Cleric's Location Data Exposed, Raising Concerns about Privacy Vulnerabilities; Potential Victims Include Anyone
This week, one of the most disconcerting tech privacy scandals emerged on the web: an exploration into a cache of location data extracted from a mobile device belonging to a prominent Catholic Church figure, Jeffrey Burrill. Similar to other stories disclosing information hidden within ordinary individuals' location data, sensitive aspects of Burrill's life were disclosed from these datasets: frequent visits to gay bars and nightclubs. Burrill did not delay in resigning.
Reactions to this revelation, leaked by The Pillar - a digital outlet specializing in stories concerning the Catholic Church - were diverse. Some zealots celebrated the attempt to expel those perceived as sinners from religious institutions. Alternatively, others denounced it as a brazen encroachment upon Burrill's personal privacy rights. The main question that both sides raised, but no one seemed able to answer, concerned the data's origin.
The National Catholic Reporter was first to report on Burrill's sudden resignation, citing a circulating internal memo among members of the United States Conference of Catholic Bishops (USCCB) that morning. This Tuesday memo announced with sorrow that Burrill was stepping down, following barely a year as Conference general secretary. The memo offered no specific reasons for the abrupt departure except cryptically alluding to the USCCB staff's awareness of "impending media reports suggesting possible unethical conduct" on Burrill's part, which could potentially become a distraction if left unaddressed.
Less than an hour later, we received a copy of the said "media report."
"A mobile device associated with Burrill consistently emitted data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020, both at his USCCB office and his USCCB-owned residence, in addition to USCCB meetings and events in other cities," the Pillar revealed, noting that these signals were "obtained from a data vendor and authenticated by an independent data consulting firm" previously contracted by the Pillar.
With the help of this mystery firm, the Pillar was able to decipher the sea of somewhat anonymous signals that form the foundation of most publicly purchasable data sets to determine which anonymous signal belonged to Burrill's device.
"Commercially available app signal data does not disclose the names of app users, but rather associates a unique numerical identifier to each mobile device using particular applications," the Pillar explained in a blog post. "Signal data, gathered through user consent and then sold by data vendors, can be analyzed to provide timestamped location data and usage information for each numbered device."
After deducing that a certain device frequently visited Burrill's residence, a family lake house, and USCCB HQ during meetings where Burrill attended, the reporters determined that this was undoubtedly... Burrill's phone. Upon mapping out where else this device traveled over the past three years, they found a trail strewn with gay clubs and bars, all triggered by the "near-daily" signals dispatched each time Burrill opened Grindr on his device.
In short, either an unusually gay thief was making off with this man's phone multiple times per week, or Burrill was silently grappling with the same "closeted hell" that is a characteristic aspect of the Catholic Church's strict stance on homosexuality among its clergy.
It is somewhat strange to think about - but over the past decade, Grindr has transitioned from being a major name in gay hookup culture to becoming an app infamous for exacerbating harm in those same communities. For instance, the platform became the "tool of choice" for Moroccan influencers aiming to publicly out gay users as part of a tone-deaf social media prank that resulted in at least one user's suicide. More recently, homophobes have used the app to stalk and, in some cases, murder, gay men seeking sexual encounters in Ireland, Belgium, and Louisiana.
In response to the Burrill case, a Grindr spokesperson told Gizmodo that they "do not believe Grindr is the source of the data behind the blog's unethical, homophobic witch hunt."
"We have looked closely at this story, and the pieces simply do not add up. Grindr has policies and systems in place to protect personal data," they stated, conveniently avoiding addressing how the company's own policies and systems may have enabled user data exploitation for years.
Another blog, published by The Catholic News Agency - another faith-focused outlet that previously employed the two reporters behind The Pillar's story - delves slightly further into these "exploits." This blog, published a day before their investigation was released, focused on the looming danger of "private parties using national security-style surveillance technology," particularly to "track the movements and activities" of Church personnel. And the Agency knew of this technology's existence because they had been presented with this exact story in 2018:
The issue was initially presented in 2018, when a person intent on reforming the Catholic Church approached various Church individuals and organizations, including Catholic News Agency. This individual claimed to have access to technology capable of identifying clergy and others who used popular "hook-up" apps such as Grindr and Tinder, and to pinpoint their locations using the internet addresses of their computers or mobile devices.
The idea was to secretly hand over this information to Church authorities, hoping they'd take action against individuals using these technologies to breach their religious vows and potentially cause embarrassment for the Church.
It's not unlikely that this anonymous figure showed up following a string of revelations about Grindr sharing vast quantities of data with various data brokers and adtech platforms, which helped keep their free service running. Grindr was challenged about why these entities weren't just accessing their location, but also their HIV status, ethnicity, or any other data. Grinder's consistent reply was that data shared with these intermediaries was protected with encryption, ensuring anonymity. In a subsequent blog post, titled "Setting The Record Str8," Grindr proudly proclaimed that their system only shared basic, hashed identifiers - the same type used to trace Burrill's alleged device.
However, only Grindr has the information to verify their truthfulness. Historically, these adtech middlemen that Grindr collaborates with have been known to stretch the truth for financial gain. Grindr, on the other hand, has a history of unquestioningly accepting these falsehoods, even when they led to numerous lawsuits from regulators and a host of disgruntled users.
Currently, both Grindr's Android and iOS apps show 25 tech companies collecting data from within the app, according to the latest reports from AppsFigures. All these partners are aiming to capitalize on the LGBT consumer market, just like numerous companies leveraging this data. The enormity of advertising companies today, coupled with the lack of stringent regulation, makes it impossible to determine the true identities of these companies or their intentions for the data they acquire. Are they targeting supporters of LGBT causes? Are they covertly profiling queer individuals of color? Are they gathering more data on Catholic figures? Yet to be determined. The only certainty is that these dreadful scenarios are generating substantial revenue for someone, somewhere.
The future of privacy in the tech industry is a pressing concern, as seen in the case of Jeffrey Burrill's personal data being misused. Tech companies must prioritize user data protection to prevent such breaches.
This scandal highlights the potential dangers of relying on tech companies to safeguard sensitive information, as evidenced by the alleged exploitation of Grindr user data. As our reliance on technology increases, the need for robust data security measures becomes more essential.
