From Dating Apps to Honey Traps: A Tale of Modern Espionage

As modern technology advances, love has transformed from personal proclamations of devotion into a simple swipe based on a single photo of an individual. Bumble, Tinder, and Grindr are just a few of the thousands of dating apps that pull over 200 million users per year.¹ In the world of espionage, surveillance teams can spend months tracking an individual's behaviors, activities, and preferences. Dating apps provide a near-perfect analysis of singles with information such as their height, age, and residence, all in a touch of a button. As more individuals depend on the internet for future relationships, intelligence agencies may rely on dating apps to identify and recruit potential espionage candidates.

HISTORY AND MODERN THREATS

The art of seduction is not limited to romantic partnerships. Individuals have often been baited into divulging confidential information through seduction. Honey pot operations exploit the human need for psychological and emotional intimacy to gain an advantage over adversaries. An operative induces individuals to divulge confidential information or perform tasks against a state by deploying seduction tactics. One notable honey trap espionage case involved a young woman by the name Marie Chilver or Agent FIFI. While employed by the Special Operations Executive (SOE) in the UK, she seduced and bedded trainees to test if they would divulge intelligence in such a scenario.² Her career in espionage fortified SOE security and resulted in the dismissal of operators who provided classified material. While Chilver’s talents were not deployed against foreign agents, her success demonstrates a state’s potential vulnerability to falling for honey traps. In the past, a successful honeytrap required personal interactions to build rapport with a target. Today, modern technology allows for relationships to grow by simple strokes of a keyboard.

Humans desire companionship and intimacy and look to romantic dating to fulfill such needs. One U.S. study reports that more than sixty percent of Americans are lonely, with numbers rising.³ Dating apps such as Tinder, Bumble, and Grindr act upon the “lonely” demographic by allowing individuals to find their perfect match by swiping right, meaning an interest, on profiles. During the COVID-19 pandemic, young adults experienced a sixty-one percent increase in loneliness leading Tinder to reach a swipe total of three billion in March alone.⁴ Loneliness allows an intelligence agency to manipulate such vulnerabilities for espionage purposes. The availability of dating apps lets an agency achieve spotting, assessing, and developing all in one place.

Targeted ads based on individuals’ preferences, actions, and overall history have made their way through social media. For instance, dating apps employ targeted ads to entice individuals looking for relationships to download the applications onto their phones. Spotting potential targets for a honey trap operation involves employing a targeted ad and waiting for the target to take the bait. From there, operatives employ several tactics such as cyber espionage in malware or detecting IP addresses. Both targeted ads and espionage seek to coerce a target into a favorable action. Not only do targeted ads reveal the social vulnerability of an individual, but the ads also collect information such as search engine history, favorite websites to frequent, and other personal information.⁵

Alongside using targeted ads to collect information, dating apps request information from users to build a personality profile. Generally, dating apps collect names, genders, and simple bio from a user. However, other apps seek more sensitive information, such as sexual preferences, that risk exploitation. For example, Tinder collects sexual preferences, exact locations, current job roles, and musical partialities. Hinge recalls drug usage, sexual preferences, and exact locations as well.⁶ The most vulnerable app is Grindr, an app targeted towards LGBTQ+ users; Grindr gathers data such as preferred sexual positions, HIV status, and even a time log of when the app is accessed.⁷ In particular, the app raises concerns for blackmail as some users have not made their sexual preferences public and allow lewd photos as profile pictures. If a user utilizes the app to explore other sexual preferences secretly, an intelligence service can leverage messages and pictures to coerce a target into performing espionage. The bountiful data collected by the dating apps are valuable to operatives in assessing targets. If one knows an individual’s romantic preferences, a honey trap becomes as simple as following directions.

The recruitment of assets relies upon locating an individual, and dating apps provide such information freely. Dating apps access an individual’s current location to provide matches within proximity of that locale. While the applications advertise their ability to find a romantic partner in one’s area, the access to a current location poses a considerable security risk, such as the potential for surveillance. A surveillance team reduces the risk of losing the source if it simply needs to log onto an app from afar. While dating apps do not publicize exact locations, one study explains the ease of pinpointing by applying the triangulation method.⁸ The technique calculates the distance from a target at three different positions to determine an individual’s location. Triangulation allows intelligence agencies to see where an individual may reside and the locales where he or she often visits. Additionally, knowing where individuals frequent allows operatives to know where to mount the operation.

Intelligence agencies occasionally infiltrate political movements to thwart national security threats. Such deception parallels operations where case officers support one entity yet look to gain the upper hand for another. Deception operations rely on having a subject fall for the bait, which comes at a risk of being caught. Nevertheless, the operative can quickly build rapport and potentially acquire confidential information when a subject takes the bait.

The capital riots demonstrate how intelligence officers can use dating apps to collect intelligence in times of political turmoil. On January 6, 2021, rioters stormed the US Capitol building in an effort to attack US Congress members.⁹ After the riots, women turned to dating apps like Bumble to match with capital rioters and send their information to the FBI.¹⁰ They changed their political affiliation to conservative on the app and induced discussions with men who displayed MAGA gear alongside photos and videos of them at the capital. Later, they would go to dinner or drinks where the women gathered information and sent the target’s profiles to the FBI. These civilians used a honey trap to collect information that could thwart future attacks against the state. The dating apps provided a straightforward system to detect adversaries. The women exploited the ideology and pride that drove the rioters to proudly display their insurrection on the app to coerce men into revealing their complete identity.

MAIN THREATS TO THE US

As people worldwide swarm to dating apps, foreign agents use open-source data for intelligence purposes. The number one security threat against the United States is the People’s Republic of China. Counterespionage threats from the communist government have soared in recent years, especially in the cyber realm. Chinese firm Kunlin Tech LLC purchased Grindr in 2016, creating a slew of national security concerns for the US. Grindr collects a plethora of information from its three million daily users.¹¹ The US CFIUS (Committee on Foreign Investments) denounced how Kunlin sold copious amounts of this info to third parties, most critically to the Chinese government. One European user stated that several obstacles stood in his way to access his personal information on the app such as a high-resolution copy of a government-issued ID or passport.¹² This information allows Chinese Communist Party (CCP) operatives to readily replicate sensitive documents or gather personal material to plan a penetration.

In 2020, CFIUS ordered Kulin to sell the app, which it did to Vicente Acquisition LLC for 600 million.¹³ However, this raises its own red flags as James Lu, a former executive at the Chinese internet search engine Baidu Ince, has a majority stake in the company.¹⁴ Not only does this run the risk of corporate espionage, but it allows China to have leverage over an individual who potentially possesses classified information of interest.

Dating apps provide opportunities for Chinese operatives to exploit romantic interactions. The Chinese dating app OE Dating has procured an event termed “Fly for Love,” which entices international men to travel to China andcul go on potential dates.¹⁵ Such travels make it almost too simple for a Chinese spy to gain information from unsuspecting actors. By making men travel to China, the CCP gains unrestricted access to the individuals’ search engines, messages, and calls. Flying individuals to China also opens opportunities for a Chinese operative to conduct a honey trap.

The CCP is ruthless with its honey trap operations. One Chinese woman seduced and drugged former Dutch Ambassador Ron Keller in Beijing to collect confidential documents from his phone and laptop.¹⁶ In addition, she had compromising photos that the two exchanged for blackmail if he was not cooperative. The design and execution of honey trap operations in China culminate in absolute control over an individual.

While China is the most critical national security threat, Russia is the next contender in espionage. Recently, the Russian Federation ordered Tinder to provide user data to Russian agencies, including the FSB security agency.¹⁷ The app is obliged to store user data such as text, audio, and video messages for at least six months.¹⁸ Tinder was subsequently added to a list by Roskomnadzor, the communications supervising body, of more than 170 services from which the Federal Security Service (FSB) can demand users' data. While Russians contend such measures only protect the state from extremists, this bountiful collection allows a vast infringement on privacy. Under these laws, individuals face possible extortion regarding past illicit messages or images sent. Furthermore, the FSB has access to the locations of individuals since Tinder publishes where one resides.

CONCLUDING REMARKS

Given the relative ease of gaining access to information, the US should look to dating apps in future intelligence operations. Since many dating apps are free, the cost to intelligence agencies to use their services is nonexistent. As other companies pay for the data collected by targeted ads, US agencies may perhaps similarly access the data for intelligence use without any privacy infringement. Likewise, employees with clearances must be cognizant of targeted ads when using military or other sensitive communication devices. The amount of data that can be used to spot and assess potential espionage candidates should not be ignored. When job candidates apply for a position requiring a security clearance, dating apps need to be part of the background check. Although most agencies already brief employees about the risks of traveling abroad, employers need to include dating apps in the conversation.