Four LinkedIn users have filed a lawsuit accusing the business-oriented social network of accessing their email accounts without permission, harvesting the addresses of their contacts and spamming those people with repeated invitations to join the service.
In their most explosive claim, the plaintiffs say that LinkedIn is “breaking into” external email accounts, like Gmail or Yahoo Mail, by pretending to be the account owner, although the legal complaint offers no details about that assertion. Larry Russ, a lawyer for the plaintiffs, declined to comment beyond the suit.
The lawsuit, which is seeking damages on behalf of all LinkedIn users, revives a long-standing issue about the service: Does LinkedIn adequately inform its users about how it uses sensitive information, including email addresses of everyone they know, and get their consent to do so?
As the lawsuit puts it: “As a part of its effort to acquire new users, Linkedln sends multiple e-mails endorsing its products, services and brand to potential new users. In an effort to optimize the efficiency of this marketing strategy, Linkedln sends these ‘endorsement e-mails’ to the list of e-mail addresses obtained without its existing users’ express consent and, to further enhance the effectiveness of this particular marketing campaign, these endorsement e-mails contain the name and likeness of those existing users from whom Linkedln surreptitiously obtained the list of email addresses.”
LinkedIn has always maintained that it gets full consent of its users before reaching out to any of their contacts. And the company reiterated that position in a statement in response to the lawsuit, which was filed in federal court in San Jose, Calif., on Tuesday by the Los Angeles law firm Russ August & Kabat.
“LinkedIn is committed to putting our members first, which includes being transparent about how we protect and utilize our members’ data,” the company said. “We believe that the legal claims in this lawsuit are without merit, and we intend to fight it vigorously.”
Regardless of the claims in the lawsuit, there is no doubt that LinkedIn makes it awfully easy for you to send an invitation to connect to everyone you have ever emailed and much harder to revoke that permission.
When you sign up for the service, or want to add contacts, LinkedIn prompts you to import the email addresses of potential contacts from your email accounts, like Gmail, Yahoo Mail or Microsoft Outlook. The lawsuit says LinkedIn does this without seeking the email passwords, suggesting that LinkedIn is hacking into accounts. Under LinkedIn’s normal procedures, it asks users for permission to access each account, though email passwords may not be required if a user is logged into the email account.
Once those addresses are imported, LinkedIn asks you for permission to contact them on your behalf.
And here we get to the crux of why LinkedIn might be viewed as spamming: By default, LinkedIn wants to invite every one of those people to connect with you on the service.
Instead of asking you to opt in by checking off which specific contacts you want to invite, LinkedIn requires you to opt out by unchecking the “select all” button. If you are not careful, hundreds of invitations can go out – no second thoughts or cooling-off period provided.
In fact, once the authorization is given, LinkedIn will email your contacts several times asking them to join the service or connect to you. (You can withdraw an unaccepted invitation once it is sent, but it is a tedious process.)
Moreover, even if you don’t invite some or all of those imported names to connect with you, LinkedIn saves the information for various purposes, including prompting you later to add the people as connections.
LinkedIn had 238 million users worldwide at the end of June, up 37 per cent from the second quarter of 2012. It relies heavily on user referrals for that sizzling growth, which has also sent its stock price into the stratosphere.
Such growth by referral is common to social networks, games and mobile applications, though sometimes they cross the line into what many of their users would consider spamming. For example, the Path social network got into trouble for such mass mailing this year, prompting Facebook to restrict it from accessing its users’ accounts.
The lawsuit, and numerous complaints on LinkedIn’s own message boards, suggest that the company is treading dangerously. As one user quoted in the lawsuit put it in a post on LinkedIn:
“Accessing my contacts so that I can see who I’d like to connect with is one thing. Spamming my entire contact database of everyone I’ve ever emailed is definitely black hat tactics at growing users. This included people I know, don’t know, email addresses from people off Craigslist, even mailing lists received an ‘invite to connect’ from me today. I did not click on ‘invite all.’ In fact, I clicked on ‘skip this step.’ Very disappointing.”
The legal process will sort out whether LinkedIn is getting adequate consent from its users. But legalities aside, if many users believe the company is abusing sensitive personal information like email contacts, it risks tarnishing its brand and business.
LinkedIn’s mission includes establishing itself as the premier site for making and maintaining business connections, and trust is the foundation of many lucrative services it wants to offer, from job-hunting help to industry news.
source : Times of India