A French data protection agency has issued a warning to eight dating companies, following an investigation into the collection of user data.
The Commission Nationale de L’informatique et Des LibertÃ©s (CNIL) said it carried out an investigation into thirteen dating sites, including Meetic, Attractive World and JDream.
A CNIL spokesperson told AFP: “Most of these sites offer their users very targeted searches based on their social community, their religious or ethnic (identity), where they live, how they look, their sexual practices and their political opinions.”
However the watchdog said the sites did not explicitly ask users whether they were happy for such sensitive data to be collected and stored.
The CNIL also found that some dating sites were not using standard encryption tools.
The sites that were named included: Meetic, Attractive World, Adopte Un Mec, Easyflirt, Forcegay, Mektoube, JDream, Feuj World, and Celibest.
This investigation by the French agency follows an EU agreement to improve data protection laws, which will strengthen privacy rules for users of online platforms.
This new legislature is set to come into effect from 2016, and will cover the use of services from U.S technology companies in a number of European countries.
The CNIL has recommended that companies add a tick box to their sites, that users can click to confirm they are happy for sites to collect and share their data.
The watchdog also said it wants French sites to improve their methods for deleting the data of former users, and those who have been inactive for a long time.
Alexandre Lubot, the CEO of Meetic Group, who were targeted as part of this investigation, told GDI: “As leader of the category, we always take security and safety of our consumers very seriously. We welcome CNIL’s feedback. We have and will continue to work with them.”
These sites have now all been warned about the new consumer protection measures the CNIL wants introduced, and have three months to add the necessary measures to comply to the new regulations.
If they fail to implement these measures, the sites will be subject to a €150,000 fine.
There is the potential for the fines under the forthcoming EU legislation to be as large as 5% of a company’s revenue.