A Match.com glitch reactivated a bunch of old profiles and their owners are horrified

On a recent Sunday, creative director Jason Debiak was having breakfast with his family in New Jersey, when something strange happened.

"I was having an adorable breakfast with my family, my 2-year-old daughter and my wife," she says. "Something came up [on my phone] and I usually try not to check my email, but I checked my email and it said: & # 39; You have 10 new matches on Match.com & # 39; I was like … what?"

Debiak's profile, long forgotten, and he supposed it had been removed a long time ago, a decade ago, had suddenly reactivated. "I enter, and there I am, for 15 years, with less gray," he said. "And my whole profile is there, everything." Judging from the messages he received, Debiak says it appeared that the account had been reopened for about a week.

"I got in touch with customer service and they said, 'Oh, we're sorry you received e-mail notifications, we'll turn off e-mail notifications,' said Debiak. "And I was like," No, you do not understand, I do not just do not want e-mail notifications: I do not want to be on your website, ever . "# 19659005] I do not want to be on your website, ever. "

A spokesperson for the Match Group confirmed that a" limited number "of old accounts had recently been accidentally reactivated and that any affected account received a password reset. The current privacy statement of Match.com, which was last updated in 2016, says that the company can "retain certain information associated with your account" even after closing it. But that Match Group spokesperson also said The Verge that the company plans to launch a new privacy policy "in the next month or so," to comply with the EU's General Data Protection Regulation ( GDPR); according to the new policy, all those old accounts will be deleted. The Verge has asked for clarification on which accounts will be eligible for elimination, and what "elimination" will specifically involve, but has not received an answer as of press time.

In the past, it has not been uncommon for dating websites to use and retain their data for research, marketing or, as the current Privacy Policy of Match.com, "record integrity". In a 2009 report from ComputerWorld, then-eHarmony's vice president of technology, Joseph Essas, said: "We have a file strategy, but we do not delete you from our database, we'll remember who you are." Herb Vest, the founder and CEO of the now defunct dating website True.com, said in the same report: "The data is just there." Even if the profile reactivations were only a problem in the Match system, they are a clear reminder that the Internet is not easily forgotten.

Although there is no federal data destruction law in the United States. In the US, 32 states, including Texas, where Match Group has its headquarters, have data elimination laws that require "entities to destroy, eliminate or make personal information unreadable or unreadable." In addition, 13 states, which also include Texas, have laws that require private companies to maintain reasonable cybersecurity practices. If that sounds vague, that's because it is. "A lot of this is still, I do not want to call it amorphous, but it's still being defined, frankly," explains Scott Shackelford, associate professor and president of the Cybersecurity Program at Indiana University Bloomington. "What is reasonable is a moving goal."

But that does not change the fact that many previous users of Match.com are surprised by this, not to mention that Match cheated them. It is not clear how many people saw their years: the inactive profiles of Match.com were recently reactivated, but it is not difficult to find complaints about ghost profiles online.

Launched for the first time in 1993, Match.com became a dating colossus. Its parent company, Match Group, now has dating applications such as OkCupid, PlentyofFish and Tinder. (According to reports, he tried to buy Bumble last year, and now he is involved in a dirty lawsuit with the application that involves trade secrets and intellectual property). OkCupid allows users to delete or disable their accounts, but still retains the data. PlentyofFish and Tinder's privacy policies state that they will retain data "only as long as we need it for legitimate business purposes and as permitted by applicable legal requirements." Tinder, like Match.com. It also states that it will "keep certain data" after closing your account.

"There are probably good reasons to keep the profiles deleted for a period of time, for example, to prevent or detect repeated users or false users, etc." Albert Gidari, director of privacy consultancy at the Stanford Center for Internet and Society, wrote in an email. "But that does not mean forever."

Rob P., who had been an active online dater since around 2005, recently had his Match.com profile re-emerge, although he is now engaged. And his experience with Match.com's customer service after the fact was frustrating. He just wanted someone to erase his profile, but nobody would. "They kept using the terminology that was … not saying that it was permanently deleted, simply 'not visible' or 'inaccessible'," he says. "And I kept saying:" It has to be eliminated ".

Match Group has encountered complaints about this before. A class action lawsuit filed in 2010 by former subscribers claimed that Match.com was trying to trick users by keeping inactive and fraudulent accounts visible. "With respect to inactive members (that is, members who canceled their subscriptions and / or allowed their subscriptions to expire)," says the file, "Match practically does not take any action to delete these profiles (which remain in the system, they can be searched by members, appear as and in fact are counted among the "active members" of Match) for months and sometimes years after the individuals have become inactive. "The claim was dismissed in 2012 after the judge District Sam Lindsay found that the Match user agreement did not require to remove these profiles.

In 2015, California resident Zeke Graf filed a class action lawsuit against Match alleging that the company knowingly violated a California civil code that requires each dating services contract to include a statement that allows the buyer to cancel its subscription. That demand was later voluntarily dismissed by Graf.

In a world increasingly aware of privacy, the sudden appearance of zombies from an old profile on social networks would be a disconcerting experience for anyone. But online dating, in particular, places people in a vulnerable position, often encouraging users to reveal as much of themselves as possible. "You are completing questionnaires about your beliefs and feelings and about who you are as a person," says Rob P. "Fortunately the algorithm uses that information to match you with the best compatible partner, but it's scary to think that they cling to that data even after closing. your account".

Former user Katie Storms also saw her account, which she deactivated in 2014, will appear again this month. You are concerned about the privacy of the data, but also the most immediate impact that a new dating profile could have on your current relationship. "Fortunately, I'm married to an amazing man who immediately told him: 'Hey, this happened, and I'm worried,' and we reviewed it together," he says. "I can not imagine … it's not that I want to be married to someone who is not understanding about it, but what if it is?"

Jason Debiak also told his wife about the rogue profile immediately, but later he discovered that some of his friends had seen him, and thought that it was evidence of something more sinister. "That would have caused a big problem if I had not seen those emails," he says.

Zombie profiles can also affect current users, who, once again, are putting themselves in a vulnerable position, only to face people who are not looking for appointments. "I felt it was a bit of a breach of privacy for me, and I cheated people who are on Match.com at this time looking for people," says Storms. "I do not blame people who saw my profile and winked at me, but I'm sorry, I'm happily married."

Data retention policies, especially in the US UU., They may vary from one company to another. Match Group has data from thousands of users and, as the recent scandals and controversies about the consequences of user data retention have taught us, you do not have to be completely transparent about what you are doing with that data. But these reactivations are a reminder that the Internet has a long memory, and the burden often lies with the user to be aware of what they share. "Obviously, we need more transparency and control over our own data," says Rob P. "But it feels like an unknown territory"