Guardian Flame's Risk Scores: Accountability or Harassment?
- Guardian Flame launched this month in New Zealand with mandatory government ID verification and risk-scoring based on previous dates' feedback
- The app was inspired by the 2018 murder of British backpacker Grace Millane, who was killed by a man she met on Tinder in Auckland
- Users don't swipe on Guardian Flame itself — they continue using existing apps and send matches a link to check their risk score before or after dates
- Major platforms including Match Group and Bumble have consistently avoided building user-to-user review systems due to harassment and bias concerns
Guardian Flame, a New Zealand startup, wants to solve one of online dating's most intractable problems: the fact that your next date could be someone else's nightmare, and you'd never know it. The app launched this month with mandatory government ID verification and a risk-scoring system based on previous dates' feedback — essentially Trustpilot for people you might sleep with. Whether the solution is a crowdsourced reputation system where your ex-dates get to score your risk level is another question entirely.
Founder Andrew Steele told local media the app was inspired by Grace Millane's 2018 murder. Millane, a British backpacker, was killed by a man she met on Tinder in Auckland. Other women had previously reported concerning behaviour from the same person, but that information never reached Millane.
Guardian Flame's pitch is simple: if negative experiences had been visible and portable across matches, she might still be alive. The information asymmetry problem Steele identifies is real and unsolved: every major platform treats user behaviour as siloed data, meaning red flags evaporate between matches.
Create a free account
Unlock unlimited access and get the weekly briefing delivered to your inbox.
This is either the future of dating accountability or a privacy and harassment disaster waiting to happen — possibly both at once.
How the risk scoring actually works
Guardian Flame doesn't function as a standalone dating app. Users continue swiping on Tinder, Bumble, Hinge, or whatever else they're using. Before or after a date, they can send their match a unique link via SMS or messaging app that allows the other person to check whether any previous dates have flagged concerns.
Post-date, users can leave feedback in two directions: highlighting positive behaviour or privately noting red flags. According to the company, this input feeds an algorithm that generates a numerical risk score. Flagged content triggers human review.
The app prohibits direct written comments about other users — no Yelp-style reviews saying 'he got weird about splitting the bill' or 'she wouldn't stop talking about her therapist'. Steele characterised the system to The Post as focused on 'transparency and safety rather than gossip or takedowns', a framing that positions subjective risk assessment as objective data hygiene.
Critically, Guardian Flame mandates government-issued ID verification for every user. One person, one profile. No exceptions. Violating community standards — including what the company calls 'malicious reporting, harassment, or false flags' — can result in suspension or permanent removal.
What the dating giants won't build
Mainstream platforms have consistently resisted user-to-user review systems, and for good reason. Match Group (MTCH), Bumble (BMBL), and other operators offer optional ID or photo verification in some markets, but it's rarely mandatory and almost never tied to reputation scores. The industry's position has been that allowing members to publicly or semi-publicly rate each other creates more problems than it solves: harassment, score manipulation, retaliatory flagging after breakups, and systemic bias against marginalised groups.
That's not theoretical. Every platform that's experimented with user-generated feedback systems — even relatively benign ones like endorsing matches for good conversation — has confronted abuse vectors. Vengeful exes, rejected suitors, and coordinated harassment campaigns are features, not bugs, of any system that lets strangers evaluate you.
Guardian Flame has built something the industry has actively avoided building, and the reason it's been avoided isn't squeamishness — it's that the game theory gets very dark very quickly.
Guardian Flame's response is that it has 'safeguards' against malicious reporting. What those safeguards consist of beyond human review and the ability to dispute flags remains vague. The company hasn't disclosed how many false reports trigger consequences, what standards reviewers apply, or how disputes are adjudicated.
The mandatory ID problem
Requiring government-issued ID for everyone raises separate concerns. Match Group's BacgroundCheck integration and Bumble's optional ID verification have been criticised by LGBTQ+ advocates and privacy groups for excluding vulnerable populations: people without access to ID documents, those in hostile family or state environments, sex workers, and undocumented individuals who use dating apps but can't risk exposing their legal identity.
Guardian Flame's entire model collapses without universal ID verification — you can't have one-person-one-profile accountability if people can create multiple accounts. But that requirement inherently excludes populations already marginalised in dating. The app is effectively saying that certain people don't get to participate in its safety layer because verifying their identity would put them at risk elsewhere.
Data security is the other landmine. Guardian Flame is a small, venture-stage New Zealand startup holding government ID documents for every user. It's precisely the kind of target that appeals to attackers looking for high-value identity data. The company hasn't disclosed its security infrastructure, third-party audits, or breach response protocols.
Who this really serves
The uncomfortable truth is that Guardian Flame's model works best for people who already hold power in dating markets: those with access to ID, social capital to dispute unfair flags, and the demographic privilege to avoid systemic bias in subjective risk assessments. A white professional disputing a flag has different odds than a minority user doing the same.
Steele's motivation — preventing another Grace Millane case — is genuinely compelling. The structural problem he's identified is real. Every dating executive knows that dangerous users move between platforms after being banned, and that information about risky behaviour doesn't follow them. Match Group has known since 2016 about abusive users on its platforms, yet information about dangerous behaviour remains siloed within individual apps.
Solving that would be a material safety improvement. Whether the solution is user-generated risk scores is a different matter. Platforms have avoided this model not because they love dangerous users, but because they've concluded that the harassment and discrimination risks outweigh the safety gains.
Guardian Flame is betting the opposite. The New Zealand market will provide the first controlled test of which calculation is correct — and whether the safeguards are robust enough to prevent the system from becoming exactly what every other operator feared it would become.
- Guardian Flame's success depends on whether its safeguards against malicious reporting and retaliatory flagging prove robust enough to prevent the harassment scenarios that caused established platforms to reject user review systems
- The mandatory ID requirement creates a fundamental tension: universal verification enables accountability but systematically excludes vulnerable populations who cannot safely provide government documentation
- Watch whether other markets adopt similar models if New Zealand's experiment succeeds, and whether data breaches or discrimination lawsuits emerge as the system scales
Comments
Join the discussion
Industry professionals share insights, challenge assumptions, and connect with peers. Sign in to add your voice.
Your comment is reviewed before publishing. No spam, no self-promotion.
