Plot thickens: Tracking the Grindr habits of US Bishops Conference official

grindr

A Catholic publication that outed a high-ranking Catholic priest as gay and a regular user of the app Grindr and led to his resignation as the secretary-general of the U.S. Conference of Catholic Bishops has not revealed where it obtained the data used in its report.

But some experts say the level of detail included in the story suggests that whoever provided the information has access to large datasets and methods of analysis that could have cost hundreds of thousands of dollars—or more.

“When I first heard that this was happening, my mouth hit the floor,” Zach Edwards, the founder of the boutique analytics firm Victory Medium, told America.

A data expert, Mr Edwards previously helped a Norwegian consumer rights group bring a complaint against Grindr in 2020 that alleged that the gay hookup app violated European privacy laws by leaking users’ personal data.

The company was eventually fined more than $11 millionearlier this year by the Norwegian Data Protection Authority.

Mr Edwards described the level of detail revealed in the data points included in The Pillar article as “alarming.”

Zach Edwards  the founder of the boutique analytics firm Victory Medium, described the level of detail revealed in the data points included in The Pillar article as “alarming.”

The Pillar has not said where it obtained the data about Msgr Jeffrey Burrill, who resigned shortly before the story about his use of the app was published.

The editors of The Pillar, J. D Flynn and Ed Condon, did not reply to an email from America asking who provided the data.

More surveillance and tracking technology will not produce righteous men fit for ministry.

 

Instead, it will contribute to a culture of suspicion and perpetuate the lack of trust in the Catholic Church.

Mr Edwards said that acquiring data that appears to have been collected over at least three years could be costly and may have required a team of researchers to sort through it to identify specific individuals tied to the data.

He estimated that the “database and deanonymization efforts” used to obtain details about Monsignor Burrill could have “run into the hundreds of thousands if not millions of dollars.”

The article in The Pillar contained allegations that a phone associated with Monsignor Burrill regularly logged onto Grindr, a dating app used by gay men, during periods of several months in 2018, 2019 and 2020 from his home and office in Washington, D.C., as well as from a family lake house in Wisconsin and from other cities, including Las Vegas.

“The inclusion of [Monsignor Burrill’s vacation destinations] speaks to a level of tracking obsession,” Mr Edwards said.

“Every Catholic should hope that’s the case because that is the only scenario that’s not a dystopian nightmare.”

It is possible, he said, that a person or organization held a grudge against Monsignor Burrill and tracked only his data.

But he worries that the data appears to have been shopped around since 2018 and that whoever has access to it now probably has more information to release.

Mr Edwards estimated that the “database and deanonymization efforts” used to obtain details about Monsignor Burrill could have “run into the hundreds of thousands if not millions of dollars.”

“It either is a larger organization tracking multiple priests and we have more shoes that are going to be dropping” or it was focused only on Monsignor Burrill, he said. He can imagine a situation in which the data could be used to blackmail or extort church leaders.

The inclusion of [Monsignor Burrill’s vacation destinations] speaks to a level of tracking obsession.

 

Every Catholic should hope that’s the case because that is the only scenario that’s not a dystopian nightmare.

The specificity of geography included in The Pillar story suggests that whoever provided the information to the publication had access to an unusually comprehensive dataset that would have gone beyond what is normally available to advertising firms.

“That’s a really expensive, dangerous data sale,” he said.

Large, “deidentified” data sets like this—information that does not contain names or phone numbers—are often sold in aggregate for advertising purposes or even to track mass travel during epidemics.

The data used as the basis for The Pillar story appears to have tracked Monsignor Burill through a process known as re-identification, which some experts said may have violated contracts from third-party vendors, who routinely prohibit the practice.

Yves-Alexandre de Montjoye, an applied mathematics professor at Imperial College, London, who has studied the ease with which individuals can be identified through supposedly pseudonymized data, told America the report in The Pillar was “quite vague on the technical details.”

But he said that, in general, a researcher or team of analysts can identify an individual with access to just a few data points.

He gave as an example a fictional person living in Boston: That person’s mobile device may send a signal from an M.I.T. classroom in the morning, from a Harvard Square cafe in the afternoon, then in the evening from a bar in the Back Bay followed by a signal from a home in South Boston.

The specificity of geography included in The Pillar story suggests that whoever provided the information to the publication had access to an unusually comprehensive dataset that would have gone beyond what is normally available to advertising firms.

“A few of these places and times are going to be sufficient” to match other information a researcher might know about an individual that taken together makes it possible to identify the user of the mobile device, Mr Montjoye said.

That other information could include real estate records, social media posts or even published agendas.

Even in large cities with millions of people, it is not difficult to use just a few data points to identify an individual as “very few people will be at the same places at roughly the same time as you.”

The co-founders of The Pillar defended their story against criticism that called the story journalistically unethical, saying in a statement that they “discovered an obvious correlation between hookup app usage and a high-ranking public figure who was responsible in a direct way for the development and oversight of policies addressing clerical accountability with regard to the Church’s approach to sexual morality.”

Daniella Zsupan-Jerome, the director of ministerial formation at St. John’s University School of Theology and Seminary in Collegeville, Minn., said more and more surveillance and tracking technology will not produce righteous men fit for ministry.

Instead, she said, it will contribute to a culture of suspicion and perpetuate the lack of trust in the Catholic Church.

“Why not invest instead in formation processes that insist on a culture of honesty, transparency and integrity of character?” she said, adding that if and when religious leaders are found to have moral failings, there is a need to create space for conversation among the faithful.

“Sadly, many of us have had the experience of finding out scandalous information about a priest or pastoral leader. This is a shocking experience, often coupled with a sense of betrayal, sadness, grief, anger, disgust and even despair,” she said.

This is about the worst thing that could ever possibly happen to Grindr’s business

“Communities experiencing this need spaces for turning together for conversation, honest sharing, and gathering to lament and grieve the loss of trust that occurred.”

Hours before The Pillar published its report, the Catholic News Agency published a story stating that the organization had been approached by a person in 2018 who “claimed to have access to technology capable of identifying clergy and others who download popular ‘hook-up’ apps, such as Grindr and Tinder, and to pinpoint their locations using the internet addresses of their computers or mobile devices.”

The story said that C.N.A. declined to accept information from this person.

In a statement, Grindr called The Pillar’s report an “unethical, homophobic witch hunt” and said it does “not believe” it was the source of the data used. The company said it has policies and systems in place to protect personal data, although it didn’t say when those were implemented.

Mr Edwards, who has been critical of Grindr’s privacy protections, said, “This is about the worst thing that could ever possibly happen to their business.” Continue reading

Additional reading

News category: Analysis and Comment.

Tags: , , , ,