Dating Industry Insights
    Trending
    Dating Platforms' Duty of Care: Legal Obligation or Ethical Aspiration?
    Regulation Safety

    Dating Platforms' Duty of Care: Legal Obligation or Ethical Aspiration?

    Research Report

    This report examines the evolving legal and ethical framework establishing duty of care obligations for dating platforms, analysing how statutory requirements under the Online Safety Act and Digital Services Act combine with common law principles to create enforceable responsibilities for user safety. It explores the scope of these duties across physical, financial, psychological, and data safety domains, and provides a practical framework for risk assessment and compliance that balances legal obligation with commercial opportunity.

    • Non-compliance with the UK Online Safety Act can result in fines of up to 10% of global annual revenue or £18 million, whichever is greater
    • EU Digital Services Act violations can result in fines of up to 6% of global annual turnover
    • The FTC reported $1.16 billion in romance scam losses in the first nine months of 2025
    • Safety concerns rank among the top reasons users leave dating platforms, particularly women
    • Photo verification evolved from best-in-class in 2022 to baseline standard by 2026
    Person reviewing legal documents on dating platform safety compliance
    Person reviewing legal documents on dating platform safety compliance

    The DII Take

    The duty of care question is the most consequential legal and ethical issue facing the dating industry because it determines the extent to which platforms are responsible for what happens to their users. The traditional platform defence, that they merely provide a venue for user interaction and bear no responsibility for the interactions themselves, is being eroded by legislation, case law, and public expectation. The emerging standard is that platforms owe a duty to take reasonable steps to prevent foreseeable harm, including romance fraud, harassment, sexual violence, and psychological damage from platform design choices. Platforms that accept this duty and build their products accordingly will be better positioned legally, commercially, and reputationally than those that resist it.

    The duty of care for dating platforms draws on three distinct legal sources. Statutory duty under the Online Safety Act imposes specific obligations on platforms to assess and mitigate risks of illegal content and activity, protect children from harmful content, and implement systems for user reporting and content moderation. These statutory duties create enforceable obligations whose breach can result in fines of up to 10% of global annual revenue or £18 million, whichever is greater.

    The EU Digital Services Act imposes parallel duties including risk assessment, mitigation measures, transparency reporting, and complaint handling. Non-compliance can result in fines of up to 6% of global annual turnover. Common law duty of care, developed through case law, establishes that a party who creates or controls a situation that poses foreseeable risk of harm to others has a duty to take reasonable steps to prevent that harm. Courts in several jurisdictions are considering whether this principle applies to dating platforms whose products facilitate meetings between strangers.

    The Scope of Duty

    The duty of care for dating platforms potentially encompasses several categories of harm. Physical safety obligations mean platforms that facilitate meetings between strangers owe a duty to take reasonable steps to reduce the risk of physical harm, including sexual violence, domestic abuse, and fatal violence. This duty may include identity verification, safety features such as location sharing and emergency contacts, and screening measures including background checks where legally permissible.

    Financial safety duties require platforms to protect users from romance fraud through detection systems, user education, and reporting mechanisms. The FTC's $1.16 billion in reported romance scam losses in the first nine months of 2025 demonstrates the scale of financial harm that inadequate fraud prevention allows. Psychological safety obligations require platforms to design products that do not cause foreseeable psychological harm through addictive design, harassment facilitation, or exploitation of user vulnerability. This duty is the most expansive and least defined, but the growing body of research on dating app impacts on mental health strengthens the evidentiary basis for psychological duty of care claims.

    Data safety responsibilities require platforms to protect the sensitive personal data they collect, including relationship status, sexual orientation, health information, and intimate communications. Data breaches affecting dating platforms create uniquely severe harm because of the intimate nature of the information compromised.

    Digital security concept representing data protection for dating platforms
    Digital security concept representing data protection for dating platforms

    The Reasonable Steps Standard

    The legal standard for duty of care is not perfection but reasonableness: platforms must take steps that a reasonable operator would take to prevent foreseeable harm. What constitutes reasonable steps evolves with technology and industry practice. A platform that did not offer photo verification in 2020 was operating within industry norms. A platform that does not offer it in 2026 is below the standard that regulators and courts increasingly expect.

    The traditional platform defence, that they merely provide a venue for user interaction and bear no responsibility for the interactions themselves, is being eroded by legislation, case law, and public expectation.

    Industry benchmarking defines the evolving reasonableness standard. When major platforms implement specific safety features such as age verification, photo verification, content moderation, and fraud detection, those features become the benchmark against which other platforms are measured. A small platform that cannot afford the safety infrastructure that Match Group deploys may still be required to implement proportionate measures appropriate to its scale.

    This analysis draws on the UK Online Safety Act 2023, EU Digital Services Act, common law duty of care principles, and DII's assessment of the evolving legal framework for dating platform liability. Legal analysis is provided for informational purposes and does not constitute legal advice. Platform operators should seek jurisdiction-specific legal counsel for compliance guidance.

    The Practical Application

    The duty of care framework has several practical applications for dating platform design and operation. Safety-by-design requires that duty of care considerations influence product decisions from the outset rather than being addressed after harm has occurred. A platform designed with safety as a core principle makes different product choices from one that treats safety as an afterthought: shorter time windows between match and meeting (reducing the relationship-building phase that romance scammers exploit), mandatory verification before messaging, in-app safety resources accessible during conversations, and design choices that discourage harmful behaviour rather than merely responding to reports of it.

    Risk assessment obligation under the OSA requires platforms to formally assess the risks their services create and implement proportionate mitigation measures. This assessment must be documented, regularly updated, and available for regulatory review. For dating platforms, the risk assessment should cover physical safety (risk of violence at in-person meetings), financial safety (risk of fraud), psychological safety (risk of harassment, manipulation, and addictive use patterns), and data safety (risk of data breaches exposing intimate information).

    Incident response capability is an implicit component of duty of care. A platform that cannot respond effectively to safety incidents, whether reporting of assault, detection of fraud operations, or discovery of underage users, fails to meet its duty regardless of its preventive measures. Incident response plans should cover reporting mechanisms, investigation procedures, law enforcement cooperation, victim support, and post-incident review.

    The Evolving Standard

    The duty of care standard for dating platforms is not static. It evolves with technology, industry practice, and regulatory expectations. As technology improves, what constitutes reasonable steps expands. Photo verification that was considered best-in-class in 2022 is now considered baseline. AI-powered fraud detection that was optional in 2024 is becoming expected in 2026. Platforms must continuously invest in safety technology to maintain compliance with an evolving standard.

    Industry practice sets the benchmark. When Match Group implements a safety feature across its portfolio, that feature becomes the industry standard against which smaller platforms are measured. Platforms that fall significantly below the safety standards of market leaders face both regulatory and competitive exposure. Regulatory guidance provides specific direction as Ofcom, the European Commission, and other bodies publish codes of practice, enforcement decisions, and policy statements that define expectations for platform safety. Platforms should monitor regulatory guidance and treat it as a minimum standard rather than a ceiling.

    The Commercial Case for Duty of Care

    Beyond legal obligation, duty of care investment generates commercial returns that justify the cost. Trust-driven retention means that users who feel safe on a platform stay longer. Research consistently shows that safety concerns are among the top reasons users leave dating platforms, particularly women. Investment in safety directly reduces churn. Premium positioning is enabled by visible safety investment. Platforms that can demonstrate superior safety credentials, through verification badges, published safety data, and regulatory compliance, can justify premium pricing.

    Investment in safety directly reduces churn, enables premium positioning, protects brand value, and generates regulatory goodwill—making the commercial case for duty of care as compelling as the ethical case.

    Brand protection from safety incidents that generate negative media coverage is invaluable. A single publicised case of sexual assault facilitated through a dating platform can cost millions in brand damage. The cost of preventing such incidents through safety investment is far less than the cost of responding to them. Regulatory goodwill from proactive safety investment reduces the likelihood of enforcement action and positions the platform favourably in regulatory consultations. Regulators distinguish between platforms that invest genuinely in safety and those that do the minimum required.

    The International Dimension

    The duty of care principle is expressed differently across jurisdictions. The UK codifies it through the OSA. The EU approaches it through the DSA's risk assessment obligations. The U.S. is moving toward specific platform safety obligations through proposed legislation. Australia addresses it through the eSafety Commissioner's safety-by-design framework. For international operators, the practical implication is building a safety standard that meets the most demanding jurisdiction's requirements, creating a global baseline that provides regulatory compliance everywhere.

    Risk assessment framework documentation for platform safety
    Risk assessment framework documentation for platform safety

    The Practical Risk Assessment Framework

    The duty of care obligation requires dating platforms to conduct formal risk assessments that identify, evaluate, and mitigate the risks their services create. Physical safety risks include the risk of sexual violence, physical assault, stalking, and kidnapping arising from in-person meetings facilitated through the platform. The risk assessment should identify the specific features and user journeys that create physical safety exposure (matching with strangers, sharing location, arranging meetings) and evaluate the mitigation measures in place (verification, safety features, user education).

    Financial safety risks include the risk of romance fraud, financial exploitation, and identity theft. The assessment should quantify the fraud incidence on the platform, evaluate the effectiveness of detection and prevention measures, and identify gaps in the fraud prevention framework. Psychological safety risks include the risk of harassment, emotional manipulation, addiction-pattern usage, and the mental health impacts documented in DII's consumer insights analysis. The assessment should evaluate how platform design choices such as gamification mechanics, notification strategies, and matching algorithms affect user psychological wellbeing.

    Data safety risks include the risk of data breaches, unauthorised data access, and data misuse. The assessment should evaluate the security of user data throughout its lifecycle, including collection, processing, storage, transfer, and deletion. For each risk category, the assessment should identify the likelihood and severity of potential harm, evaluate the adequacy of existing mitigation measures, identify gaps requiring additional investment, and document the assessment process for regulatory review.

    The Emerging Case Law

    Court decisions in several jurisdictions are beginning to define the legal contours of dating platform duty of care. In the UK, while no landmark case has established dating platform duty of care through the courts, the Online Safety Act's statutory duties create enforceable obligations that effectively codify the duty. Platforms that comply with OSA requirements satisfy the statutory component of their duty; whether common law duty of care extends further remains to be tested.

    In the US, several lawsuits against dating platforms (including a case against Grindr alleging failure to protect users from predators) have tested Section 230 immunity against duty of care claims. While courts have generally upheld Section 230 protection, the legal landscape is shifting as legislatures consider narrowing the immunity and as courts distinguish between platform editorial decisions and platform safety obligations. In Australia, the eSafety Commissioner's safety-by-design framework creates a duty-of-care-adjacent obligation that platforms operating in Australia must address.

    The Insurance Intersection

    The duty of care standard directly affects dating platforms' insurance coverage and premiums. Insurers assess whether platforms have taken reasonable steps to prevent foreseeable harm when evaluating claims. A platform that can demonstrate a comprehensive duty of care framework, including risk assessments, mitigation measures, incident response procedures, and safety investments, is better positioned to defend against claims and to maintain favourable insurance terms.

    Conversely, a platform that has not invested in safety measures that industry practice considers reasonable may face denial of coverage or significantly higher premiums. The insurance market is beginning to require specific safety measures as conditions of coverage, creating financial incentives for duty of care compliance independent of regulatory enforcement.

    The Proportionality Principle

    The duty of care standard applies proportionality: the measures required of a platform should be proportionate to the risk of harm and the platform's capability to address it. Proportionality means that a small dating platform with 50,000 users is not expected to invest the same absolute amount in safety as Match Group, but it is expected to invest proportionately and to implement reasonable measures appropriate to its scale. Basic content moderation, user reporting, age verification, and fraud detection are reasonable for any platform; dedicated AI moderation teams, real-time deepfake detection, and international law enforcement cooperation may be proportionate only for larger platforms.

    The proportionality assessment should consider the nature and severity of the risks (physical safety risks warrant more investment than minor content quality issues), the number of users affected (larger platforms face higher aggregate risk), the feasibility and cost of mitigation measures (measures should be technically and financially feasible), and the platform's existing safety measures (additional measures should address gaps rather than duplicate existing protections).

    The Stakeholder Expectations

    The duty of care standard is shaped not only by legislation and case law but by the expectations of multiple stakeholders. User expectations have risen significantly since the early days of dating apps, when safety concerns were accepted as inherent to the platform experience. Today's users, particularly Gen Z and female users, expect verification, active moderation, responsive reporting, and visible safety investment as baseline features. Platforms that fall below these expectations face user attrition regardless of regulatory compliance.

    Today's users, particularly Gen Z and female users, expect verification, active moderation, responsive reporting, and visible safety investment as baseline features—not optional enhancements.

    Regulatory expectations are codified in the OSA and DSA but will continue to evolve as regulators gain experience with platform safety enforcement. The standards that Ofcom considers adequate in 2025 will likely be insufficient in 2028 as enforcement experience reveals gaps and as technology creates new capabilities and new threats. Public expectations, shaped by media coverage of dating platform safety incidents, create reputational pressure that operates independently of legal obligation. A platform that is legally compliant but publicly perceived as unsafe may face commercial consequences that regulatory compliance alone cannot prevent.

    Investor expectations increasingly include safety and compliance as due diligence criteria. Investors evaluating dating platforms assess regulatory risk, compliance infrastructure, and safety investment alongside financial metrics. A platform with inadequate safety investment represents a regulatory and reputational risk that informed investors will price into their valuation.

    What This Means

    The duty of care framework represents a fundamental shift from reactive moderation to proactive safety design, requiring platforms to anticipate and prevent harm rather than merely respond to incidents. Platforms that view this obligation as a compliance burden rather than a product opportunity will find themselves at both regulatory and competitive disadvantage. The commercial case for duty of care investment is compelling: trust-driven retention, premium positioning capability, brand protection, and regulatory goodwill all generate returns that justify safety expenditure independent of legal obligation.

    What To Watch

    Monitor Ofcom's enforcement decisions in 2026-2027 as the first OSA penalties establish precedents for what constitutes adequate safety measures and proportionate investment. Watch for emerging case law testing common law duty of care against platforms, particularly in jurisdictions where statutory frameworks have not yet codified the obligation. Track the insurance market's evolving requirements for platform coverage, as insurers increasingly mandate specific safety measures as conditions of policy, creating a market-driven compliance mechanism that operates independently of regulatory enforcement.

    Create a free account

    Unlock unlimited access and get the weekly briefing delivered to your inbox.

    No spam. No password. We'll send a one-time link to confirm your email.