HN
Today

FTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data

The FTC took action against Match Group over OkCupid's unauthorized sharing of millions of user photos and data with a facial recognition company in 2014. Hacker News is abuzz with outrage over the lax settlement, which critics say amounts to a mere "don't do it again" for a 12-year-old privacy breach. This story highlights the persistent issues of corporate data practices and regulatory effectiveness in protecting user privacy.

44
Score
15
Comments
#9
Highest Rank
5h
on Front Page
First Seen
Mar 30, 4:00 PM
Last Seen
Mar 30, 8:00 PM
Rank Over Time
911101522

The Lowdown

The Federal Trade Commission (FTC) has concluded an action against Match Group, the parent company of dating service OkCupid, regarding the unauthorized sharing of user data. The case, which dates back to events in 2014, involves OkCupid providing sensitive personal information to a third-party facial recognition firm without explicit user consent or proper disclosure. This action has sparked significant discussion on Hacker News about corporate accountability and the effectiveness of regulatory enforcement.

  • In 2014, OkCupid shared nearly three million user photos, along with demographic and location data, with Clarifai, a facial recognition technology company.
  • This data transfer occurred without users' knowledge or consent, directly contravening OkCupid's own privacy policies at the time.
  • The third-party recipient, Clarifai, had no formal business relationship with OkCupid; rather, OkCupid's founders were financial investors in Clarifai, raising questions of conflict of interest.
  • The FTC's settlement prohibits Match Group and OkCupid from misrepresenting their privacy policies in the future but does not mandate the purging of the illegally transmitted data or include substantial financial penalties.
  • Commenters noted the action covers events from 12 years ago, with allegations of Match Group intentionally obstructing the FTC's investigation during that period.

This FTC action against Match Group underscores the persistent challenges in enforcing data privacy regulations against large tech companies. While the settlement aims to prevent future privacy policy misrepresentations, the lack of significant punitive measures or data purging requirements has left many questioning the true impact of such regulatory oversight on corporate behavior and user protection.

The Gossip

Slap-on-the-Wrist Settlement Sentiments

Many HN commenters expressed profound disappointment and frustration with the FTC's settlement, viewing it as a lenient outcome for a significant data privacy breach. The core of the criticism is that the agreement primarily prohibits future misrepresentation without imposing substantial fines or requiring the deletion of the improperly shared data, leading to a perception that it's merely a "don't do that again" directive rather than a meaningful deterrent for corporate misconduct.

Data Sharing Debacles & Deep Dives

The discussion delved into the specifics of OkCupid's data sharing, particularly the revelation that millions of user photos and data were provided to Clarifai, a facial recognition company, without consent. The alleged connection between OkCupid's founders and Clarifai as investors was a point of concern. Commenters also broadly discussed dating apps' questionable data practices, including NLP analysis of user messages and general data security issues.

Dating App Disasters & Discrimination Debates

Several users shared personal anecdotes highlighting negative experiences with Match and OkCupid, including instances of account data being erroneously merged with others and general frustrations with the platforms' reliability. Another point of contention was OkCupid's practice of differential pricing based on gender, sparking debate on whether this constitutes discrimination or a pragmatic (albeit controversial) approach to balance user demographics.