The Chinese company that bought Grindr wasn't supposed to let Chinese engineers access Americans' data -- but it did

In January 2018, Beijing Kunlun Tech Co Ltd -- already an $93 million investor in Grindr -- bought out the company for a further $152m. Despite assurances to the Committee on Foreign Investment in the United States that the company would not access Americans' sensitive data via its offices in China, the acquisition led to a rapid drawdown of its US engineering staff through attrition and layoffs, and an increased emphasis on development and data-processing in Kunlun's Beijing office.

Eight former Grindr employees have come forward to say that this led to some of its Beijing-based engineers having access to Americans' data, including private messages and HIV status in early 2019. Now, CFIUS has asked Kunlun to sell the company and divest itself of its interest in it. Kunlun shut down its Beijing office in February, citing "policy reasons and concerns about data privacy."

Kunlun says it will sell the company by June 2020.

“CFIUS operates under the assumption that, whether through legal or political means, Chinese intelligence agencies could readily access information held by private Chinese companies if they wanted to,” said Rod Hunter, an attorney at Baker & McKenzie LLP who managed CFIUS reviews during President George W. Bush’s administration.

Exclusive: Behind Grindr's doomed hookup in China, a data misstep and scramble to make up [Echo Wang and Carl O'Donnell/Reuters]

(via Naked Capitalism)