Ashley Madison's Privacy Pivot: A Blueprint for Regulatory Readiness?

Ashley Madison has rolled out Discreet View Mode, a feature that blurs members' photos and profile details by default until users explicitly choose to reveal themselves to specific contacts. The feature, announced this month, represents the most visible evidence yet that the platform's catastrophic 2015 data breach—which exposed 37 million members—continues to drive product development nearly a decade later. The distinction matters in an industry where privacy is increasingly treated as a revenue stream rather than a fundamental right.

Whilst mainstream platforms like Tinder and Bumble (BMBL) have added privacy features over the past few years, they typically gate them behind premium tiers. Ashley Madison, which operates in the structurally more sensitive affairs and open relationship category, has made Discreet View Mode available to all members regardless of payment status. According to the company, the feature aims to address the reality that many of its users face material consequences—relationship dissolution, professional reputations, custody battles—if their presence on the platform becomes known.

Create a free account

Unlock unlimited access and get the weekly briefing delivered to your inbox.

Competitive positioning through defensive architecture

Ruby Corp's positioning makes explicit what other dating operators have been slower to acknowledge: that for certain categories of users, privacy failures carry asymmetric risk. The company's chief product officer stated in the announcement that the feature 'redefines what privacy means in the digital dating space', though the reality is more prosaic. Discreet View Mode functions as a default-blur system, similar to LinkedIn's private mode or Feeld's incognito browsing, but applied universally rather than selectively.

What distinguishes Ashley Madison's approach is the economic model. Match Group (MTCH) platforms monetise privacy extensively—Tinder charges £3.99/month for the ability to control who sees your profile, whilst Hinge's £29.99/month tier includes incognito mode. Bumble's premium offerings include controls over profile visibility and the ability to unmatch without leaving a trace. These are presented as conveniences rather than necessities.

Ruby Corp appears to be making the opposite calculation: that for its addressable market, free baseline privacy reduces friction to joining and increases long-term retention. Members who feel exposed are members who churn or never convert from browsing to engagement. The 2015 breach, which saw the Impact Team hackers specifically target Ashley Madison for its perceived immorality, demonstrated that the platform's users faced coordinated targeting in ways that Tinder or Hinge members do not.

Regulatory anticipation or sector-wide shift?

The timing suggests Ruby Corp may be reading regulatory signals that other operators are still evaluating. The EU's Digital Services Act (DSA), fully enforceable since February 2024, imposes heightened transparency and risk mitigation requirements on platforms. Whilst the DSA's immediate compliance burden falls on designated very large online platforms—a category that includes none of the major dating operators by user count—national regulators have signalled interest in how dating platforms handle what GDPR classifies as 'special category data'.

Sexual orientation, relationship status, and the intent to engage in extramarital affairs all fall within categories that trigger heightened data protection obligations under GDPR. The UK's Information Commissioner's Office has previously investigated dating apps for processing special category data without adequate legal basis. Ashley Madison's operational risk profile is materially higher than Bumble's: a breach or regulatory action isn't just embarrassing, it's potentially ruinous for the specific population the platform serves.

Where Tinder can treat profile visibility as a premium upsell, Ashley Madison must treat it as table stakes.

Ruby Corp disclosed in previous statements that it invested heavily in security infrastructure post-2015, including internal penetration testing, third-party audits, and a bug bounty programme. Discreet View Mode extends that defensive posture into the product layer. Where Tinder can treat profile visibility as a premium upsell, Ashley Madison must treat it as table stakes.

The contrast with mainstream competitors is instructive. Bumble reported 3.4 million paying users in Q3 2024, with average revenue per paying user of $29.48—a figure driven partly by premium privacy and safety features. Match Group does not break out privacy-specific monetisation, but its Tinder à la Carte model explicitly prices individual features like profile controls. For platforms where the use case doesn't carry inherent social risk, this approach works. For Ruby Corp, it likely doesn't.

What this signals for the sector

Ruby Corp's decision to lead with privacy-by-default suggests a broader reckoning may be coming for how dating platforms architect user control. The industry has spent the past five years battling trust and safety crises—romance scams, catfishing, harassment, image-based abuse. Privacy has received less attention, treated largely as an individual user responsibility rather than a structural platform obligation.

That framing is starting to age poorly. As dating app usage becomes near-universal among singles in developed markets—Pew Research found 53% of US adults under 30 have used dating apps—the statistical likelihood of sensitive disclosures increases. Members in non-monogamous relationships, those exploring LGBTQ+ identities, or users in conservative communities all face disclosure risks that standard privacy models don't adequately address.

Whether this becomes a competitive vector for mainstream platforms depends on whether users demand it and whether regulators require it. Ashley Madison's advantage is involuntary: it had no choice but to rebuild trust from rubble. Operators without that forcing function may wait until the market—or Brussels—makes the decision for them.