The Washington Post reports that the top administrator of the U.S. Conference of Catholic Bishops is resigning after a Catholic news site revealed that it had access to his cellphone data, which showed that he’d been using a gay dating app named Grindr and had been going to gay bars. At first blush, it’s a relatively minor Catholic priest scandal, but the details have enormous ramifications for all of us and our privacy.
Monsignor Jeffrey Burrill’s cell phone data was accessed, de-anonymized and reported publicly — all of which is completely legal. It’s not yet clear who is responsible for collecting Burrill’s data, but it was reported in the Pillar, an online Catholic newsletter. The Pillar said it had gotten at least some of its info from Grindr itself, which collects data from all it users, like most apps do.
“A mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 — at both his USCCB office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities,” the Pillar reported. “The data obtained and analyzed by The Pillar conveys mobile app date signals during two 26-week periods, the first in 2018 and the second in 2019 and 2020. The data was obtained from a data vendor and authenticated by an independent data consulting firm contracted by The Pillar.”
However, Grindr disputed the Pillar’s version of events, saying it was “incredibly unlikely” that anyone could have accessed Burrill’s data from their info, saying it was “infeasible from a technical standpoint.”
Infeasible or not, it’s pretty clear that someone was able to figure it out, via Grindr’s data or some other means. Privacy experts have been sounding the alarm on the anonymized data apps collect for a long time, which is typically sold to marketing companies. Private companies have defended their collection of this data, saying they remove identifying markers before selling, but experts contend it’s not impossible for dedicated sleuths to de-anonymize it and figure out who the data original came from. And, crucially, there’s no law against doing so.
The experts the Post talked to say they’ve never heard of private data being leveraged like this before, but none of them were particularly surprised either. As more and more people learn how access and sift through cell phone data, more people could use it for their own agendas.
The Church says Burrill resigned on his own terms.