Source Code: Your daily look at what matters in tech.

source-codesource codeauthorCharles LevinsonNoneWant your finger on the pulse of everything that's happening in tech? Sign up to get David Pierce's daily newsletter.64fd3cbe9f

Get access to Protocol

Your information will be used in accordance with our Privacy Policy

I’m already a subscriber

Phone tracking is having a moment, but gay dating app Scruff wants no part of it

Location data is big business, and is now at the center of efforts to study the spread of COVID-19. But who's in control?

Scruff CEO Eric Silverberg

Eric Silverberg, CEO of gay dating app Scruff, decided not to sell his users' location data. It wasn't easy.

Photo: Courtesy of Scruff

A few years ago, a particular type of email began showing up in the inbox of Eric Silverberg, whose gay dating app, Scruff, allows members to search for potential matches who are nearby. They were pitches from location-data brokers, telling the CEO he was sitting on a lucrative trove of user information.

"I wanted to reach out because I noticed that Scruff currently has location feature installed into their app and thought it would be beneficial for us to connect," a salesman from one of the brokers, X-Mode, wrote in a September 2018 email, in which he offered to pay Scruff up to $100,000 for its users' location data.

X-Mode sent five more pitch emails in the five months that followed. And in the past 18 months, at least half a dozen other brokers have reached out with at least 33 separate solicitations.

"It's like (zero calorie) icing on the cake," wrote a salesman from the Canadian mobile data company Tutela Technologies last July, touting the effortless revenue that selling users' location data could yield.

Silverberg wasn't interested. He says he never replied to the emails, copies of which Protocol reviewed.

"Our community is very sensitive to this topic of data sharing," Silverberg said. "There are countries around the world that criminalize same-sex acts."

The dilemma he faced has been brought into sharp relief by the coronavirus pandemic, which has shined a bright light on the power of location data culled from cell phones, a process consumers enable when they use apps and which allows those apps to deliver targeted services and ads. Israel, China, Singapore and South Korea are using location data to track those sick with COVID-19. In Europe, mobile carriers are sharing data with health authorities in Italy, Germany and Austria to help fight the virus.

So, too, in the U.S., both private companies and the government are exploring how to tap into the movement of cell phones to track and study the spread. Google put its vast repository of location data on display last week when it released Community Mobility Reports, showing adherence to COVID-19 movement advisories and restrictions in 131 countries, and in every county in America.

At the same time, federal officials, police investigators and immigration agents are quietly ramping up use of individuals' location data to enforce laws and detect threats, sometimes with warrants and sometimes not. Protocol reported last month that a Virginia company, Babel Street, sold access to vast caches of data to Immigration and Customs Enforcement, Customs and Border Protection and the Secret Service — and perhaps others.

What this means is that, in some respects, app developers like Silverberg are on the front lines of advances in technology that could revolutionize crime-fighting, disease-tracking and other fields, though with huge implications for personal privacy. The same location data that allows consumers to find nearby restaurants and dates can underpin a study of whether people are social distancing or an investigation into a kidnapping.

Moreover, many of the companies that repeatedly pitched Silverberg are providing the data that is being used to map coronavirus' spread. The pitches he received offer a window into how this data moves.

Beach parties and heat maps

X-Mode, for example, provides location data to the data analysis company Tectonix, which on March 24 released a widely viewed map showing how spring breakers who controversially partied on Florida beaches returned to their homes all around the country in the days that followed. X-Mode and Tectonix, which has contracts with the Pentagon, have released similar heat maps showing the virus' spread in China, Italy and Washington state, demonstrating its global reach.

X-Mode is also the source of location data that defense contractor Culmen International is using to map the virus' spread for federal agencies, according to Culmen. Another data broker that pitched Silverberg 16 times in an 18-month period, Cuebiq, provided location data used by The New York Times to map adherence to shelter-in-place orders around the country.

X-Mode says it complies with laws including the California Consumer Privacy Act, which went into effect this year, and the European Union's 2-year-old privacy law. Both require companies to obtain users' consent to share their data and require varying degrees of transparency about how they use that data.

A spokesperson for X-Mode said the company helps app developers "monetize their apps without ads" and "continue to invest in the success and growth of their apps."

Tectonix, Culmen and other companies that work with location data say the information is anonymized, with users marked by codes rather than names. However, academic studies have challenged whether efforts to guarantee privacy hold up in certain applications. Researchers at Imperial College London, for example, found they were able to uniquely identify 95% of individuals in a data set with just four time-and-place data points.

Silverberg's decision was influenced by the fact that privacy issues may be particularly sensitive for Scruff users. In at least 68 countries, homosexuality is a crime, and in some, the mere presence of a gay dating app on a phone is illegal. Silverberg knew that for many of his customers, identification by a government agency could mean prison or worse.

So in 2018, he cut ties with the data and digital advertising industries, two of the biggest revenue drivers in the app economy. He rebuffed dozens of pitches from companies like X-Mode offering to buy his users' data outright. And he stopped doing business with third-party ad brokers, who similarly demand reams of user data in exchange for ad dollars.

It's worked out, he said. Thanks to subscription revenue, and Scruff's newly built in-house advertising division and data analytics operations, Scruff has seen ad revenue grow fivefold. Silverberg's path might offer lessons for some of the thousands of app developers struggling to monetize their products while navigating the fast-evolving privacy landscape.

"You don't need to go through third-party ad brokers," he said. "That's the message for app creators all over the world. Don't be afraid to sell ads. You can do it. You don't need Google or a third party to do it for you."

Big money, little effort

Silverberg launched Scruff in the summer of 2010 out of his apartment in the West Village. The mobile app boom was just taking off, fueled by the proliferation of smartphones, and what began as a side project quickly became a full-time job as Scruff established itself as a popular competitor to Grindr.

The rapid growth, though, meant rapidly growing costs as well, mostly to buy server space to run the app, from a few dollars per month to $100 a day. "We scrambled to find any revenue source we could," Silverberg said.

He turned to several third-party ad firms, but frustrations mounted. The ads hurt users' experience, he felt, frequently serving as a vector for spam. And the revenue the ads generated was less than promised.

"They all had big promises of how much money you could make that they never came close to meeting," Silverberg said. "Our traffic would go up, and our revenue would go down. It just made no sense."

Privacy concerns weren't as prominent in the industry then. Smartphones weren't yet widespread enough to provide enough location data to make it useful, and the analytical tools weren't nearly as advanced. But about three years ago, this began to change. That's when the data brokers started showing up in Silverberg's inbox.

Companies he had never heard of offered him hundreds of thousands of dollars just to embed a few lines of software code in Scruff's app that would hoover up users' movements and other data. Salespeople dangled effortless revenue, with little impact on users' experience, mobile speeds, data-usage costs or battery life, as well as useful analytics on how users interacted with the app.

The data was anonymized, the companies assured Silverberg, but he had his doubts. In many cases, he said, the information taken came with other details about Scruff users, such as email addresses and mobile device IDs, which could potentially be used to identify individual users.

X-Mode was one of the most aggressive in pursuing Scruff's business. From September 2018 to February 2019, its sales reps sent six pitch emails to Silverberg. Three weeks after its offer to pay $100,000 for Scruff users' location data went unanswered, X-Mode reached out again.

"This quarter we are offering good rates for an SDK integration," the salesman said, referring to the embedding of software code. Three weeks after that later came a third pitch, this one with a spreadsheet of projected revenue.

The big spread

X-Mode traces its roots to 2013, when founder and CEO Joshua Anton created Drunk Mode, which prevented users from drunk-dialing, making phone calls they might later regret. The app was popular on college campuses and soon added new features such as Find My Drunk, which allowed friends to keep track of each other. In 2015, X-Mode began selling its location data.

Today, the company is one of the largest vendors of unprocessed location data. It lists 140 companies that buy its data, then process and analyze it to fit their needs. While Silverberg rebuffed X-Mode's offers, the developers of more than 400 other mobile apps used by more than 60 million people have signed on to sell the company their users' location data, according to X-Mode's website.

"You have so many apps on the app store who are all desperately in need to somehow monetize their apps," said Christoph Tavan, who used to run an ad tech firm and is now CTO for Contentpass, a German company building an ad-free, subscription-based internet model.

Though it's often difficult to know which apps are selling location data and which are not, careful readings of app privacy policies in some cases offer a clue. One of the developers X-Mode has partnered with is Kelly Technology, which has 16 mobile apps, including fitness apps like HIT Log, weather apps such as Earth++ and WeatherMatch, and a space exploration app called NASA Now. Kelly Technology did not respond to requests for comment.

Many of the companies that buy location data from X-Mode share data, in turn, with their own partner and client lists, meaning that sharing data with X-Mode can be the first step in the spread of that data to an untold number of other companies.

One of X-Mode's partners, German company AdSquare, which claims a data bank of 450 million user profiles from over 120 data providers, lists 45 partners it could share data with in 11 countries. One of those partners, Criteo, shares data with 99 partners and is under investigation by the French privacy regulator CNIL. Criteo said it was cooperating and had done nothing wrong.

Other dating apps, including Scruff's chief competitor, have come under fire for sharing users' data. A Jan. 14 report by European privacy researchers Wolfie Christl and Zach Edwards said Grindr shared detailed user data, including IP addresses, GPS locations, ages and genders, with many third-party ad companies, mostly via Twitter's ad tech subsidiary MoPub. The same study found that dating app OkCupid "shared highly personal data about sexuality, drug use, political views, and more with the analytics company Braze."

'That's our data'

These were the ripples, which seemed out of an app developers' control, that concerned Silverberg. "We took a look at all our partners, down the stack," he said, "and it became clear that if we continued to integrate with these ad networks, we would need to ask our customers to consent to sharing their data with all sorts of companies whose practices we knew nothing about."

Determined to work outside the third-party advertising and data broker networks, Silverberg built an in-house ad team in 2018. He hired designers who built a custom ad platform for Scruff based on React Native, a platform developed by Facebook. He hired a sales team that pitched directly to brands. They found takers who appreciated the approach, he said, and the app now has more than 50 advertisers.

But forgoing partnerships with data brokers brought challenges, such as the loss of potentially useful analytics. The alternative is to pay for those same services, but that can be expensive. Scruff users generate roughly a billion "events" per day: clicks, taps, scrolls, messages and everything else. That equates to about 500 GB of data, requiring a massive storage and a powerful processing capability to translate that data into something usable. One company quoted Silverberg a price of $30,000 a month.

So just as he did with ads, Silverberg set out to create an in-house analytics operation. "We wrote our own code to collect the data," he said. "But that wasn't the hard part. The hard part was ingesting and analyzing the data." He turned to Amazon Web Services for storage of the data and the company's Kinesis platform to interrogate it.

Get in touch with us: Share information securely with Protocol via encrypted Signal or WhatsApp message, at 415-214-4715 or through our anonymous SecureDrop.

Silverberg said he saved money as a result, while enabling Scruff's data engineers to work with the app's raw data in more powerful and customizable ways, yielding insights into how customers use the app. Had he not taken control, he said, the privacy issues would have persisted.

"Every day you have to hand over to them a complete copy of all your user data, profile updates, time stamps, usage data," he said. "And then they're taking that data, repackaging it and reselling it. That's our data. Not yours."

Protocol | Workplace

In Silicon Valley, it’s February 2020 all over again

"We'll reopen when it's right, but right now the world is changing too much."

Tech companies are handling the delta variant in differing ways.

Photo: alvarez/Getty Images

It's still 2021, right? Because frankly, it's starting to feel like March 2020 all over again.

Google, Apple, Uber and Lyft have now all told employees they won't have to come back to the office before October as COVID-19 case counts continue to tick back up. Facebook, Google and Uber are now requiring workers to get vaccinated before coming to the office, and Twitter — also requiring vaccines — went so far as to shut down its reopened offices on Wednesday, and put future office reopenings on hold.

Keep Reading Show less
Allison Levitsky
Allison Levitsky is a reporter at Protocol covering workplace issues in tech. She previously covered big tech companies and the tech workforce for the Silicon Valley Business Journal. Allison grew up in the Bay Area and graduated from UC Berkeley.

After a year and a half of living and working through a pandemic, it's no surprise that employees are sending out stress signals at record rates. According to a 2021 study by Indeed, 52% of employees today say they feel burnt out. Over half of employees report working longer hours, and a quarter say they're unable to unplug from work.

The continued swell of reported burnout is a concerning trend for employers everywhere. Not only does it harm mental health and well-being, but it can also impact absenteeism, employee retention and — between the drain on morale and high turnover — your company culture.

Crisis management is one thing, but how do you permanently lower the temperature so your teams can recover sustainably? Companies around the world are now taking larger steps to curb burnout, with industry leaders like LinkedIn, Hootsuite and Bumble shutting down their offices for a full week to allow all employees extra time off. The CEO of Okta, worried about burnout, asked all employees to email him their vacation plans in 2021.

Keep Reading Show less
Stella Garber
Stella Garber is Trello's Head of Marketing. Stella has led Marketing at Trello for the last seven years from early stage startup all the way through its acquisition by Atlassian in 2017 and beyond. Stella was an early champion of remote work, having led remote teams for the last decade plus.
Protocol | China

Livestreaming ecommerce next battleground for China’s nationalists

Vendors for Nike and even Chinese brands were harassed for not donating enough to Henan.

Nationalists were trolling in the comment sections of livestream sessions selling products by Li-Ning, Adidas and other brands.

Collage: Weibo, Bilibili

The No. 1 rule of sales: Don't praise your competitor's product. Rule No. 2: When you are put to a loyalty test by nationalist trolls, forget the first rule.

While China continues to respond to the catastrophic flooding that has killed 99 and displaced 1.4 million people in the central province of Henan, a large group of trolls was busy doing something else: harassing ordinary sportswear sellers on China's livestream ecommerce platforms. Why? Because they determined that the brands being sold had donated too little, or too late, to the people impacted by floods.

Keep Reading Show less
Zeyi Yang
Zeyi Yang is a reporter with Protocol | China. Previously, he worked as a reporting fellow for the digital magazine Rest of World, covering the intersection of technology and culture in China and neighboring countries. He has also contributed to the South China Morning Post, Nikkei Asia, Columbia Journalism Review, among other publications. In his spare time, Zeyi co-founded a Mandarin podcast that tells LGBTQ stories in China. He has been playing Pokemon for 14 years and has a weird favorite pick.

The video game industry is bracing for its Netflix and Spotify moment

Subscription gaming promises to upend gaming. The jury's out on whether that's a good thing.

It's not clear what might fall through the cracks if most of the biggest game studios transition away from selling individual games and instead embrace a mix of free-to-play and subscription bundling.

Image: Christopher T. Fong/Protocol

Subscription services are coming for the game industry, and the shift could shake up the largest and most lucrative entertainment sector in the world. These services started as small, closed offerings typically available on only a handful of hardware platforms. Now, they're expanding to mobile phones and smart TVs, and promising to radically change the economics of how games are funded, developed and distributed.

Of the biggest companies in gaming today, Amazon, Apple, Electronic Arts, Google, Microsoft, Nintendo, Nvidia, Sony and Ubisoft all operate some form of game subscription. Far and away the most ambitious of them is Microsoft's Xbox Game Pass, featuring more than 100 games for $9.99 a month and including even brand-new titles the day they release. As of January, Game Pass had more than 18 million subscribers, and Microsoft's aggressive investment in a subscription future has become a catalyst for an industrywide reckoning on the likelihood and viability of such a model becoming standard.

Keep Reading Show less
Nick Statt
Nick Statt is Protocol's video game reporter. Prior to joining Protocol, he was news editor at The Verge covering the gaming industry, mobile apps and antitrust out of San Francisco, in addition to managing coverage of Silicon Valley tech giants and startups. He now resides in Rochester, New York, home of the garbage plate and, completely coincidentally, the World Video Game Hall of Fame. He can be reached at
Protocol | Policy

Lina Khan wants to hear from you

The new FTC chair is trying to get herself, and the sometimes timid tech-regulating agency she oversees, up to speed while she still can.

Lina Khan is trying to push the FTC to corral tech companies

Photo: Graeme Jennings/AFP via Getty Images

"When you're in D.C., it's very easy to lose connection with the very real issues that people are facing," said Lina Khan, the FTC's new chair.

Khan made her debut as chair before the press on Wednesday, showing up to a media event carrying an old maroon book from the agency's library and calling herself a "huge nerd" on FTC history. She launched into explaining how much she enjoys the open commission meetings she's pioneered since taking over in June. That's especially true of the marathon public comment sessions that have wrapped up each of the two meetings so far.

Keep Reading Show less
Ben Brody

Ben Brody (@ BenBrodyDC) is a senior reporter at Protocol focusing on how Congress, courts and agencies affect the online world we live in. He formerly covered tech policy and lobbying (including antitrust, Section 230 and privacy) at Bloomberg News, where he previously reported on the influence industry, government ethics and the 2016 presidential election. Before that, Ben covered business news at CNNMoney and AdAge, and all manner of stories in and around New York. He still loves appearing on the New York news radio he grew up with.

Latest Stories