Scruff has bought Jack’d, a dating app fined hundreds of thousands of dollars for exposing users’ nude photos.
The privately held app bought Jack’d for an ‘undisclosed sum’.
Owned by Manhunt, Jack’d was found guilty of not protecting its users’ private images two weeks ago.
The app had to pay 1,900 users in New York a total of $240,00 (€213,000).
Attorney General Letitia James said private photos were ‘vulnerable to exposure’ due to a lack of substantial security.
‘This app put users’ sensitive information and private photos at risk of exposure,’ said Attorney General James via a press release. ‘And the company didn’t do anything about it for a full year just so that they could continue to make a profit.’
She then added: ‘This was an invasion of privacy for thousands of New Yorkers.
She also said: ‘My office will use every tool at our disposal to protect their privacy.’
Jack’d must now implement a comprehensive security program to protect user information. It also needs to ensure they address any future vulnerabilities promptly.
Eric Silverberg, CEO of Perry Street, said the opportunity to buy Jack’d was a ‘unique one’.
‘If there’s any suggestion of a data breach or a security issue, we stop what we’re doing and work relentlessly until it’s addressed,’ he told the Daily Beast.
‘The work we do is personal for our members, and it’s personal for us. We are sharing our community, sharing this app, with our friends and loved ones.’
How does Jack’d work?
Photos on the Jack’d app can either appear in a public or private (also known as locked) setting.
All public photos (which cannot contain nudity) are viewable by any user. But users can also unlock their private photos (which can contain nudity) to other specific users.
They can then lock them again, if they choose.
This policy states the company takes ‘reasonable precautions to protect personal information from…unauthorized access [or] disclosure.’
But the lack of security meant almost 4,000 users were at risk of a hack to their private photos.
A study released in February last year showed privacy weaknesses in both Jack’d and Grindr.
Jason Chao said he can prove the apps are not encrypting data sent to third party advertisers. This allows anyone to intercept the data, transfer, and steal it.
Speaking to Gay Star News, Chao says he could find out people’s age, relationship status, and even location coordinates.
‘It surprised me. Vulnerable people who aren’t out use Grindr and Jack’d. The developers should be assessing the apps’s security all around,’ he said.