In December 2021, the Norwegian Data Protection Authority (DPA) issued an administrative fine of NOK 65 million (around EUR 6.5 million) against dating app Grindr for disclosing personal information about users to third parties for behaviour-based marketing without a legal basis. The decision followed complaints against Grindr and five adtech companies written by None of Your Business (noyb) and filed by the Norwegian Consumer Council (NCC) in January 2020.
On February 14, 2022, Grindr lodged an appeal against the DPA’s decision, with the appeal being reviewed by the Privacy Appeals Board. NCC together with partners such as noyb, Norwegian law firm Hjort and with assistance from cyber security firm mnemonic are aiming to ensure that the original decision is upheld throughout the appeals process. Meanwhile, NCC are also following up on the progress of the complaints against adtech companies Mopub, Xandr, Open X, Smaato and AdColony in the same case complex.