More than 7 million OkCupid users trust the site with their most intimate details in exchange for potential dates. You lay your heart on the table (or more accurately, in your profile); your disclosures nab you a romance. After all, it’s hard to get a date without showing who you are.

But to connect with other members, you also have to share with OkCupid. And the site, which was purchased in 2011 by corporate giant Match.com, is famous for making the most of its users’ data, whether to analyze on its OkTrends blog or to make money.

Is this “data for a date” relationship that so many of us have with OkCupid worth it, or is it a privacy heartbreak waiting to happen? We researched OkCupid.com to see how it collects and uses its members’ information. In Facebook parlance, it’s a little complicated.

Like many free dating sites, OkCupid sells its members’ data to advertisers. And even though it hasn’t suffered a hack or a data breach yet, other online dating sites have, from PlentyofFish to eHarmony. One thing is clear: your personal information isn’t private on OkCupid.



OkCupid doesn’t offer secure browsing with HTTPS

OkCupid doesn’t support HTTPS, a standard web encryption that ensures that information is sent and received in an encrypted form (so it looks like random characters) rather than plain text. The lack of HTTPS means that anyone on your wireless network can potentially read any OkCupid email, page view, chat message, search entry, profile info, clicked link, and even answers to your hidden questions. Because many OkCupid users express their sexual orientation, religious and political beliefs, drug use, and other highly personal info on the site, a data breach could be disastrous.

Trackers and ad networks and analytics; oh my!

Using our Do Not Track Plus browser privacy tool, we found that OkCupid used nine different tracking companies and ad networks to obtain information about its visitors. These trackers aren’t a part of OkCupid: they’re independent third parties mining user data like clicks, ad views, pages visited, and time spent viewing a particular profile.

The FTC has stated that dating sites must inform new users about how they plan to use their data, and it’s unlawful for a site that says it will keep your data safe to later sell it to advertisers. How they must inform you, however, isn’t well-defined: many hide the fact that they’re swapping your information across the web deep within lengthy privacy policies or terms of use. OkCupid admits to this sort of behavioral tracking of its users in its Privacy Policy:

“. . . we may partner with third party advertisers who may (themselves or through their partners) place or recognize a unique cookie on your browser. These cookies enable more customized ads, content or services to be provided to you.”

Anything you post on OkCupid may be there forever



Even if you delete information from your profile or account, OkCupid states that “we may keep such information archived indefinitely.” Put bluntly, anything you post on the site may be there forever. OkCupid’s privacy policy states that the site collects its members’ “personal interests, gender, age, education, occupation and certain relationship preferences. . . name, email and photo,” as well as their browser and IP address. Of course, members usually choose to disclose far more than these things to experience everything the site has to offer, answering questions, posting photos, taking quizzes, and filling out location information.

The site also uses anonymous data to compile the dating research it presents on OkTrends, investigating things like messages received versus attractiveness and personality traits by sexual orientation.

After digging into OkCupid’s Privacy Policy, we learned that they say that “third parties” and “service providers” can access members’ personal information in order to “direct[] and display[] specific advertisements” to them. Advertisers can compile information about whether you or anyone else who’s using your computer saw their ads and clicked them. In this way, they build a profile of your likes and interests to target you with ads that they believe you’ll respond to.

We also learned that you can email OkCupid at privacy@okcupid.com to request that they don’t share your information with others.

Match.com now owns OkCupid, which means way more data sharing



Match.com itself is owned by IAC/InterActiveCorp, which owns more than 50 companies and websites including CitySearch.com, CollegeHumor.com, Ask.com, Vimeo.com, Chemistry.com, and UrbanSpoon.com. IAC’s Privacy Policy allow it to share information freely between the many companies and websites it owns, as well as “Other businesses with which [it] partner[s].” In other words, your OkCupid data can be shared freely among the 6th largest online network in the world. Not very private.

Now that Match.com (and thus IAC) owns OkCupid, Match also owns OkCupid’s members’ information. As OkCupid’s privacy policy states,

“If the ownership of all or substantially all of the OkCupid business or assets were to change, your user information would likely be transferred to the new owner(s).”

If you’re a member of OkCupid and the thought of the many websites that IAC owns accessing your personal information doesn’t appeal to you, now’s a good time to cancel that account.

Summary of our findings on OkCupid privacy:

– OkCupid.com uses multiple web trackers, ad networks, and tracking cookies

– It shares your information with a large network of advertisers and partners

– Anything you post may be stored forever

– Match.com, IAC, and all of IAC’s properties may now access all of OkCupid’s user information

Tips for staying more private on OkCupid

