The Right Match

Next Article

and

Jared Sine expertly steers Match’s matchless legal department through shifting data privacy regulations

By Hana Yoo and Robert Henry

Jared Sine Chief Legal Officer and Secretary Match Group

New Regulations Can Catch

unprepared companies off guard, putting them in a precarious position. On the other hand, wise anticipation of developing laws can help secure a company’s future. Fortunately, the latter situation is where Match Group, an international dating services provider with a portfolio of brands—including Tinder, Match.com, Hinge, OkCupid, and others—under its umbrella finds itself. With Jared Sine, Match’s chief legal officer and secretary, at the helm, the legal department is ideally positioned to handle ever-changing legal directives.

The General Data Protection Regulation (GDPR) went into effect in the European Union in May 2018. This regulation dictated that companies require the consent of users for data processing, the anonymization of data to protect privacy, data breach notifications, and the safe handling of data transferred across borders.

GDPR sent ripples across the world in terms of data management regulations, including in the United States, where many states are looking to develop their own individual mandates. This is creating a complicated mess of contradictory rules, which spells disaster for companies that are reliant on data but are ill-equipped to handle the increasing regulations. The California Consumer Privacy Act (CCPA), for example, provides similar—but not identical—consumer protections regulations to GDPR. Many other states have looked at the precedents set by CCPA and have begun developing similar acts in their own states.

The legal complexity is amplified for companies like Match, which operates globally and bases its business on the collection of personal data. Both GDPR and CCPA create liability for such platforms. “GDPR creates a whole new regulatory regime and framework for businesses like ours to deal with,” Sine says. “What data we collect, how we collect it, who we collect it from, what consents we get when we are collecting it, what rights we have relative to the data, what rights other users have relative to their data.”

Therefore, Sine has gone far beyond what is legally required to develop strict data processes and policies for Match. “We don’t want an EU user to be treated differently than a US user. We are going to give those rights to everybody.” This allows Match and its affiliated services to offer consumers the same great experience regardless of the regulations in their country.

These modifications represent an ongoing process, as the duty of a platform to its users and the public is becoming more regulated by the government. Many shields protecting platforms are being removed, and liability is increasing, which has been a major problem for companies that hadn’t put much thought into their data collection and management systems. Many were forced to shut down their websites to EU users, with notices indicating their failure to comply with GDPR, or were hit with large fines. But Match and its affiliates had implemented a privacy program that met GDPR’s guidelines by the time the regulation went into effect.

There is also legislation coming down the pipeline that punishes platforms for illegal content that users post onto it, but because of the measures that Sine and the company have been proactively pursuing for the purpose of improved user experience, they expect to be unaffected when the legislation passes.