Considerations for the Protection of Women’s Privacy on Online Dating Apps in Kenya

Considerations for the Protection of Women’s Privacy on Online Dating Apps in Kenya

Introduction

Online dating applications, commonly referred to as dating apps, are dating services that are available through mobile dating applications which enable people to meet potential partners. Online methods of meeting partners are not new, and their history can be traced to the 1600s when personal ads were used to connect with potential partners.

The first personal ad was published in 1685 in a British agricultural journal, PBS Infographic, by a gentleman who would “willingly match himself to some good young gentlewoman that has a fortune of 3000 pounds or thereabout, and he will make a settlement to content” In 1727, the first ad by a woman was placed in the lonely-hearts column of the Manchester Weekly Journal. Helen Morrison’s ad stated that she wanted “someone nice to spend my life with”. This ad, unfortunately, landed Helen in trouble, as the mayor sent her to an insane asylum for four weeks. Throughout the 1800s, personal ads gained popularity, but so did the risk of fraud, as many people fell into the hands of fraudsters. By the 1990s, with the invention of the internet, personal ads found their way into the world wide web, and single people began connecting on sites such as Prodigy and Craigslist, and other online chat rooms and forums.

In 1995, Match.com was launched as the first dating website. It went further than online forums like Prodigy and Craigslist as it enabled users to select the age, hobbies, location, and other preferences of their partners. In 2007, Zoosk became the first dating website that offered a mobile application, making the dating service accessible on mobile phones. Since then, more and more people have resorted to online dating apps to meet potential partners, and there is a good reason why dating apps are gaining popularity, both globally and on the continent.

A study done by the University of Chicago found that one-third of marriages between 2005 and 2012 began online and that online couples have longer and happier marriages. Roshan and Dave, for example, met on OkCupid, and after their first date, “we both deactivated our OkCupid profiles and started communicating like normal people and we have been together for four years and just got married”.

Unfortunately, unlike Roshan, other women have had not-so-pleasant experiences with dating apps. Some women have faced cyberstalking, extortion, and harassment as they use dating apps. In addition to these risks, other risks associated with the use of dating apps are privacy risks.

Online dating is driven by data. The more data a user shares, the easier it is for the dating app to match them with a suitable match. For this, users trade their location data; sensitive data such as health status, personal preferences, and login information for social media accounts in the hope of finding a partner. Data leaks of such important information can lead to significant harm to users, as has happened in the past. In 2021, a hacker leaked the data of 2.28 million users such as their real names, marital status, location, email addresses, and Facebook accounts. In addition to these, a report found that dating apps sell user information to third parties for the purpose of advertising.

Dating App Privacy Policies

In light of the great risks to privacy, it is important for dating apps to demonstrate that they respect their users’ privacy, as provided for by Article 12 of the Universal Declaration of Human Rights, Article 17 of the International Covenant on Civil and Political Rights and under Article 31 of the Constitution of Kenya. Dating app privacy policies often give a strong indication of whether they respect the privacy of their users. They explain to their users how they collect and process their data, the purpose for which they collect that data, whether they share data with third parties; the existence of automated decision-making systems; and how to contact their data protection officers and supervising authorities. In assessing whether the privacy policy of a dating app offers sufficient protection for women’s privacy, three key things can be considered: The accessibility of the privacy policy, how often changes to the privacy policy are made, and how accessible its reporting channels are.

Access to Privacy Policies

Section 26 of the Kenya Data Protection Act provides that a data subject has a right to be informed of the use to which their personal data is put. In terms of how this information is to be presented, The General Data Protection Regulations provide dating apps with guidance. Recital 58 of The General Data Protection Regulations provides that any information that is addressed to a data subject should be concise, easily accessible, and easy to understand. In addition to this, clear and plain language should be used. Dating apps should therefore have in place privacy policies that are easily accessible, easily understandable, easy to find, and in clear and plain language.

Bumble has a privacy policy on its app that is easily accessible on its first page. The privacy policy is in English, and it has been broken down into sections, with section headers, and has been presented in readable font size. Tinder similarly has a privacy policy, in English, which is available on the first page once you download the app. The privacy policy starts with a content section; so a user can see all the sections that the privacy policy covers and one can click on a particular header and access its contents.

Both Tinder and Bumble have written their privacy policies in plain language that is easy to understand. At the same time, OkCupid lets users know that they have kept legal and technical jargon to a minimum. On accessibility, OkCupid places two links to their privacy policy on their website homepage-one link strategically located right above the link to join the app, at the center, and the second link on the website footer. Bumble and Tinder have placed the links to their privacy policies on their website’s footer.

Changes to privacy policies

As noted above, privacy policies provide users with information concerning how their data is used, collected, and stored or how personal data is shared with other parties. Any changes made to a privacy policy affect the privacy of users, in that such a change could impact how personal data is collected, used, or shared. For example, a dating app could enforce a change with the effect that advertisers and other data brokers will have unlimited access to the sensitive data of users, and this is information that the users should know. Dating apps should therefore disclose to their users when they make changes to their privacy policies before the policies take effect. More specifically, they should ensure that policy changes are easily understandable and easy to find; and they should ensure that users are directly notified of these changes. In addition to this, they should come out clearly about how users will be directly notified of these changes; and the timeframe within which the notification will be made.

Tinder’s privacy policy contains a section on privacy policy changes and lets users know that they will be notified before material changes take effect so users have the time to review them. Bumble’s change to privacy statement lets users know that they will only be notified of a change in the privacy policy if, and this is in their sole discretion, the policy change is material. Bumble will let users know of such a change through the users’ email or by posting the notice within bumble. OkCupid lets its users know that they will be notified before any material changes take place so that they have the time to review the changes. However, all the apps do not let users know the time frame within which users will be notified of the changes, and only Bumble discloses how this will be done.

Dating app users in Kenya face great risks to their privacy as indicated above, and it is in their interest to be provided with information regarding changes in privacy policies as and when they happen so that they can make an informed choice as to whether they would want to continue using the apps. If, for example, there is a change to the policy to the effect that governments will be given access to users’ data immediately after they demand it, it would be in the interest of women users to know this, as this might be a way for repressive governments to get access to the data of women activists who use the apps, thereby risking their lives.

Updates to privacy policies are key in safeguarding users’ rights, and dating apps should also update their policies to reflect their data practices. It follows that users should be provided with information about these changes. Bumble on its website notes that the privacy policy was last updated on the 16th of January 2023. OkCupid stated that the privacy policy applies from the 22nd of November 2022. For Tinder, the privacy policy applies from the 25th of January 2023.

Reporting channels and access to information

Reporting channels and access to information are an important aspect for the protection of user privacy. In the event of a data breach or in the event a dating app user has a concern over their privacy, the user should be able to seek assistance from the dating app, and the ways to seek assistance or further information should be clear. The General Data Protection Regulations, for example, states that data subjects should be provided with the contact details of the data protection officer, where applicable. The Kenya Data Protection Act states that the contact details of the data protection officer shall be published on the data controller’s website. Dating apps should ensure that the contact details of their data protection officer are accessible on the privacy policy, to provide a way for users to seek more information or ask for assistance.

Bumble has provided an email address through which users can exercise their rights. For OkCupid, the privacy policy states that users outside of the European Economic Area, the United Kingdom or Switzerland have been provided with a postal address through which they can reach the data protection officer. This is certainly not an easy way for dating app users in Kenya to submit information requests or ask for assistance. Users of Tinder outside of the European Economic Area, the United Kingdom, or Switzerland have also been provided with a postal address through which they can submit a question on the privacy policy or report a safety or privacy concern. It is concerning that the two apps do not provide an easy way through which users, especially women, can contact them regarding any privacy issues. Privacy risks are critical matters and women users should be able to contact data protection officers, and not wait days and months for a request that has been delivered by post to a different continent.

Conclusion

Dating apps are increasingly growing in popularity in Africa, and has been noted above, Tinder and Bumble have a market share of 32% and 8% respectively. Dating apps are also growing in popularity in Kenya. With the number of users growing, dating apps should put in place measures to ensure that women’s privacy is protected as they use the apps. One such way is by ensuring that privacy policies are accessible to users and ensuring that access is meaningful. Both Tinder and Bumble’s privacy policies are accessible on their websites and are easy to understand. However, dating apps need to go a step further and work with stakeholders to translate their privacy policies to Kiswahili, so that they are accessible to women who do not speak English in the country.

Secondly, dating apps should include in their privacy policies change logs that document all the changes to their privacy policies, and when those changes are made. Users should also be notified when these changes are made so that they are able to decide whether to continue using the service and to make informed choices concerning their privacy.

Lastly, the apps should provide easier and more accessible ways for women users to request information or report privacy concerns. It is not enough for dating apps to provide postal addresses for users in Kenya. They should provide dedicated channels through which women can report privacy infringements or seek help if they have privacy concerns.

 

 

Image by vectorjuice on Freepik

Leave a Comment

Your email address will not be published. Required fields are marked