This article was published in 2026 and references a historical event from 2018, included here for context and accuracy.
- Tension: Apps built on user trust quietly profit from the very data that puts their most vulnerable users at risk.
- Noise: Industry debate fixates on programmatic efficiency and revenue models, obscuring deeper questions about who bears the real cost.
- Direct Message: When the business model and the user’s safety are in conflict, only one of them can win.
To learn more about our editorial approach, explore The Direct Message methodology.
In 2018, Scruff made a decision that seemed, on the surface, like a straightforward business call. The gay dating app, with roughly 12 million users worldwide, announced it was pulling all programmatic advertising from its platform and shifting entirely to direct ad partnerships. No third-party ad networks. No data brokers in the middle. Just the company, its community, and the brands that wanted to reach them directly. The move barely registered as major news in the advertising world. It should have.
What Scruff understood then, and what the broader ad industry is still wrestling with today, is that data monetization carries a moral dimension that performance metrics rarely capture. For most apps, a user’s location, device ID, and behavioral signals are inventory. For Scruff’s users, a significant portion of whom live in rural parts of the United States where LGBTQ identity still carries real social and physical risk, that same data is something closer to a liability.
The gap between “free” and what it actually costs
The standard programmatic advertising arrangement works like this: an app integrates a third-party ad network, which serves ads to users based on targeting data, and the app earns revenue based on impressions or clicks. The app doesn’t need to build an ad sales operation. The revenue flows automatically. It’s the path of least resistance, and for most consumer apps, it makes obvious financial sense.
But the data exchange embedded in that arrangement is rarely spelled out for users. When an app integrates a third-party network, at minimum it’s sharing location data. Depending on the network and the integration, additional data points can travel along with it: device identifiers, behavioral patterns, and in some documented cases, sensitive personal health information.
In 2018, Grindr, another major gay dating app, faced significant public backlash after a BuzzFeed investigation revealed it had been sharing users’ HIV status with third-party analytics firms. That information had been voluntarily disclosed by users for personal health reasons, within what they understood to be a private platform. It ended up in the hands of outside companies. Grindr subsequently committed to stopping the practice, but the damage to user trust was substantial.
Scruff’s CEO Eric Silverberg cited this broader pattern of data leakage as central to his company’s decision to exit programmatic entirely. His reasoning was direct: the mere act of integrating a third-party ad network meant accepting some level of data exposure, and for his user base, that exposure carried consequences that revenue projections don’t quantify. With more than 80 percent of Scruff’s revenue already coming from subscriptions, the financial calculus also made the exit easier. But the principle behind it extended well beyond the numbers.
The tension Scruff was navigating is one that most platforms still haven’t resolved. Users trust an app with personal information because they believe the app will protect it. Platforms accept that trust as a condition of their relationship with users while simultaneously treating that same information as a monetizable asset. Those two things are in direct conflict, and the programmatic advertising ecosystem was built on the assumption that the conflict would never have to be openly acknowledged.
What the industry kept talking about instead
In the years since Scruff’s announcement, the advertising industry has had no shortage of conversations about data privacy. GDPR reshaped how European companies handle user data. The California Consumer Privacy Act introduced similar protections at the state level in the U.S. Apple’s App Tracking Transparency framework forced a reckoning with mobile attribution. The deprecation of third-party cookies triggered years of hand-wringing about the future of targeting.
Most of those conversations centered on what advertisers would lose, and how the industry could adapt its measurement and targeting capabilities to a more privacy-constrained environment. They were, in large part, conversations about preserving the machine in a modified form.
What received far less attention was the question Scruff had already answered for itself: whether the machine should be preserved at all for certain kinds of platforms and certain kinds of users. The industry’s consent frameworks addressed legal compliance. They addressed disclosure. They largely did not address whether consent, in the context of a marginalized community navigating real-world safety risks, was a sufficient ethical standard on its own.
The gap between legal and ethical has a way of staying invisible until something goes wrong. Grindr’s HIV data exposure went wrong visibly. But the quieter, ongoing exposure of location data for LGBTQ users in regions where being outed carries consequences has never generated the same headlines, because it tends to unfold without a single traceable incident.
What protection actually looks like
Trust is structural. If the architecture of your platform treats user data as inventory, no privacy policy changes that equation.
Scruff’s move to direct advertising wasn’t just a revenue strategy. It was a structural decision about what kind of platform the company wanted to be. By working only with advertisers who had a direct relationship with the Scruff team, including gay-owned businesses, LGBTQ advocacy organizations, health nonprofits, and relevant lifestyle brands, the company closed the data leakage loop at the source. There were no intermediaries to share with, because there were no intermediaries.
That model carries trade-offs. It requires building and maintaining a sales operation. It limits scale and targeting sophistication. It means saying no to revenue that a competitor might accept. Those are real costs. But they’re costs that Scruff chose to bear transparently, rather than passing a different kind of cost on to its users.
The lesson that keeps not being learned
The broader ad tech industry has spent the better part of a decade retrofitting privacy controls onto a system that was architected around maximum data extraction. Consent banners and opt-out mechanisms sit on top of infrastructure that was never designed with user protection as a foundational value. The result is a system that is technically compliant and functionally exploitative, depending on how closely you look.
What Scruff demonstrated is that the alternative requires making a different kind of decision upstream, before the revenue model is set, before the third-party integrations are baked in, before the business case has been built around data as a byproduct. Regulators are pushing in this direction, and so is the general direction of platform accountability. But regulation follows behavior; it rarely leads it.
The companies that will navigate the next phase of digital advertising with their user relationships intact are likely those that have already asked the harder question: not “how do we comply with privacy requirements?” but “what does it actually mean to protect the people who trust us with their data?” Scruff asked that question in 2018. Most of the industry still hasn’t answered it.
