Dating blacklist sites
The operators of these sites cull vast amounts of data from users (age, interests, ethnicity, religion, etc.), then package it up and lend or sell the data to online marketers or affiliates.Often, this transaction is gift-wrapped with the promise that your individual data is “anonymized” or sold in aggregate form, yet users should be wary of such promises.
Some people don’t mind having an online dating site publicly indexed and searchable, but if you find the thought disquieting, then dig into your privacy settings and make sure that your profile is only viewable to other logged-in users on the site. Photo identification services like Tin Eye and Google Image Search make it a trivial matter to re-identify photos that you’ve posted online.In fact, dating sites have an impetus for maintaining your informationwhat if things don’t work out and you want to reactivate your profile in a few months?But having your data hanging around on a company’s servers, even if they aren’t actively serving that content to the web at large, raises a host of privacy issues.Information such as age, drug use, drinking frequency, ethnicity, gender, income, relationship status, religion and more was leaked to online advertiser Lotame.You should consider contacting the sites you use to clarify their practices and letting them know your concerns.The vulnerability allows an attacker to impersonate another user, send messages on his behalf, access sensitive data like photos and messages, and even view passwords.
Grindr acknowledged the vulnerability on January 20th and promised a mandatory update to their software “over the next few days.” To date, Grindr's blog and Twitter profile do not mention a security fix for the flaw.
At least one study suggests that it’s possible that even photos you have never uploaded before could be used to figure out your identity.
So think hard about how you’d feel if a potential employer or acquaintance found personal data about you on a dating site.
In short, photos are hosted on an outside company’s servers.
As Joseph Bonneau explained, the main website provides an obfuscated URL for the photo to anyone it deems has permission to view it.