Hacked - The Gayborhood
Episode Date: December 1, 2025For the last few years, Grindr has branded itself as the global gayborhood—a digital safe space for queer communities. But a series of European investigations raised serious questions about how the... app handled user data. In this episode, we talk with Chaya Hanoomanjee of the law firm Austin Hayes, who is leading a major UK claim alleging that Grindr shared sensitive user information, including in some cases health data, without proper consent. We trace the story from Norway’s multimillion-euro fine to the 12,000-person UK action and unpack what “special category data” actually means, why these cases matter, and what we’re all really agreeing to when we tap “accept.” Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
It's like you walking into a room and saying, okay, I'll share my information with 10 people in this room.
And this is where it ends.
And then you find out actually it's just gone out to the whole world.
In 2020, Norwegian regulators launched a major investigation into the dating app, Grindr.
Grindr, for anyone who is unfamiliar, is the world's largest gay dating app.
It's got an estimated 15 million monthly active users and a market cap of about $2.5 billion.
Norway, for anyone who is unfamiliar, small Scandinavian country.
Were you familiar, Scott?
I don't know how you could be alive these days and not be familiar.
I feel like my 73-year-old mother would know what grinder is.
I meant with Norway.
I was sorry, yes, yes.
No, I'm not.
Can you give me a background on Norway?
It's known for its mountains, glaciers, and deep coastal fjords.
Oh, okay, okay.
January 14th, the Norwegian Consumer Council, the for Bruchre Debt,
publishes this technical and legal critique of data sharing in the country.
At the same time as they file an official complaint against Grindr for their data sharing practices.
The name of that report, out of control, how consumers are exploited by the online advertising industry.
The report was mostly a team of people performing like a technical network analysis across about a dozen dating and lifestyle apps.
And a lot of it has spent documenting pretty extensive data sharing with ad networks,
that was going on behind the scenes.
We're all familiar with this stuff.
The report really honed in on Grindr.
The report described Grindr as,
without valid user consent,
sharing GPS location, IP, age, device IDs,
and a bunch of other personal user data
with a swath of ad and analytics partners
for behavioral advertising.
Surprising?
No.
Not really?
Sadly.
Worthy of a fine according to Norwegian law,
it would seem.
The complaint,
turned into a multi-million euro fine. The fine resulted in appeal. This goes back and forth for a while.
Roughly during the same window of time, Ronald de Jesus, former head of privacy for Grindr claimed
that they had fired him after he had raised concerns about retention and sharing practices. He accused
them of a corporate culture that prioritized, quote, profit over privacy. He gets fired,
falls a wrongful termination suit. Courts in Norway keep ruling against Grindr,
through the appeals, and eventually the company pays the Norwegian multi-million euro fine.
They bring a new management.
That was then, this is now, and they kind of try and wipe their hands of the whole mess.
But Norway isn't the only country with privacy laws, which brings us to the UK and to our story
this episode.
In 2024, a law firm called Austin Hayes files a claim in their high court, alleging that
Grindr had again there shared sensitive data with third parties.
for commercial purposes without valid consent.
As of right now, 12,000 claimants have signed on,
and I want to dig into this.
These cases are technically different in a few interesting ways.
We're going to talk about them in our interview this episode,
but at the heart of both of these stories,
and these are stories about, like, data and privacy
and what it means when we click yes to terms of use,
is this idea of special category data.
Special category data,
from what I can tell, is just this idea that data is not one big homogenous thing in the eyes of the law.
That there is some kind of difference between, say, your name and email and medical data.
One belongs in a special legal category due to its sensitivity.
Call that special category data.
In the Norwegian case, that hinged on this idea that just being a user of an app itself can be special category
data due to the fact that you can infer something about that user's sexual orientation.
In the UK case is a question of whether a different kind of data, medical data, was ever
shared with commercial partners.
I find this kind of thing fascinating.
We've talked about terms of use recently on this show.
Correct.
Yeah.
The famous number that always floats around is that it would take an average person over 250
hours to read all of the terms of use they encounter in a year.
which if we do the napkin math as equivalent to roughly 76 full-time work days.
Given that Jordan and I have worked in the marketing advertising field, you know, PII, I think is the term that's commonly used in North America,
personally identifiable information. Protection of PII is at the forefront of all those conversations in North America anyway.
And if it isn't protected information, it would be in those terms of use that you would be spending
assuming a five-day work week
about four months out of every year reading.
You're going to want to spend Q1 reading Terms of Use.
Yeah, please, please and thank you.
Even if it's inside of Terms of Use, I believe,
I can't speak for the States,
but I know for Canada we have laws that protect it.
So even if they are gathering and collecting that information
through the terms of use,
it can't be relayed to other people
like advertisers like us, it can be generalized into large swaths of data and kind of behavioral
trends and such, but they can't give us anything that's personally identifiable. So if we want to
drill down in data, the further down we get, the smaller the pool is. And once the pool reaches
a legal size, then we can't drill down any further. And just because you put something into terms
of use doesn't make it legal. Correct. Ignoring the fact that no one is reading all of these things,
we are all kind of assuming and hoping and relying on the idea that someone somewhere up the line
in the ladder of people making this is paying attention to whether or not these agreements are legal
and then on the flip side of it that when companies that make them violate them that something
it all happens as a result there's some kind of fallout yeah so if you've read any legal contracts
you know that the last clause in them is always a if any part of this contract
is found to be invalid, illegal, or otherwise, the rest of the contract remains sound.
It's always the way that they close all contracts.
Yeah, sure. If we made a whoopsie, the rest of it's still good, though, right? Yeah, totally.
The key issue is that as far as our clients are concerned, when they provided their information,
this is where it was supposed to stop.
I wanted to understand more about this story, because it's about data and it's about privacy and it's
about the law, I knew that I needed to talk to Chia Hanamongi, partner and managing director of
Austin Hayes, the law firm bringing that claim on behalf of claimants against Grindr, to understand,
like, what was the flow of data between these apps and these ad networks? What is the exact
point that dodgy, but technically legal business practices end and privacy violations begin?
And what does it even mean to try and sue a company worth $2.5 billion?
Scott, should we get into it?
Let's do it.
My conversation with Chaya Hanamongi on this episode of Hacked.
Chaya, thank you so much for sitting down and talk with me about this.
Thanks for having me, children.
We all give a lot of information to big companies, probably on an almost daily basis at this point.
I was fascinated by this as a story about what it is we're actually consenting to when we give that information to a company.
You are leading a case now representing more than I believe it's 11,000 users of Grindr.
Just over 12,000, yeah.
Just over 12,000.
And what is it that that case is alleging the company did with those people's data?
So the allegation released to a certain period.
So this is not a current practice.
But in the past, it transpired that Grindr was, you know,
collecting information as it does from users as part of them finding up to a dating app.
And a lot of this information on Grindr is quite sensitive information because being on Grider in itself indicates sexual preference.
And then part of the information that users provide also includes information around HIV testing days, whether they have tested.
So very, very sensitive information.
and the allegation is that that information was shared with third,
potentially fourth parties without our client's consent.
When you talk about consent, you know, when we give our data to these platforms,
we do that in the expectation that if this is going to be information that gets shared further
or made public, that we will get told.
about this. And when it comes to special category data, there needs to be very explicit consent
given. And that was not the case when it comes to to this information that that grinder shed.
Seems like specifically from kind of having read through this between 2018 and 2020,
it seems as though grinder shared personal profile data, including in some cases,
things like HIV status, testing dates, and that they shared it with, as you
said not just third party, but allegedly fourth party groups and companies, I guess just to
start sort of like what evidence are we looking at that shows that? And who were those third and
fourth parties? Well, we have a list of the parties that it went to. So it's all out in the
public domain companies like mopub, optimize localetics. But then once, you know, this data
shared with third parties, users have no control over when, how far it extends to.
And so this is why we say we don't know if it's third, fourth, fifth parties, but we do know
that it was shared to a number of specific parties and that information is out there in
the public domain.
And those companies that you named, what kind of companies are there?
What is it that they do?
And maybe what would they even want this information for?
Well, we don't know.
Many of them are advertising companies.
Some are not in the business of advertising or may not be,
but they're in the business of gathering data
and trying to use that data to optimize the use of certain apps.
You know, we are not really interested also in whether,
what they do with it.
I think that the key issue is that,
as far as our clients are concerned,
when they provided their information,
this is way it was supposed to stop.
So where the data did end up,
what was actually done with the data by these third parties,
obviously it would matter,
but it's not something we would ever be able to establish
with certainty for 12,000 people.
What our clients are very upset about
is the fact that they didn't have any say in sharing that information.
Sure.
They consented to give the information over to Grindr for the purposes of operating a dating app
but not necessarily to hand it over to some kind of commercial enterprise.
Exactly.
I mean, you know, Grindr describes itself as a safe space for LGBTQ people,
and this is what our clients assume,
when they were sharing that data.
A former grinder head of privacy, Ronald DeHezus, had said, claimed this was kind of years prior to this, but that after firing,
claimed that they'd been fired after raising concerns that the company was prioritizing.
I believe their quote was profit over privacy.
How does something like that fit into your understanding of what's happened here?
Well, we can only comment on, you know, to the extent that our clients are affected and what we see in
press. It's clear that Rinder has not, at least for as long as we can see, prioritized privacy
and using their client's data in the way they should be using it as a dating app. Even now,
it seems like they're really focused on using AI tools to try and maximize information
that their clients provide them as a
as a tool for maximizing use of that data.
So they seem to want to spin out into different business models
beyond the dating app, but using client data.
Extremely valuable client data, it would seem.
I've seen a few different arguments from Grindr,
and I think we'll talk about a couple of them,
but one seemed to kind of orbit around this idea
that like we never monetized health data and that we shared it with the term they used,
and I didn't really understand this with service providers.
I'm curious if you can help me understand this.
It seems as though they're admitting to having shared information with people outside of Grindr,
but that it was okay based on who they shared it with.
What is that difference between a service provider and a commercial partner
and why does that distinction matter at all to the users?
As far as we are concerned and our clients are concerned, it doesn't matter at all.
because our case is premised on, as I said, someone having autonomy over their data and being allowed to make a decision as to who they share it with.
How Brian did money out of this, this is to be determined and we will find out through the process of disclosure and various things.
But clearly there is value in them having done that because otherwise they wouldn't.
They have also been, you know, not exactly on the same case, but they have been fined by the Norwegian regulator in relation to their failures in their privacy policies and the way they have managed data.
It's not, I think it's something that people are aware of.
So I would say they need to really try and acknowledge what their failure.
have been in the past.
And if they want to, you know, try and turn a new leaf and make things right, that's fine.
And that's what our clients want.
But I think there's got to be some basic acknowledgement that they haven't been the best in
the past.
And clearly, there were commercial gains to be made out of using people's data.
So my understanding of UK law, which is extremely limited, I am here in Canada, is that legally
HIV, and you made reference to this earlier, is something called a special category. It sits in
special category data, which is its own little special bucket over here under the UK general data
protection regulation. What does that mean? What obligations does that impose on a company that is
handling that kind of data? So there is HIV information and also sexual preference,
but both of these things, quite important sort of data points. So the reason it's important
is, you know, if you, for example,
give your information to the NHS in the UK,
so this is, I'm sure you're aware of who the NHS is,
they have to be extremely careful about who they share this information with.
So even if you go and see a private doctor outside of the NHS,
the NHS is not allowed to share your information with this private doctor
without you consenting to it.
this is how careful you have to be around that information.
I mean, all data is, you know, a lot of data is personal information,
which you ought to be able to say, I don't want this shared with X, 1, Z,
but when it comes to medical data or sexual preference data,
there's got to be explicit consent sought from a user before that information is shared.
So companies need to be very, very, very,
careful around that. And I think it's becoming, it's quite widely acceptable, but this explicit
consent is being sort of possible. Then indeed we've seen that Grindr is now trying to do that.
Think about the last time you heard a breach story on this show. It always starts the same way.
Someone somewhere saw something too late, an alert buried, a signal missed, an SOC that just
couldn't keep up. Arctic Wolf set out to solve that problem by rebuilding security.
security operations from the ground up for a world where attackers are already using AI.
They created the Aurora Super Intelligence Platform, a fully agentic system powered by the swarm of
experts. Instead of single-purpose bots or lucky-guess LLMs, this swarm is full of deterministic
agents that handle whole entire workflows. Humans stay in the loop and on the loop to validate
the critical decisions and keep everything trustworthy. And all of this is just off running on
their secure operations graph. A constantly updating intelligence engine fueled by more than
9 trillion telemetry events every week and over a decade of real-world incident response.
The system reasons on real signals and real context not synthetic training data.
And the result is the new Aurora Agent SOC.
It's the first SCC that is agent led by design.
You get agents that coordinate, agents that investigate, agents that respond at machine speed,
and hundreds more that automate the repetitive work that normally buries human analysts.
Arctic Wolf didn't try and bolt AI onto an old model.
They rebuilt the model entirely.
What makes it even more effective is how it works with Arctic Wolf's concierge experience.
The team brings customer-specific context directly into the platform so every AI-driven
decision reflects your environment instead of generic assumptions.
The automation frees your concierge security team to focus on higher value strategy and
proactive risk reductions while the agents handle the grind.
If you want to see what trustworthy, production-ready AI insecurity operations actually looks
like, go to Arcticwolf.com slash hacked.
Ever feel like cyber threats are evolving faster than anyone can keep up?
Last year, 2025 was nothing short of a record-breaking year for major breaches,
from sophisticated ransomware operators to AI-enabled attacks that turn defenses on their head.
Organizations around the world saw headlines they never expected,
and cybersecurity teams were tested like never before.
But here's the thing.
These incidents aren't just news headlines.
They're learning opportunities.
And that's why Arctic Wolf is hosting a live webinar on February 5th,
diving into the most impactful breaches of 2025.
Their field CTO and security leaders are going to unpack not just what happened,
but why these attacks succeeded.
And most importantly, what businesses can do to fortify their defenses for it's too late.
You're going to walk away with real insights into how threat actors are evolving,
how defenders are responding, and what strategies can help you stay ahead of the next big breach.
It's not fearmongering.
It's practical, actionable, intelligence from experts in the trenches.
Register now at arcticwolf.com slash hacked.
We talk about a lot of data breaches on this show when people sort of inadvertently, you know, let some data slip out of their hands.
This alternatively seems like this is about intentional data sharing.
This might be only interesting to me, but how do you go about sort of proving that intent to share this information under like UK data protection law?
Like, would the outcome of this be the same if this had been a data leak?
For two reasons, no.
one is
you know
we are law firm
that considers
lots of these cases
people come to us
there's been lots of
data breaches
hacking
or cyber
security issues
in the
recent few months
and we have to
consider where
a business itself
is the victim
in this situation
and not the
the one who has
actually created the issue
And so we don't necessarily feel like, you know, we should really try and go after a business where they have been the victim of some, you know, some criminal trying to get some kind of ransom money out of them, even though there might be, you know, some criticism about their systems.
it's likely different if a company is really negligent, I would say, where they have the funds to put in place certain processes to make sure data is safe and they don't do that.
That's, you know, I would say the next step up in terms of us thinking, well, yeah, they should have to pay some level of compensation.
And then you have the case of Grindr where it's beyond that.
It's the next step up where they've intentionally shared the data.
And it's, you know, the real intention is something that will come out in evidence.
We've obviously done our work.
We have very, very talent, technical experts who are able to prove these things.
and they have helped to scatter the evidence around this.
But that's, for me, it's the worst thing that you could do in terms of that sort of, you know, in that scale.
Sure.
There is something just intuitively different about losing information, having taken from you, being the victim of a theft.
Even if you were sort of tasked with keeping that information secure, it's a very different beast than you saying,
look at how valuable this information we have is what can we,
we do with it.
Exactly.
And also realizing, well, this actually is a bit more valuable data than just somebody's name.
It's the uniquely sensitive nature of the data is in part what makes it so valuable.
Exactly.
Grindr, another sort of response that I've seen from them is this argument that the users
have effectively consented, not just through the privacy policy that people rapidly scroll
past when they're signing up through these things.
But that by having this stuff listed publicly on a profile, the term I saw was, I think it
was manifestly made public, this idea that you are already sharing this information publicly
through the app and that that sort of functions as something of a defense in this case.
Why, I guess, don't you believe those defenses hold up here?
Firstly, finder hasn't filed a defense yet.
So we don't know exactly what their defenses to this specific case will be.
because the ones that you've mentioned, I believe they've already lost in other courts.
So, you know, if they want to roll out the same defenses, then we'll have to consider that, but they haven't charged a defense.
It's kind of a win, really, if they do.
Yes, exactly.
But, I mean, based on our case and what we've seen and the evidence that we have from our clients,
there was no consent sought or given by our clients.
And sorry, I think you mentioned one more thing.
Or was there a second defense?
I think you mentioned something else.
No, I think we spoke about that one earlier.
There was this idea that they manifestly made it public.
And then earlier in the conversation, we talked about the idea that they'd never monetized
it intentionally and only shared it with service providers.
Yes, I think this is one thing that, you know, our clients have given us quite a lot of
evidence about
in terms of
the idea that this is sharing
publicly
a number of our clients
are not even openly gay
and so
the fact that
the grinder would now suggest
that they share this information
publicly having made
their users feel
safe to firstly use the app
provide the information
and then encourage them
to share HIV
status
with the app
on the basis that
let's make this a safe space
for LGBTQ people to meet.
So share your information freely
so that it becomes, you know, everyone
can make an informed choice
on who they want to
date or talk to.
That's something
that's really upsetting
to our clients.
Did you hear that this could be an issue
or that could be suggesting?
even. I would imagine it wouldn't feel very good to have a value like that of clarity and
communication inside of a community marketed at you to get you to come into this application
only to have it sort of subverted for allegedly commercial gains.
Exactly. And to give you an idea, you know, it's very hard for people to sign up to this
claim with us when they feel already violated by dating it.
So we know there's about a million people on Grindr at any point in time in the UK.
The fact that we have about 12,000 clients, I think it means two things.
One is that not everybody feels comfortable to again put themselves out there and share the information.
Secondly, these are the people who are really, really affected by it.
And like I said, it's not just, well, I wasn't out yet,
or my family didn't know and I wasn't given the choice.
So certainly there was no suggestion of this being public information.
Some people also feel like they're not safe anymore because they have to work in countries
where it's illegal to be gay, so they have to travel to these countries.
And they have no idea where their data has now ended up.
Right.
And so it's causing, you know, a lot of some,
So many of our clients have had to take medication, they have anxiety attacks, they have
sleepless nights. It's so far from that idea that they were happily, openly, publicly sharing
information. I hadn't considered the like international reach of Grindr as having that kind of a
knock on effect for people that are potentially using the app in one area of the world that
maybe they wouldn't in another and what kind of implications of privacy breach like this,
this would have for those kinds of users.
Yes, well, you know, we don't, again, we don't know, let's say the third parties are
international organizations sharing this data across the board.
This is the issue when you sort of lose control of your information.
Once it's out there in the world, it's, it is literally impossible to know where it goes.
Exactly.
Wow.
I want to talk about the users in a minute, but you had alluded to a case in Norway, a regulator there fined them. I think it was six and a half million euros for unlawful data sharing. It was a decision that was then upheld this year, which seems very relevant to what we're talking about. How does that, you know, other European filing strengthen this case?
Well, I think there are a number of considerations that the court looked at that are very transferable to our case and a number of.
of findings that are very transferable.
It's not an exact same case,
but it's easy to look at how Grindr has reacted to these things,
how they responded and how their evidence was poor
in relation to showing that they got consent, for example, compliance.
Obviously, that's another jurisdiction,
but I think it's not a stretch to assume
that their practices worldwide has been,
very consistent and consistently poor in terms of managing private data probably.
I've seen claims that, you know, this is, I've seen claims that this is sort of a mischaracterized
practice, but that the bigger claim seems to be that this is a older practice, that this was
something that happened in the past.
We've moved on.
Why are we digging up all this old stuff?
What is your response to this?
And what reason do you have to believe that this has continued past, say, 2020?
We don't know if it's continued.
I mean, this is also part of, you know, the process of disclosure.
We know for sure that it's happening for a certain period.
But even if it is historic, I mean, you know, a lot of litigation is in relation to historic behavior.
If a big corporate has behaved badly in the past, just because we're now five, six years later,
It doesn't mean they shouldn't have to be some level of compensation, or at least apologize to their users.
And the fact that they're just saying, well, this is in the past and we've now changed things.
It's just not good enough.
Depending on what kind of time frame you're talking about, everything people do wrong occurred in the past.
And maybe by that logic, it's like, well, you can't really be held responsible for anything because that was a different person.
Let's let bygones be bygones.
Also, I mean, you know, they got found out.
It's not a question of them suddenly saying, oh, we are now going to be, you know, behaving better.
They got found out, they got fined.
And it's a result of that that they've been forced to change some of their practices.
I want to talk about, you use the phrase level of compensation, and we've talked about the scale of these fines versus the scale of the behavior.
I want to talk about scale because, you know, Norway, 6.5 million euros, that's a ton of money.
money to either of us or anyone out there in the world, but to grinder. I always hear people use
the metaphor when they're talking about big companies, say losing a case or getting a fine.
People always refer to it as like, oh, that was just a speeding ticket for them.
6.5 million euros to a two and a half billion dollar market cap company is like, it's not even
a speeding ticket. It's like a rounding error to someone like them.
When you pursue a lawsuit like this, what does accountability to,
a company this size look like?
Well, it really, you know, we have very few cases in the UK that have been brought on the basis
that we have brought this case, where you have 12,000 users who can show that they have
suffered distress, because that's what measures level of compensation in UK law.
And so this is a little bit, you know, we, we.
are looking at levels of compensation in other areas, not necessarily on a dating app.
So we're looking at levels of compensation, for example, in the medical field where data has
been shared unintentionally or by negligence.
And these are the sort of factors that we're looking at in terms of determining what
level of compensation someone could get. Of course, it also depends on the individual circumstances.
answers. So some people would be more affected than others, depending on who they are,
what sort of issues they have had, why their data is even more sensitive than others.
Let's talk about them. You alluded to this earlier, but what are some of those real-world
consequences when we look at this type of misuse of data? Like, what have your clients
described to you in terms of like fear,
outing, personal safety risks.
Talk to me about the users of this app.
So I think the vast majority of our clients would say,
you know, they were not ready to come out to their family or friends.
Some of our clients are in, you know,
are married in heterosexual relationships.
And they were on a dating app.
Now, it's not for us to judge whether they should be on this or not,
but that's their prerogative, whether they decide to be on an app
and then, you know, trust the trust grinder with that information.
And then I think on the more, you know, on the other scale,
there's also what I mentioned about people feeling very anxious
about traveling to certain countries.
Some people feel they are in certain professions
where they cannot be openly gay.
So, for example, people who are in the military, they, you know, they don't want to be outed in this way.
And it's, you know, at the back of my mind, sometimes when I read these things, I think of the, I think it's Ashley Madison or I can't remember there was this, where people's data was just published, right?
And here that's not, that hasn't happened.
But I think people feel, when could that happen?
That, you know, if this, if our data has been shared in that way, who has that data?
When will it be that?
Do I now need to, you know, just be up front and tell my employer I am actually gay?
When I wasn't ready to, how do I protect myself?
I think these are the sort of considerations that,
you know, a court would look at.
Yeah, the fear that once information is out in the world, you're kind of constantly waiting
for it to pop up somewhere else.
The Ashley Madison comparison was so apt because that information got leaked.
And then there was sort of an entirely secondary, call it media political something,
where people started saying, it's a good thing for us to take this information and shine
light on it so you can search it and it's indexable and it's parsable.
You can look a name up in it and see what's in there.
And there's all these, no one could have predicted that when the original data set leaked.
But for those users in that middle, there would have been this fear, what if something happens,
what if something happens, what if something happens, and then it does.
So it's that fear.
Exactly.
It's the fear.
It's, you know, some of these things may not happen, but the fear is what creates the distress in our clients.
And that's not something they can really sort of move on.
from even if it's four, five years later. And we don't even know if it, you know, that practice
has stopped. We don't know where the data has ended up at this point. And that that's the sort
of transparency we are looking for from Grindr. And even if someone listening to this is thinking
to themselves, well, you share an piece of information with an application, it is posted publicly
on a profile, you should accept the premise that it is going to be public. Those people did not
consent when they share that information allegedly to that party.
sharing it with third parties, fourth parties,
without, with it going out into the world
beyond the confines of
a geoloced dating app.
Yes. I mean, it's, you know, it's like
you walking into a room and saying,
okay, I'll share my information with 10 people
in this room, and this is where it ends,
and then you find out, actually,
it's just gone out to the whole world.
That's the difference here.
Right. One of the 10 people in that room
was like, oh, I was live streaming this whole
time. Exactly.
Should I not have done that? Would you like
me to have told you I was going to do that before you walked in and shared this very personal
information.
Huh.
I guess to wrap up, like, what message do you hope something like this sends to tech companies
that hold this, you know, in some cases, very deeply personal data, especially those that
are marketing themselves as safe spaces for, you know, different communities?
Well, I think there are different things to think about because if you want to be, you know,
a responsible company, a lot of these companies.
companies want to be, you know, to promote their ESG status and everything they stand for,
it's very important to be able to demonstrate that they're treating people fairly.
So there are different ways you could do that.
One is obviously making sure you're getting consent properly from clients.
But the other way of doing this in a very equitable way is actually
giving value to the data that you are sharing.
So there is a value to this data and the more sensitive your data is, the more valuable it is.
And so giving me and you the choice to say, well, if you are going to share this data,
you pay me, I don't know, 20 pounds, 50 pounds or something.
Or I get a free subscription or whatever it might be.
That is the way to recognize the value of our data instead of essentially stealing it,
making money off of it and us not even realizing that.
Jaya, thank you so much for sent down talking about this. I found it genuinely fascinating.
Thank you so much. Really good to speak to you.