Warning: *Privacy Not Included with this product
BlackPeopleMeet
BlackPeopleMeet is a dating app targeted toward Black men and women, although anyone can sign up to the app regardless of race. Launched in 2002, BlackPeopleMeet claims to be the #1 dating app to meet Black singles. The only personal information you'll need to give when signing up is gender, birth date, zip code, and email. Users can browse profiles and look for matches for free. Messaging potential matches is only available as a premium feature with a paid subscription. Other subscription perks include read receipts and a chance to see who's interested in you. And anyone can try the Promote Me feature, where you buy and spend tokens to boost your profile to the top of search results for a limited time. With BlackPeopleMeet, there's no need to bother with any other dating sites -- at least that's what they say in their app page in the Google Play Store. Unfortunately, their privacy is not so good -- maybe you should bother to find another more privacy protecting app.
What could happen if something goes wrong?
BlackPeopleMeet was acquired by global dating app Goliath, the Match Group back in 2009 when the app was just seven years old. If you haven't heard of Match Group, you probably know their 40+ dating apps which include the likes of BLK, OkCupid, Tinder, Hinge, and many, many more. That doesn't bode well for BPM since Match Group's track record for privacy and security is not good.
First, let's take a gander at the Match Group. In 2022, the United States Federal Trade Commission filed a petition against Match Group Inc. to force them to hand over documents about a possible data-sharing deal between one of their apps and an AI company, where images of users’ faces were reportedly used to train facial recognition software. Match Group-owned Tinder was also hit with lawsuits about their photo verification feature in 2022 and 2023. One says that the app didn't get proper consent from users to process their biometric information and the other claims the feature “verified” a fake account created with the plaintiff's stolen photos. Yikes. In 2023, research by Cybernews found that a simple hack would make it possible to “track [Match Group-owned] OkCupid users and find their exact location.” Whoa. So like we said, BlackPeopleMeet's parent company has not been known for their security or transparency. Match Group's shaky track record makes us a little nervous about their eagerness to double down the privacy minefield of AI integration. That's something we'll be keeping a close eye on.
How about BlackPeopleMeet's policies? Well, for starters, like most dating apps, they sure can collect a lot of information about you. There’s information you give about yourself when you set up your account like your contact information, gender, and who you’d like to meet. Your profile information, the photos you upload, your sexual orientation, interests, and more. Some of that data is sensitive, so you should know that their privacy policy says that just sharing it counts as consenting to Match Group's processing of it. "Where you provide such elements to us, you consent to us using it for the purposes identified and as laid out in this Privacy Policy." Then there’s the information that’s collected automatically when you use the app. Your IP address, device information, your activity, when you're online, and who you interact with. Oh and your geolocation! Even while you're not using the app. And did we mention your chats? You should know that other humans, besides your conversation partner, might be able to read those -- in the interest of keeping users from engaging in harmful or illegal behavior. Your conversations also help train BlackPeopleMeet's message-filtering tools.
Besides information you give and your app usage, BPM can collect even more information about you from “partners” and affiliates like those other sites owned by Match Group. And they can create inferences about your “preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes” based on what else they know about you. Oy.
As for what BlackPeopleMeet has in store for all that information... Well, they can use it for reasons that won't likely help Black people meet -- like showing you targeted ads. They also share it around quite a bit. Like with those other Match Group companies. Their privacy policy says they can share “non-personal information” and “de-identified” information for targeted ads on Match Group’s services and on third party apps and websites too. And we should point out that researchers say it can be easy to re-identify that data. BlackPeopleMeet may also share your personal information with law enforcement, when it’s required by law or to “assist in the prevention or detection of crime (subject in each case to applicable law).” That’s pretty standard and Match Group does have some pretty clear guidelines around how they share user data with law enforcement, which we like to see.
And when it's not being shared on purpose, we're worried your account information could be exposed accidentally because BlackPeopleMeet doesn't meet our Minimum Security Standards. They let users use simple and easy-to-hack passwords -- which puts your private information at risk. You can do better, BPM.
This is the part where we'd love to give you some good news. Like surely you can access and delete your personal information? But sadly, maybe not. It's unclear whether all users, regardless of where they live, have that right. What a bummer. So what could go wrong? Well because BlackPeopleMeet allows really weak passwords, someone could easily guess your password, break into your account, and send rude DMs on your behalf, besmirching your good name (and face). We also wonder if that risk is worth it -- especially since love on Match Group-owned apps might be a losing game. A lawsuit filed February 2024 in the United States against claims Match Group’s apps are designed to "coerce subscriptions and retain users forever" by dangling the possibility of establishing an "off-app relationship while implementing features to keep users on the app." Yeesh. That's always a danger when a happy ending is bad for business.
Tips to protect yourself
- Check out BlackPeopleMeet Dating safety tips
- Visit the app's privacy preferences at the app and opt out from personalized advertising as well as all non-essential data collection.
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data nor does close your account.
- Do not give consent to constant geolocation tracking by the app. Better provide geolocation 'only when using the app'.
- Do not share sensitive data through the app.
- Do not give access to your photos and video or camera.
- Do not log in using third-party accounts.
- Do not connect to any third party via the app, or at least make sure that a third party employs decent privacy practices.
- Do not give consent for sharing of personal data for marketing and advertising.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc.
- Do not use social media plug-ins.
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless necessary).
- Keep your app regularly updated.
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization).
- When starting a sign-up, do not agree to tracking of your data if possible.
Can it snoop on me?
Camera
Device: N/A
App: Yes
Microphone
Device: N/A
App: Yes
Tracks location
Device: N/A
App: Yes
What can be used to sign up?
Yes
Phone
No
Third-party account
No
What data does the company collect?
Personal
Phone number, email address, gender, date of birth, and who you’d like to connect with; religion, ethnicity, details on your personality, lifestyle, interests and other details about you, photos and videos, debit, credit card number or other financial information; data about your activity on services, such as, when you logged in, features you've been using, actions taken, information shown to you, referring webpages address and ads that you interacted with, and your interactions with other users, for example, users you connect and interact with, and when you matched and exchanged messages with them; device information, such as IP address, device ID and type, apps settings and characteristics, app crashes, advertising IDs, and identifiers associated with cookies or other technologies that may uniquely identify a device or browser; Precise geolocation data (with consent).
Body related
Selfie Verification data, photos and videos (with consent).
Social
Chats with other users as well as the content you publish
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In November 2022, the parent company Match Group Inc. was accused in a lawsuit from Tinder users of breaching a state privacy law in Illinois by collecting data on people’s faces from dating app selfies.
The FTC filed a petition on May 26, 2022 to force Match, owned by the parent company Match Group Inc., to comply with a civil investigative demand for documents related to an alleged 2014 data-sharing deal between Match subsidiary OkCupid and Clarifai Inc, an artificial intelligence company.
In September 2023, a New Jersey woman filed a class action suit against Tinder, owned by the parent company Match Group Inc., claiming that the app's photo verification feature failed by verifying an account that was created using stolen images of her.
In December 2023, the research by Cybernews into OkCupid, owned by the parent company Match Group Inc., uncovered that a hacker could uncover a distance from them to the victim (any user of the app) in a 10 to 20-meter radius. "With a few simple steps, we can easily track anyone on OkCupid in a given city – from home, to work, to social gatherings, to wherever. This is a terrible blow to users’ privacy."
In February 2024, BlackPeopleMeet parent company Match Group was accused in a lawsuit of making their apps addictive and putting profit over their customers' relationship goals.
In March, 2024, Match Group owned Tinder, following a lengthy dialogue with the European Commission, committed to " inform consumers that discounts they propose for premium services are personalised by automated means." "The network of national consumer authorities found that Tinder applied such personalised prices without informing consumers, which is in violation of EU consumer law. In addition, until April 2022, Tinder used to offer lower prices for their premium services based on age without informing the users. Tinder stopped this practice before the investigation started."
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption
The parent company Match Group shared with us that "All data stores containing personal data must be encrypted at rest and in transit. Data at rest uses the latest key technologies to cover hybrid data infrastructure, including keys that are created and managed utilizing the latest KMS key policies. Data in transit must utilize predefined SSL policies of TLS-1-1-2017-01 or similar ciphers. MG Security Engineering has an encryption standard that documents the process and procedures and is shared across our brands."
Strong password
The password requirement is 'at least 2 characters'. We believe that is not a strong enough requirement.
Security updates
Manages vulnerabilities
"Black People Meet welcomes input from the security research community to advance the cause of improving the security of our applications and user data. To that end, we encourage security researchers to responsibly disclose any potential vulnerabilities uncovered to [email protected]. Reports received through this channel will receive a prompt reply, and if you do not receive such a response, we ask that you please attempt to contact us again. To protect our users, we also request that you please refrain from sharing information about any potential vulnerabilities with anyone outside of Black People Meet, until we have confirmed with you that any such vulnerability has been properly mitigated.
Black People Meet's bug bounty program is private and inclusion is by invite only. Researchers who follow generally accepted responsible disclosure practices and submit quality reports to our Security team will be evaluated for inclusion at our discretion. We explicitly prohibit testing Denial of Service (DoS) or use of automated scanning tools against any of our applications or infrastructure."
Privacy policy
Dive Deeper
-
Swiped: How dating apps harm marginalized communitiesMIT Media Lab
-
Popular dating app leak puts millions of women at riskCybernews
-
Match Group leans into AI with new teamMashable
-
Pssst! Match.com does not want you to know about this FTC caseReuters
-
Match Group releases its guiding principles for integrating AI into its dating appsFast Company
-
How Match.com is using AI to make its user experience 'more human'IAB
Comments
Got a comment? Let us hear it.