> We (...) have not shared geolocation data with ad partners for many years
Mobile operating systems don't have good (if any) support for opening things in subprocesses with restricted permissions from the rest of the app. So if Grindr loads an ad, that ad runs with Grindr's permissions. Same for any analytics code that ad uses. So if Grindr gets geolocation, even temporarily, so does every ad partner they have, whether they like it or not.
And the thing is, ads are a bottomless pit of third-party JavaScript. Nobody trusts nobody in the ad space, so everyone wants their own trackers doing their own client-side data collection. So Grindr doesn't have to know anything about Gravy Analytics, they just have to have an ad partner decide to use them and bam, they're compromised.
>Mobile operating systems don't have good (if any) support for opening things in subprocesses with restricted permissions from the rest of the app. [...]
>And the thing is, ads are a bottomless pit of third-party JavaScript. [...]
If it's actually javascript, attempting to grab location would result in a weird location prompt[1] that shows even if you granted the app location permission. It's still conceivable for a random SDK to go rogue and exfiltrate location data, but it's unlikely that an ad in a webview would be able to.
That's the whole reason companies like Gravy exist—they call it 'location intelligence', they make inferences about location based on various things they do have access to, rather than necessarily directly collecting it from the user using GPS location tracking.
Mobile operating systems don't have good (if any) support for opening things in subprocesses with restricted permissions from the rest of the app. So if Grindr loads an ad, that ad runs with Grindr's permissions. Same for any analytics code that ad uses. So if Grindr gets geolocation, even temporarily, so does every ad partner they have, whether they like it or not.
And the thing is, ads are a bottomless pit of third-party JavaScript. Nobody trusts nobody in the ad space, so everyone wants their own trackers doing their own client-side data collection. So Grindr doesn't have to know anything about Gravy Analytics, they just have to have an ad partner decide to use them and bam, they're compromised.