Later, they noticed that their profiles also showed up on nearly 60 other dating sites that were unknown to them. Many were clearly intended for porn a different set of demographics and descriptors than those mentioned in the individuals’ own profiles. The main page of these affiliated sites often targetted very specific demographics (e.g. specific STDs). Independent entrepreneurs were paid for each member that signed up to the network through an affiliate site. The number and names of all sites potentially involved (i.e., where a user’s personal profile was available) could not be known since their numbers change daily, https://t.antj.link/192379/3788/0?bo=3471 as new sites open and existing ones close. We found that user profiles had not been disclosed since they were part of a single database controlled by SuccessfulMatch and were not accessible to the independent entrepreneurs responsible for marketing the affiliated sites. However, since the complainants could not have anticipated the availability of their sensitive personal profiles via these other affiliated websites - even if they were ultimately controlled by SuccessfulMatch - and they were not offered an opt-in or opt-out option, our Office concluded that the complainants had not provided their consent for their personal information to be used in this way.
It was also clear that the organization had not fulfilled its responsibilities under PIPEDA to be open about its personal information management policies and practices. Additionally, there was evidence to confirm that some registered members’ personal information could be accessed by non-members via simple searches on a common search engine. This led to our conclusion that proper safeguards were not in place. It also confirmed that there are no disclosures of personal information to exterior third parties. The complaint was thus well-founded and resolved. Organizations must ensure that there is knowledge, as well as consent, for the collection, use or disclosure of individuals’ personal information. Organizations must make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used. For consent to be meaningful, the purposes must be stated in a manner such that the individual can reasonably understand how the information will be used or disclosed.
An organization’s security safeguards must protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Organizations must be open about their policies and practices with respect to the management of personal information. Individuals must be able to acquire information about an organization’s policies and practices without unreasonable effort. After becoming members of Positive Singles, they discovered their profiles on other dating websites. 2. Positive Singles is an online dating website aimed at individuals with sexually transmitted diseases ("STDs"). Positive Singles’ parent company, SuccessfulMatch, is incorporated in California. On the Positive Singles homepage, it claims to be "The best, largest, completely anonymous and most trusted online dating site for people with Herpes, HPV, HIV/AIDS, Hepatitis, Chlamydia, Gonorrhea, Syphilis and other STDs in the world." While individuals may become a member of the website at no cost, different levels of service on the website are available to members for a fee. This po st has been created by GSA Content Generat or Demoversi on!
3. The complainants claim that they are all members of Positive Singles. When setting up their online profiles on the website, they provided sensitive personal information about themselves; alleging that they were made to believe that the information would be protected. 4. However, they assert that they were later "devastated" and "embarrassed" when they discovered that their profile pictures and certain medical information which they had provided Positive Singles, as well as other highly personal information from their online profiles, also began appearing on many other dating websites. 5. For sex example, one of the complainants provided evidence to this Office that her personal profile appeared on 57 other websites, some of which claim specifically to exist as a network for members who portray themselves as "gay", "black" or "male", or having HIV, AIDS or Hepatitis, or seeking "hook-ups" ─ descriptors that she claims do not correspond with the profile that she had posted on Positive Singles.
6. The complainants contend that they had not consented to their personal information appearing on the other sites, they had never been given an opt-out option by Positive Singles, nor had they ever been informed that the other sites existed. 7. Moreover, the complainants claim that when they realized how their information had been shared with other sites, they asked Positive Singles on numerous occasions to remove their personal information from those sites. The website did not comply. 9. During our investigation, we examined SuccessfulMatch’s various websites and business model. 10. In addition to Positive Singles, SuccessfulMatch operates a website entitled "SuccessfulMatch.com". 11. For its part, Positive Singles is a dating site owned by SuccessfulMatch where individuals seeking matches may register and create a personal profile, as the complainants did in this case. In addition to Positive Singles, there are several other dating sites within SuccessfulMatch’s operations, which are focused on different demographics.Footnote 1 For each of its dating sites, there is a main network website and a number of "affiliate" sites that are connected to the main network site.