NBC News analyzed four popular dating apps, including Tinder and Hinge, finding each collect a range of personal information.
ADVERTISEMENTIt is the hope of some dating appusers that the connections they form online will last a lifetime.
But while apps likeGrindr, Tinder, Hinge and The League make no promises of endless love, U.S. national security officials warn users there is one thing that really may last forever: their data.
"I think most American, most people, don't realize how much data your phone is generating about you and your life every single day," said John Demers, assistant attorney general for national security at the Department of Justice.
When NBC News showed Demers the kind of data collected by dating apps -- everything from drug use to preferred sexual position -- he said he feared that the information could be weaponized by individuals and even foreign intelligence agencies.
"There's a lot of information there in the app that you're voluntarily turning over," Demers said. "Some of it you know you're doing, some of it maybe you don't realize."
Demers said an individual's personal information on a dating app is the type of data a foreign intelligence service "would want to paint a picture of your life."
"If I'm starting a lure operation, for instance," he said, "I can find the kind of person I think that you will like and I will have them approach you." He added that an app user could even be approached with threats of blackmail.
A top concern for the Justice Department is the popular dating app Grindr, which advertises itself as the "largest social networking app for gay, bi, trans and queer people."
The app is owned by the Chinese gaming companyKunlun Tech.Foreign ownership matters when it comes to the type of information that may wind up in government hands.
"Chinese law requires a Chinese company to share any information that it has with the Chinese government if it's asked for that information for national security reasons," Demers said. "The other thing we know is that China is a top-down authoritarian country. So law or no law, if you're future livelihood as a business depends on the government's happiness with the way you behave, you're gonna turn over that information."
Grindr's privacy policysays it "cannot guarantee the security of your personal data."
But Grindr is hardly an outlier when it comes to collecting and storing highly personal information on its users.
NBC News analyzed four popular dating apps, including Tinder, Hinge, Grindr, and The League and found that each collect a range of personal information.
Grindr collects such data as preferred sexual positions, HIV status, old profile pictures, race, exact location and times of day the app is accessed.
Tinder collects sexual preference, messages, the user's phone number, exact location, race, sent messages, job and Spotify playlists.
Hinge collects sexual preference, messages, exact location, messages, race and drug use.
The League collects sexual preference, exact location, race and job.
Bernardo Crastes, a 24-year-old IT consultant who used Grindr and Tinder while living in Portugal, let NBC News access his data. Within a day, NBC News was able to generate a "profile" on Crastes that included knowledge about his musical preferences, how often and when he opened the apps, his personal pictures and sexual preference.
ADVERTISEMENT"It's strange to hear it outside of the app, but it's not something that I would mind sharing with other people," he said when presented with the findings. "But I would like to have that [information] under my control basically."
Hinge user Victoria Eberlein, an American who recently moved to London, England to become a lawyer, also allowed NBC News to access her data. European laws require dating apps to turn over requested data. Eberlein learned she had generated nearly 250 pages of information in less than six months. Among the information provided were what she described as "love letters to someone who probably didn't work out," sent within the app.
"That can be something that is intimate and private," the 24-year-old law student said. "And so yeah, you'd hope that your messages are between just you and the other person, you know"
But even with Europe's laws, getting ahold of one's personal information can sometimes be a challenge. Crastes said that getting his data from Grindr took several weeks and that the company initially failed to provide a complete set of data.
The dating app Bumble told Eberlein it couldn't find her account, then located the account but didn't provide data. It told NBC News it didn't have to provide the data because it is a U.S. company.
ADVERTISEMENTAnother European Grindr user who spoke to NBC News said he had to pass several obstacles to gain access to his personal information, such as sending over a "high-resolution copy of a government-issued ID or passport" and a "clear photo" of himself holding a piece of paper with his email address.
"It should belong to us, to the people involved in it, the people who are sharing their personal data," Crastes said. "They should be the ones to decide what they want to do with it."
'Suspicious foreign connections'
TheDefense Department last month recommended to the branches of the military that they ban TikTok, a popular video app made by Bytedance, a Chinese company, from being installed on government-issued phones, saying it posed a security risk. The Army, Navy, Air Force and Coast Guard all followed the guidance.
But the Pentagon has not issued a similar warning about Grindr. The Committee on Foreign Investment in the United States, an inter-agency government body, has raised concerns about its ownership and the risk it poses to national security, according to a Reuters story in March.
The Pentagon referred NBC News' inquiry to each branch of the military. The Army said soldiers are prohibited from having personal apps on government-issued phones and, for apps on personal devices, are recommended "to research the company history, including ownership, for any potentially suspicious foreign connections the company may have."
ADVERTISEMENT"The Army continually reminds Soldiers and family members of operational security and the risk of revealing personally identifiable information," a spokeswoman said.
The Coast Guard issued a statement that did not address the question about Grindr. The Navy and Air Force did not respond to requests for comment.
Reuters also reported that Kunlun Tech had agreed to sell Grindr. NBC News asked Kunlun for confirmation but did not receive a response.
NBC News sent Grindr several questions on where it stores its users data, its Kunlun ownership and whether the app has shared any information with any Chinese government agency.
A Grindr spokesperson declined to comment on specific questions, but said that the "privacy and security" of its "users' personal data is and always will be a core value for Grindr."
ADVERTISEMENT"Grindr utilizes the privacy by design framework, and our privacy policy details how Grindr uses the data that it receives and the options available to users. These, along with other safeguards, help our users safely and securely connect and thrive, and demonstrate our respect for user privacy," read the statement emailed to NBC News.
While experts say that little can be done to stop the information-gathering process within dating apps, states like California have made an effort to allow consumers to track what type of information is being collected on them. In 2018, then-California Gov. Jerry Brown signed into lawa bill requiring that companies hand over personal data it collects on customers who request it as well as disclose the categories of third parties they are sharing the information to.
The effects of this law have yet to be seen as it barely came into effect earlier this month.
The international community is also keeping an eye on the information being shared on dating apps.
On Thursday, the Norwegian Consumer Council released areportaccusing dating apps of sharing detailed user data with advertising firms and in the process, potentially violating European data protection regulations.
ADVERTISEMENT"The collection of data across services and devices allows many of these companies [third party vendors] to construct intricate profiles about individual consumers, which can be used to target, discriminate and manipulate people" the report read. "All of this depends on a complex industry of actors that operate outside of the public consciousness, and happens on a questionable legal basis."