Two class action lawsuits have been filed against LinkedIn in the U.S. District Court for the Northern District of California, accusing the company of scanning users' browsers to check for installed extensions.
Two class action lawsuits have been filed against LinkedIn in the U.S. District Court for the Northern District of California, accusing the company of scanning users' browsers to check for installed extensions.
The lawsuit is based on a report published by the Fairlinked association, a German group that protects the rights of commercial LinkedIn users, Cybernews reports .
A few days ago, the organization alleged that LinkedIn illegally scans users' browsers to see what extensions they have running. It claims that these scans can identify thousands of extensions, including tools that compete with LinkedIn's own services.
“Every time you visit linkedin.com, a JavaScript-based program embedded in the page scans your browser for installed Chrome extensions. The program runs silently, without any indicators visible to the user. It does not ask for consent. It does not disclose what it is doing. It simply transmits the results to LinkedIn’s servers,” the Fairlinked association wrote in its report.
The rights group described LinkedIn's actions as "one of the biggest scandals in digital history involving corporate espionage and data leakage."
According to experts, this information could reveal sensitive personal data or corporate secrets, especially when it is linked to users' LinkedIn profiles.
LinkedIn, owned by Microsoft, admits that it scans users' browsers for extensions, but says it does so to identify those who violate the platform's rules.
“The claims made on the website in question are completely false. The person behind them has had their account suspended for scraping (automated data collection) and other violations of LinkedIn’s Terms of Service,” a company spokesperson said in a post on Hacker News.
J.R. Howell, the Santa Monica attorney who filed the lawsuit, told Ars Technica that "a reasonable user does not consent to mass browser surveillance and data exploitation by third parties through vague references to security, cookies, add-ons, or abuse prevention."
Furthermore, he argues that the crux of the case focuses specifically on allegations of lack of user consent.
“The real question is not whether LinkedIn claims to have addressed Terms of Service violations. The question is whether users were actually informed — in a clear and meaningful way — that LinkedIn would covertly probe their browsers for installed extensions, extract data associated with the active session, and provide that data to undisclosed third parties whose use of that information may extend far beyond a one-time compliance check.”
