AILSA CHANG, HOST:
Who knew the dating app Grindr could pose a possible national security risk? The Chinese company that owns the dating app is now selling it, after a U.S. government panel ordered it to. Grindr caters to an LGBTQ crowd. People who use it post personal photos, talk about their sexual and gender identities. Many users disclose their HIV status on Grindr. And according to Reuters, which first reported this, U.S. officials believe the Chinese government could end up exploiting that information. To talk about the implications of all of this, we're joined now by Chris Calabrese of the Center for Democracy and Technology. Thanks for coming into the studio today.
CHRIS CALABRESE: Thank you. It's my pleasure.
CHANG: So I learned that this little-known body inside the U.S. government is what forced the Chinese company Kunlun to sell Grindr. The body's called the Committee on Foreign Investment in the United States, or CFIUS, which sounds like some character in a sci-fi movie to me.
CALABRESE: (Laughter).
CHANG: What is CFIUS? What does it have the power to do?
CALABRESE: It has the power to do exactly what you just said; it can say to a company, usually before a purchase happens, no, we think there are national security interests at stake here, and we - this sale can't happen. It can also...
CHANG: It can just force the foreign company to unwind?
CALABRESE: It can force the foreign company - well, it can force the foreign company, and usually, it's before the sale happens because unwinding is expensive. But as you can see here, they also have the power to unwind a transaction after the fact, if you don't go through their process to get your preapproval for a purchase.
CHANG: And what happens if the company refuses to abide by the request by CFIUS?
CALABRESE: You know, I don't know that I've ever had that happen. I mean, it's - they have a legal obligation to do it, and I can't imagine - I think they would be stopped from operating in the United States.
CHANG: So did CFIUS give an explanation for why they did what they did in the case of Grindr?
CALABRESE: Not a public one. They will say, you know, it violates the national security interests of the United States, but they will give a private explanation to the company, but they don't give a public explanation.
CHANG: All right. Walk me through what the fears are here. Can you just explain - how could the Chinese government somehow use Grindr to harm U.S. national security interests?
CALABRESE: Well, there's a couple of things are worried about; the first is blackmail. I know stuff about you. You're not out, but I know you're gay because you're on Grindr. I know your HIV status. The second one is a little bit more sophisticated. I can use Grindr to actually insert an agent into your life. You're on Grindr looking for a partner, I put a Chinese operative together with you, and that person starts a relationship with you and uses that relationship to exploit you.
CHANG: And you meaning, in these hypotheticals...
CALABRESE: Somebody who's...
CHANG: ...A defense contractor...
CALABRESE: Right.
CHANG: ...A federal employee.
CALABRESE: That's exactly right. And then the third thing is, I have people of interest who are on Grindr, and I can use the fact that I know precise geolocation about them to basically track them around and learn all kinds of things about them and what - the work - the stuff they're working on from that location information.
CHANG: This is like the stuff of spy novels, but these are very real possibilities.
CALABRESE: You know, they are, and it all goes to the fact that we're sharing a lot of personal information with third parties, and we trust those third parties implicitly; in cases like this, maybe we shouldn't. And another piece that may or may not be related but I'm almost certain is, is about three or four years ago, the federal government suffered one of the worst data breaches in U.S. history.
CHANG: Right.
CALABRESE: It was...
CHANG: In the U.S. Office of Personnel Management.
CALABRESE: That's right. The Office of Personnel Management essentially was breached, was hacked, and what was taken was all of the personnel records of every federal employee - so we're talking of, like, 22 million people - including their background checks, security clearances. John Bolton, the national security adviser, hasn't come out straight out and said it but has sort of implied that they believe it's the Chinese...
CHANG: Right.
CALABRESE: ...Who performed this hack.
CHANG: But China has denied any role in this.
CALABRESE: China has denied any role in this. But if there's reason to believe that China has very detailed information on federal employees, you can easily imagine that kind of information, combined with the kind of access that you would get using the Grindr app, to really allow some pretty scary espionage and some pretty detailed investigations of things that the U.S. would certainly not want China to know.
CHANG: Chris Calabrese is vice president of policy at the Center for Democracy and Technology. Thanks very much for coming in today.
CALABRESE: Thanks. Transcript provided by NPR, Copyright NPR.