
A spokesperson for Grindr told the Washington Post that the company “intends to respond vigorously to these allegations, which are based on mischaracterizations of practices relating to user data.”
Data-sharing business model
Burrill resigned from his post as general secretary of the USCCB after allegations of “improper behavior” surfaced against him. According to Gregory Helmer, one of Burrill’s attorneys, the USCCB asked for his resignation. Soon afterwards the right-wing Catholic news site the Pillar reported on the priest’s activities on the dating platform and published details gleaned from his personal data. The website claimed to have reviewed his activities using “commercially available records of app signal data.”
In the lawsuit Burrill now alleges that the Pillar obtained the data from Catholic Laity and Clergy for Renewal (CLCR). The Christian organization buys data from queer dating apps in order to identify leading clergy members who have broken their vows of celibacy. CLCR admitted to obtaining data from Grindr in the past but “denied sharing information with the Pillar,” according to the Washington Post.
The Pillar meanwhile has still not revealed the source from which it obtained the data. The site has said only that it obtained the data legally from a data vendor that trades in anonymized data that Grindr sells in accordance with its terms of use.
Helmer, Burrill’s attorney, told the Washington Post that he hopes that going to court will ultimately reveal where the CLCR bought its data from. “We want answers so we can use that as a warning to other Grindr users,” Helmer told the paper.
The user data collected and shared by Grindr is anonymized, but because the app registers and saves users’ locations, profiles can be linked to individual users. In Burrill’s case the data showed logins from a device whose location was tracked to Burrill’s office, his residence, and other places he was known to have visited.
As stated in its privacy policy, Grindr reserves the right to share user information with third parties. This information includes profile information, location data, and users’ activity on the app. The app even holds information regarding some users’ HIV status – but this is not shared with advertising companies.
“Anonymized” – not anonymous
Burrill’s case demonstrates how even ostensibly anonymized data can sometimes be linked to specific individuals. Even when clear identifiers like names and telephone numbers are removed, there is usually still enough information to significantly narrow down the field of potential matches. If someone is searching for a particular person in a set of anonymized data, often enough the location data alone is sufficient to identify the person.
The Pillar’s article immediately prompted sharp criticism from within the church. James Martin, an American Jesuit priest, called the site’s methods spying “under the guise of a journalistic ‘investigation’,” and added: “These witch hunts, usually aimed at vulnerable people working for the church, must end.” Martin also decried the article’s conflation of homosexuality and pedophilia. The article cited instances of adults using Grindr and similar apps to contact minors and seemed to suggest a link between these instances and prior instances of child sexual abuse in the church.
James Carr, another lawyer representing Burrill, sent a letter to Grindr in June stating that his client was “publicly ‘outed’ as gay” as a result of the app’s release of his data. “To have that decision forced out of your hands and into the public realm is reprehensible,” Carr told the Washington Post. (hcz</a)