Phone tracking is having a moment, but gay dating app Scruff wants no part of it

Location data is big business, and is now at the center of efforts to study the spread of COVID-19. But who's in control?

Scruff CEO Eric Silverberg

Eric Silverberg, CEO of gay dating app Scruff, decided not to sell his users' location data. It wasn't easy.

Photo: Courtesy of Scruff

A few years ago, a particular type of email began showing up in the inbox of Eric Silverberg, whose gay dating app, Scruff, allows members to search for potential matches who are nearby. They were pitches from location-data brokers, telling the CEO he was sitting on a lucrative trove of user information.

"I wanted to reach out because I noticed that Scruff currently has location feature installed into their app and thought it would be beneficial for us to connect," a salesman from one of the brokers, X-Mode, wrote in a September 2018 email, in which he offered to pay Scruff up to $100,000 for its users' location data.

X-Mode sent five more pitch emails in the five months that followed. And in the past 18 months, at least half a dozen other brokers have reached out with at least 33 separate solicitations.

"It's like (zero calorie) icing on the cake," wrote a salesman from the Canadian mobile data company Tutela Technologies last July, touting the effortless revenue that selling users' location data could yield.

Silverberg wasn't interested. He says he never replied to the emails, copies of which Protocol reviewed.

"Our community is very sensitive to this topic of data sharing," Silverberg said. "There are countries around the world that criminalize same-sex acts."

The dilemma he faced has been brought into sharp relief by the coronavirus pandemic, which has shined a bright light on the power of location data culled from cell phones, a process consumers enable when they use apps and which allows those apps to deliver targeted services and ads. Israel, China, Singapore and South Korea are using location data to track those sick with COVID-19. In Europe, mobile carriers are sharing data with health authorities in Italy, Germany and Austria to help fight the virus.

So, too, in the U.S., both private companies and the government are exploring how to tap into the movement of cell phones to track and study the spread. Google put its vast repository of location data on display last week when it released Community Mobility Reports, showing adherence to COVID-19 movement advisories and restrictions in 131 countries, and in every county in America.

At the same time, federal officials, police investigators and immigration agents are quietly ramping up use of individuals' location data to enforce laws and detect threats, sometimes with warrants and sometimes not. Protocol reported last month that a Virginia company, Babel Street, sold access to vast caches of data to Immigration and Customs Enforcement, Customs and Border Protection and the Secret Service — and perhaps others.

What this means is that, in some respects, app developers like Silverberg are on the front lines of advances in technology that could revolutionize crime-fighting, disease-tracking and other fields, though with huge implications for personal privacy. The same location data that allows consumers to find nearby restaurants and dates can underpin a study of whether people are social distancing or an investigation into a kidnapping.

Moreover, many of the companies that repeatedly pitched Silverberg are providing the data that is being used to map coronavirus' spread. The pitches he received offer a window into how this data moves.

Beach parties and heat maps

X-Mode, for example, provides location data to the data analysis company Tectonix, which on March 24 released a widely viewed map showing how spring breakers who controversially partied on Florida beaches returned to their homes all around the country in the days that followed. X-Mode and Tectonix, which has contracts with the Pentagon, have released similar heat maps showing the virus' spread in China, Italy and Washington state, demonstrating its global reach.

X-Mode is also the source of location data that defense contractor Culmen International is using to map the virus' spread for federal agencies, according to Culmen. Another data broker that pitched Silverberg 16 times in an 18-month period, Cuebiq, provided location data used by The New York Times to map adherence to shelter-in-place orders around the country.

X-Mode says it complies with laws including the California Consumer Privacy Act, which went into effect this year, and the European Union's 2-year-old privacy law. Both require companies to obtain users' consent to share their data and require varying degrees of transparency about how they use that data.

A spokesperson for X-Mode said the company helps app developers "monetize their apps without ads" and "continue to invest in the success and growth of their apps."

Tectonix, Culmen and other companies that work with location data say the information is anonymized, with users marked by codes rather than names. However, academic studies have challenged whether efforts to guarantee privacy hold up in certain applications. Researchers at Imperial College London, for example, found they were able to uniquely identify 95% of individuals in a data set with just four time-and-place data points.

Silverberg's decision was influenced by the fact that privacy issues may be particularly sensitive for Scruff users. In at least 68 countries, homosexuality is a crime, and in some, the mere presence of a gay dating app on a phone is illegal. Silverberg knew that for many of his customers, identification by a government agency could mean prison or worse.

So in 2018, he cut ties with the data and digital advertising industries, two of the biggest revenue drivers in the app economy. He rebuffed dozens of pitches from companies like X-Mode offering to buy his users' data outright. And he stopped doing business with third-party ad brokers, who similarly demand reams of user data in exchange for ad dollars.

It's worked out, he said. Thanks to subscription revenue, and Scruff's newly built in-house advertising division and data analytics operations, Scruff has seen ad revenue grow fivefold. Silverberg's path might offer lessons for some of the thousands of app developers struggling to monetize their products while navigating the fast-evolving privacy landscape.

"You don't need to go through third-party ad brokers," he said. "That's the message for app creators all over the world. Don't be afraid to sell ads. You can do it. You don't need Google or a third party to do it for you."

Big money, little effort

Silverberg launched Scruff in the summer of 2010 out of his apartment in the West Village. The mobile app boom was just taking off, fueled by the proliferation of smartphones, and what began as a side project quickly became a full-time job as Scruff established itself as a popular competitor to Grindr.

The rapid growth, though, meant rapidly growing costs as well, mostly to buy server space to run the app, from a few dollars per month to $100 a day. "We scrambled to find any revenue source we could," Silverberg said.

He turned to several third-party ad firms, but frustrations mounted. The ads hurt users' experience, he felt, frequently serving as a vector for spam. And the revenue the ads generated was less than promised.

"They all had big promises of how much money you could make that they never came close to meeting," Silverberg said. "Our traffic would go up, and our revenue would go down. It just made no sense."

Privacy concerns weren't as prominent in the industry then. Smartphones weren't yet widespread enough to provide enough location data to make it useful, and the analytical tools weren't nearly as advanced. But about three years ago, this began to change. That's when the data brokers started showing up in Silverberg's inbox.

Companies he had never heard of offered him hundreds of thousands of dollars just to embed a few lines of software code in Scruff's app that would hoover up users' movements and other data. Salespeople dangled effortless revenue, with little impact on users' experience, mobile speeds, data-usage costs or battery life, as well as useful analytics on how users interacted with the app.

The data was anonymized, the companies assured Silverberg, but he had his doubts. In many cases, he said, the information taken came with other details about Scruff users, such as email addresses and mobile device IDs, which could potentially be used to identify individual users.

X-Mode was one of the most aggressive in pursuing Scruff's business. From September 2018 to February 2019, its sales reps sent six pitch emails to Silverberg. Three weeks after its offer to pay $100,000 for Scruff users' location data went unanswered, X-Mode reached out again.

"This quarter we are offering good rates for an SDK integration," the salesman said, referring to the embedding of software code. Three weeks after that later came a third pitch, this one with a spreadsheet of projected revenue.

The big spread

X-Mode traces its roots to 2013, when founder and CEO Joshua Anton created Drunk Mode, which prevented users from drunk-dialing, making phone calls they might later regret. The app was popular on college campuses and soon added new features such as Find My Drunk, which allowed friends to keep track of each other. In 2015, X-Mode began selling its location data.

Today, the company is one of the largest vendors of unprocessed location data. It lists 140 companies that buy its data, then process and analyze it to fit their needs. While Silverberg rebuffed X-Mode's offers, the developers of more than 400 other mobile apps used by more than 60 million people have signed on to sell the company their users' location data, according to X-Mode's website.

"You have so many apps on the app store who are all desperately in need to somehow monetize their apps," said Christoph Tavan, who used to run an ad tech firm and is now CTO for Contentpass, a German company building an ad-free, subscription-based internet model.

Though it's often difficult to know which apps are selling location data and which are not, careful readings of app privacy policies in some cases offer a clue. One of the developers X-Mode has partnered with is Kelly Technology, which has 16 mobile apps, including fitness apps like HIT Log, weather apps such as Earth++ and WeatherMatch, and a space exploration app called NASA Now. Kelly Technology did not respond to requests for comment.

Many of the companies that buy location data from X-Mode share data, in turn, with their own partner and client lists, meaning that sharing data with X-Mode can be the first step in the spread of that data to an untold number of other companies.

One of X-Mode's partners, German company AdSquare, which claims a data bank of 450 million user profiles from over 120 data providers, lists 45 partners it could share data with in 11 countries. One of those partners, Criteo, shares data with 99 partners and is under investigation by the French privacy regulator CNIL. Criteo said it was cooperating and had done nothing wrong.

Other dating apps, including Scruff's chief competitor, have come under fire for sharing users' data. A Jan. 14 report by European privacy researchers Wolfie Christl and Zach Edwards said Grindr shared detailed user data, including IP addresses, GPS locations, ages and genders, with many third-party ad companies, mostly via Twitter's ad tech subsidiary MoPub. The same study found that dating app OkCupid "shared highly personal data about sexuality, drug use, political views, and more with the analytics company Braze."

'That's our data'

These were the ripples, which seemed out of an app developers' control, that concerned Silverberg. "We took a look at all our partners, down the stack," he said, "and it became clear that if we continued to integrate with these ad networks, we would need to ask our customers to consent to sharing their data with all sorts of companies whose practices we knew nothing about."

Determined to work outside the third-party advertising and data broker networks, Silverberg built an in-house ad team in 2018. He hired designers who built a custom ad platform for Scruff based on React Native, a platform developed by Facebook. He hired a sales team that pitched directly to brands. They found takers who appreciated the approach, he said, and the app now has more than 50 advertisers.

But forgoing partnerships with data brokers brought challenges, such as the loss of potentially useful analytics. The alternative is to pay for those same services, but that can be expensive. Scruff users generate roughly a billion "events" per day: clicks, taps, scrolls, messages and everything else. That equates to about 500 GB of data, requiring a massive storage and a powerful processing capability to translate that data into something usable. One company quoted Silverberg a price of $30,000 a month.

So just as he did with ads, Silverberg set out to create an in-house analytics operation. "We wrote our own code to collect the data," he said. "But that wasn't the hard part. The hard part was ingesting and analyzing the data." He turned to Amazon Web Services for storage of the data and the company's Kinesis platform to interrogate it.

Get in touch with us: Share information securely with Protocol via encrypted Signal or WhatsApp message, at 415-214-4715 or through our anonymous SecureDrop.

Silverberg said he saved money as a result, while enabling Scruff's data engineers to work with the app's raw data in more powerful and customizable ways, yielding insights into how customers use the app. Had he not taken control, he said, the privacy issues would have persisted.

"Every day you have to hand over to them a complete copy of all your user data, profile updates, time stamps, usage data," he said. "And then they're taking that data, repackaging it and reselling it. That's our data. Not yours."

Protocol | Fintech

How European fintech startup N26 is preparing for U.S. regulations

"There's a lot more scrutiny being placed on fintech. We are definitely mindful of it."

Photo: N26

N26's monster $900 million funding round announced Monday underlined the German startup's momentum in the digital banking market.

Stephanie Balint, N26's U.S. general manager, said the funding will be used for expansion and also to improve "our core offering to make this the most reliable bank that our customers can trust," she told Protocol.

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at or via Signal at (510)731-8429.

The way we work has fundamentally changed. COVID-19 upended business dealings and office work processes, putting into hyperdrive a move towards digital collaboration platforms that allow teams to streamline processes and communicate from anywhere. According to the International Data Corporation, the revenue for worldwide collaboration applications increased 32.9 percent from 2019 to 2020, reaching $22.6 billion; it's expected to become a $50.7 billion industry by 2025.

"While consumers and early adopter businesses had widely embraced collaborative applications prior to the pandemic, the market saw five years' worth of new users in the first six months of 2020," said Wayne Kurtzman, research director of social and collaboration at IDC. "This has cemented collaboration, at least to some extent, for every business, large and small."

Keep Reading Show less
Kate Silver

Kate Silver is an award-winning reporter and editor with 15-plus years of journalism experience. Based in Chicago, she specializes in feature and business reporting. Kate's reporting has appeared in the Washington Post, The Chicago Tribune, The Atlantic's CityLab, Atlas Obscura, The Telegraph and many other outlets.

Apple’s new MacBooks are the future — and the past

After years of reinventing the wheel, Apple's back to just building really good ones.

Apple brought back the ports.

Photo: Apple

The 2015 Pro was, by most accounts, one of the best laptops Apple ever made. It was fast and functional, and it had a great screen, a MagSafe charger, plenty of ports, a great keyboard and solid battery life. If you walked around practically any office in Silicon Valley, you'd see Pros everywhere.

Many of those users have been holding on to their increasingly old and dusty 2015 Pros, too, because right about when that computer came out was when Apple seemed to lose its way in the laptop market. It released the 12-inch MacBook, an incredibly thin and light computer that made a bunch of changes — a new keyboard and trackpad design chief among them — that eventually made their way around the rest of the MacBook lineup. Then came the Touch Bar, Apple's attempt to build an entirely new user interface into a laptop.

Keep Reading Show less
David Pierce

David Pierce ( @pierce) is Protocol's editorial director. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.

Protocol spoke to founders and tech execs who've embraced async and have tips on how to get started.

Image: Christopher T. Fong/Protocol

Imagine a company where there are no meetings — just time for deep, focused work punctuated by short conversations on Slack and project updates on Trello.

Now imagine a company where the no-meeting ethos is so ingrained that it's possible to work there for 10 years without ever speaking face-to-face with a single coworker, and for your boss to not even recognize the sound of your voice.

Keep Reading Show less
Michelle Ma
Michelle Ma (@himichellema) is a reporter at Protocol, where she writes about management, leadership and workplace issues in tech. Previously, she was a news editor of live journalism and special coverage for The Wall Street Journal. Prior to that, she worked as a staff writer at Wirecutter. She can be reached at
Protocol | Workplace

#AppleToo activist says Apple fired her for deleting apps from her devices

Janneke Parrish says she was dismissed after deleting Robinhood, Pokemon Go and Google Drive from her work devices during an investigation inside the company.

The Apple Too movement is trying to organize Apple workers into a collective movement.
Photo: Bloomberg via Getty

Unlike most other companies, Apple asks that its employees use their work phones like personal ones — and for five years, Apple program manager Janneke Parrish did as she was told. But last week, when Apple asked Parrish for her devices in an internal investigation, she was afraid Apple would see her personal and private information. She disobeyed orders and deleted apps like Robinhood, Pokemon Go and Google Drive. Then Apple fired her.

Keep Reading Show less
Anna Kramer

Anna Kramer is a reporter at Protocol (Twitter: @ anna_c_kramer, email:, where she writes about labor and workplace issues. Prior to joining the team, she covered tech and small business for the San Francisco Chronicle and privacy for Bloomberg Law. She is a recent graduate of Brown University, where she studied International Relations and Arabic and wrote her senior thesis about surveillance tools and technological development in the Middle East.

Latest Stories