“Commitment to Privacy: Raw Dating App Exposes Sensitive User Information”

Any application that compromises user data raises significant concerns, particularly in the realm of dating apps where sensitive personal information is involved. A newly emerged platform named Raw, which seeks to transform the online dating landscape, has drawn scrutiny for unintentionally exposing user data.

Launched in 2023, Raw positions itself as a solution to common issues inherent in online dating, such as the prevalence of fraudulent profiles and misleading images, as well as the phenomenon known as ghosting. The application encourages users to share their locations and post daily photos to foster a more genuine matching experience.

The app collects various forms of user data, including name, birth date, gender identity, photos, geolocation, and IP address, with certain data stored on servers located in the United States.

According to its privacy policy, Raw claims to employ end-to-end encryption. In their consumer FAQ, the company states:

“Your information is cloaked in encryption and guarded like a princess in a castle by our devs. We don’t sell or share your info in any way – your privacy is a promise we don’t break.”

While the intent behind this declaration is apparent, reports from TechCrunch reveal discrepancies between the claim and practice. The publication conducted a thorough examination of the app using a virtualized Android environment, establishing a new user account and observing that the server responded to requests for profile data without requiring any form of authentication.

Raw utilizes an application programming interface (API) to handle data requests, allowing its app to retrieve user profile information from its servers by transmitting an 11-digit user ID.

TechCrunch discovered that an individual with access to the API could easily extract information from any profile by merely inputting the corresponding user ID. Furthermore, by adjusting user ID numbers systematically, one could amass data from multiple accounts concurrently.

At the time of reporting, Raw had not acknowledged this issue on their platform. CEO Marina Anderson informed TechCrunch that the matter had been rectified and that relevant regulatory bodies had been alerted. However, there was no indication of a third-party audit being initiated for the app.

Beyond enhancing user matching, Raw aims to innovate further by introducing the Raw Ring—a wearable device equipped with sensors to monitor vital signs and an audio tracker. Marketed as a tool to combat infidelity, this device claims to analyze voice and emotional cues to unveil underlying truths, promoting the concept of a “Flirt-Free Zone.”

This direction raises ethical concerns, particularly given the historical misuse of surveillance technology in controlling relationships. Numerous instances have highlighted the dangers associated with applications and devices that expose sensitive personal information.

While the Raw Ring promises end-to-end encryption for data stored in the cloud, the previous data exposure incident raises questions about users’ willingness to engage with such technology following these security oversights.

Communications have been sent to both Anderson and Raw seeking clarification on these issues. Updates will be provided upon receiving responses.