Grindr, the popular dating app for gay, bisexual, transgender and queer people, looks like it might be changing hands again, a year after it was acquired at a valuation of $245 million. According to a report in Reuters, Grindr’s owner Kunlun is looking for a buyer of the company after the Committee on Foreign Investment in the United States (CFIUS) determined that having the app owned by a Chinese company poses a national security risk.
Kunlun originally acquired a 60 percent stake in the company in 2016 for $93 million and completed the acquisition in January 2018, reportedly paying an additional $152 million.
Kunlun also publishes games, provides online financial services, and has other internet holdings such as the Opera internet browser. It has something of a track record with regulators over data privacy concerns, but also of being okay with losing battles to win the war, so to speak.
In 2016, when the company was part of a consortium acquiring the internet company Opera for $1.2 billion, it eventually renegotiated the deal down to $600 million for only part of the business after regulators raised red flags over data protection concerns. Kunlun is now a 48 percent shareholder of Opera Software as part of the Chinese consortium that owns the Norwegian company.
In August, it was reported that Kunlun had started the ball rolling for an IPO of the Grindr app. That is a process that has now been halted, writes Reuters, with the investment bank Cowen now handling enquiries in a sale process instead.
Interested parties reportedly include investment groups and competitors. We have reached out to the Match Group (which owns Tinder), Bumble, and Bumble’s owner Badoo to ask if they are among the bidders.
So far, Badoo’s founder and CEO Andrey Andreev has responded to say his company is not among the bidders.
We have also contacted Kunlun and Grindr for comment and will update this post as we learn more.
According to the report, the main reason for the CFIUS flagging Kunlun’s ownership is its concern over personal data protection.
Personal data protection has become a growing area of concern for government agencies because of an increasing number of data breaches, and how that data in turn gets used. The problem is not just private individuals, but specifically those who are in the government or military, who might be more vulnerable routes to disclosing confidential state information if their data gets compromised.
It’s not clear from the report what the specific concerns are that the CFIUS had with Grindr’s own data and how it is used. However, it’s notable that the company — which reported 3.3 million daily active users globally at the time of its acquisition last year, with some 27 million registered users overall as of 2017 — has been in the spotlight several times in the last few years over personal data and its handling of it.
Back in 2016, a researcher demonstrated how malicious hackers could pinpoint the location of users on the app. In 2018, it got embroiled in a controversy around how it shared users’ HIV status with third parties. Later in the year, the app was found again to be exposing users’ exact locations, this time to a third-party app that had gained unauthorized access to Grindr’s private API. And at a time when opinion has very much soured over just how much Facebook knows about us and how that information is used, Grindr was found (along with other apps) to be sending a lot of information to them, by way of its use of the Facebook login.
Agencies and others in positions of power in government have not been the quickest-responding to changing tides in technology, what the implications of those might be, and how they could and should act on behalf of consumers and the state to help protect them. (As one small example, if you watched any of the hearings involving Facebook and other internet companies, the elementary nature of some of the questions highlighted just how far behind certain decision makers are in their understanding of tech.)
In light of that, the CFIUS seems to be trying to redouble its efforts to help address that.
Notably, as Reuters points out, this is a very rare instance of the inter-agency committee flagging an acquisition that has already closed. Usually, it will halt a deal before it is completed, such as in the case of China’s Alipay dropping its planned acquisition of MoneyGram or Broadcom’s failed acquisition of Qualcomm, both stemming from objections by the CFIUS.
It seems that one of the reasons why the CFIUS has acted, or is in a position to be able to flag the sale after it’s completed, is because Kunlun never submitted its acquisition of Grindr to the agency for review at the time of either the first or second tranche of the deal, Reuters writes.
The twist that the acquirer happened to be Chinese, of course, is also notable.
China has been identified numerous times as the backer of many state-sponsored hacking groups; leading companies from the country, like Huawei, are embroiled in ongoing cases of corporate espionage; and more generally country is in the middle of a trade war with the US. That trade war concerns tariffs between the two countries, and technology is one of the leading actors in it because of the huge business that it represents. Beyond that, technology and specifically the data that can be collected using technology provide huge leverage in the power one country can hold over the other.