Metro Weekly

Scruff buys gay dating app Jack’d after it was fined for exposing users’ nudes

Jack'd failed to fix a software bug that exposed users' private albums for a year

Gay dating app Scruff has bought its competitor Jack’d, after the latter was fined for exposing users’ private photos.

Earlier this month, Jack’d agreed to pay $240,000 to 7,000 users in New York after a bug in the app left users’ private photo albums — which often contain sensitive images — exposed to potential hacks.

Jack’d reportedly fixed the loophole in its app in February, but had known about the bug for a year prior to the fix.

New York Attorney General Letitia James was less than thrilled about the app’s LGBTQ users potentially having their nudes stolen, and said that the app’s owners, Online Buddies, had violated consumer trust by breaking their own privacy policy.

It was particularly notable given Jack’d’s five million users — around half of whom are in Asia — includes large numbers of queer and trans people of color (approximately 80%), who are more at risk of potential discrimination than their white LGBTQ counterparts.

“This app put users’ sensitive information and private photos at risk of exposure and the company didn’t do anything about it for a full year just so that they could continue to make a profit,” James said in a statement. “This was an invasion of privacy for thousands of New Yorkers. Today, millions of people across the country — of every gender, race, religion, and sexuality — meet and date online every day, and my office will use every tool at our disposal to protect their privacy.”

Following the settlement, Jack’d has been bought over by Scruff owner Perry Street Software, which — following the acquisition — now claims to be the “largest fully LGBTQ owned and operated software company,” the company said in a statement.

“For years, we have admired the diverse and global community of Jack’d,” Perry Street CEO Eric Silverberg said. “This acquisition will provide Jackd’d members with the same combination of technology and active moderation we have developed at SCRUFF, so that the Jack’d community members will be protected against harassment, spam bots, scammers, and risks while traveling.”

Silverberg told the Daily Beast that Perry Street will be much more proactive in policing bugs and flaws in Jack’d, and will reportedly redesign the app to overhaul its technologies, privacy, and stability.

” I cannot even fathom a scenario where someone would bring this to our attention and we wouldn’t address it immediately,” Silverberg said of Jack’d potentially exposing users’ data. “It was frankly unfathomable to us when we first read about it in February.”

He added: ““If there’s any suggestion of a data breach or a security issue, we stop what we’re doing and work relentlessly until it’s addressed.”

Jack’d’s security issues aren’t unique, with gay dating app Grindr in particular being forced to deal with a number of software and privacy-related mishaps.

Last April, Grindr admitted it had been sharing users’ HIV status with two outside companies, including last-tested dates and whether HIV-negative users’ were taking PrEP.

The data was sent together with users’ GPS data, phone ID, and email, which meant it could be used to identify specific users and their HIV status, a researcher said.

And in March 2018, a website that allowed Grindr users to see who had blocked them went live, enabled by accessing elements of Grindr’s private software APIs.

In addition, the service’s developer said Grindr’s APIs could be exploited to create a map showing data from register profiles at a neighborhood level — including where users of the app are located.

Earlier this year, the U.S. government identified Grindr as a potential national security risk because of the specific data it holds on users — data which is stored and handled by the company’s Chinese owners, Beijing Kunlun Tech Co Ltd.

The Committee on Foreign Investment in the United States (CFIUS) deemed foreign ownership of Grindr to be a risk, with speculation being that Grindr’s data could potentially be used to identify the location of U.S. military and intelligence personnel.

Support Metro Weekly’s Journalism

These are challenging times for news organizations. And yet it’s crucial we stay active and provide vital resources and information to both our local readers and the world. So won’t you please take a moment and consider supporting Metro Weekly with a membership? For as little as $5 a month, you can help ensure Metro Weekly magazine and MetroWeekly.com remain free, viable resources as we provide the best, most diverse, culturally-resonant LGBTQ coverage in both the D.C. region and around the world. Memberships come with exclusive perks and discounts, your own personal digital delivery of each week’s magazine (and an archive), access to our Member's Lounge when it launches this fall, and exclusive members-only items like Metro Weekly Membership Mugs and Tote Bags! Check out all our membership levels here and please join us today!

Rhuaridh Marr is Metro Weekly's online editor. He can be reached at rmarr@metroweekly.com.

Leave a Comment: