Last summer, Tinder announced Photo Selector, an AI tool to help pick out the best pictures for your dating app profile. But privacy experts warn that there may be risks associated with the tool.
Photo Selector works by taking a photo of yourself for facial recognition and allowing Tinder to see your photo roll. If you consent to this feature, Tinder gets access to your biometric data (unique physical characteristics in the selfie), and access to your on-device photos. What happens next?
Tinder's use of biometric (and other) data
The good news is, there are some privacy positives about this feature. One, as Tinder explains in its Photo Selector FAQ, is that the feature works on-device. This means that it doesn't take your photos to an external or cloud drive.
As for your biometric data, Tinder states in the FAQ that, "Tinder doesn't collect, store, access or otherwise receive any biometrics generated from your selfie video, profile photo, or photos on your camera roll. Instead, everything takes place entirely on your device, and all biometric data used as part of this feature is deleted from your device once you exit the feature."
Tinder also doesn't collect (store) all the photos on your roll. Rather, it only collects photos that you choose to put on your profile.
Rory Mir, associate director of community organizing at the Electronic Frontier Foundation (EFF), told Mashable that the deletion of biometric data after use does mitigate risks associated with sharing this data. Still, dating app users — and people online in general — should always be cautious when sharing sensitive data like this, Mir said.
"You only have one face," they continued. "You don't want your face print to wind up in a server permanently and [be] used against you in another context."
Sharing biometrics is currently an opt-in, consent-driven feature at Tinder. The EFF fights for strong privacy protections like this in the private business sector: The ability for consumers to choose to opt-in, that the collection of this data is limited for its intended purpose, and that users can withdraw at any time. (EFF also fights for government use to be fully banned.)
Mir questioned whether Tinder collected metadata or telemetry data, as it wasn't clear in its Privacy Policy. Metadata is "data about the data" — like how many photos are on someone's camera roll — while telemetry data is that of the processes of the app and how it runs.
A Tinder spokesperson told Mashable that it doesn't collect telemetry data on users using the Photo Selector tool. In terms of metadata, the app collects "limited analytics data." An example the spokesperson gave was that Tinder collects data about how long the tool took to suggest photos, and how many photos were recommended.
Another general risk Mir identified was the normalization of sharing biometrics. They advised people to avoid sharing biometrics, which would mean avoiding using this feature (and Tinder photo verification using a video selfie).
What about the Photo Selector AI?
Field chief privacy officer at privacy tech platform Transcend — and former privacy program manager at Tinder — Ron De Jesus said it was notable that Tinder didn't mention whether it trained its Photo Selector AI on user photos in its FAQ.
"There's no mention of how user personal data might be used to enhance or train that AI that's supporting the Photo Selector tool," De Jesus told Mashable.
In the age of AI, there are concerns that big tech companies like Meta may utilize customer data to train AI models, thus producing generative content based on what humans have put online.
Tinder's spokesperson told Mashable that user photos are not used to train Photo Selector or the algorithms that power it, and that photos are recommended based on Tinder's proprietary algorithms.
This is also good news, especially in the dating app space. Singles share a wealth of their personal data when they use these apps, and sometimes their data is at risk — like when Bumble, Hinge, and other apps had to patch a location vulnerability. Ultimately, dating apps have a great responsibility because of the amount and type of sensitive data they hold, De Jesus said. It seems that, at present, Tinder is mitigating these risks.
UPDATE: Aug. 7, 2024, 2:11 p.m. EDT This story has been corrected from its original version to reflect Ron De Jesus's former title at Tinder.
