One of the most popular Dating apps Tinder has recently been entered in the register of organizers of information dissemination.
In accordance with the law "On information, information technology, and information protection", Roskomnadzor together with state security bodies carrying out operational investigative activities keep an information register.
What are the consequences?
The organizers of information dissemination have to store data about the facts of reception, transmission, delivery or processing of voice information, written text, images, video, or other electronic messages of users during the year since the end of the implementation of such actions.
The messages should be stored for 6 months.
Furthermore, the organizers of information dissemination are obliged to provide this information at the request of law enforcement agencies in the implementation of their operational and investigative activities!
It is worth noting that the obligation to retain information for an extended period of time is a subject of active discussion in the international community. Such a requirement may contribute to security, but it creates a significant burden on information intermediaries and may even result in privacy violation.
Within the European Union, following the terrorist attacks of 2004-2005, a data retention Directive was adopted. The Directive required operators to retain certain categories of communications data, i.e. traffic and location data (excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism. Nevertheless, on the 8th of April 2014, the Court of Justice of the European Union declared the Data Retention Directive invalid.
In fact, decisions noted that the Court did not prevent EU countries from enacting laws on the targeted retention of traffic and location data in order to combat serious crimes in cases where such retention is limited to categories of stored data, means of communication, persons and retention period.
Thus, today, the issues of preservation of communication data in the EU are regulated at the national level but suggest the need for limited application of this requirement.
The OECD advocates limiting the responsibility of information intermediaries and striking a balance between security and privacy.
At the same time, the EU has adopted a regulation on personal data - the GDPR Regulation, which creates additional guarantees for personal data subjects. In particular, the GDPR regulates in detail the right to data portability.
And Tinder complies with this requirement. On the official website of the application, you can find a "How do I request a copy of personal data?” page. It gives information on how a person can get a copy of his / her personal data that he / she has provided using the application.
The OECD welcomes the portability of data to empower consumers and increase competition among digital product suppliers, by reducing information asymmetries and entry barriers.
Translation by: Boryana Kiskinova