LinkedIn Illegally Sold Your Professional Data, Lawsuit Claims

Impact

The news: How much should you trust LinkedIn?

According to a new lawsuit, not very much. Valleywag reports via the Recorder that LinkedIn is being sued in California for alleged violations of consumer protection laws by giving protected data on work history to potential employers. This would violate the privacy of its users and potentially exposing them to harm. The plaintiffs allege that LinkedIn's "search for references" function, which allows users to find possible references for job applicants without the applicants' knowledge or consent, created an illegal marketplace of potentially inaccurate work histories in violation of the Fair Credit Reporting Act.

Why this is important: Basically, the idea is that LinkedIn data-mined profiles to find links to other users and then sold off that information to anyone willing to pay. In doing so, LinkedIn allowed recruiters and managers to find previous bosses and coworkers who users didn't want them to contact.

The plaintiffs say that the service gave anyone willing to pay the ability to "anonymously dig into the employment history of any LinkedIn member and make hiring and firing decisions based upon the information they gather, without the knowledge of the member and without safeguards in place as to the accuracy of the information that the potential employer has obtained."

Imagine that you left a previous job on good terms with other employees, but left behind a boss or coworker who hated you for any number of reasons. LinkedIn's "search for references" feature could result in that person being able to anonymously badmouth you, resulting in difficulties finding future work or even losing your current position.

This isn't just theoretical. Courthouse News reports that four plaintiffs in the suit all claim this is exactly what happened to them, and LinkedIn illegally profited from it.

It isn't the first time, either: LinkedIn has come under fire for alleged violations of its users' privacy before. In June, a federal court ordered a lawsuit over the company's email practices to proceed. In that case, users alleged that LinkedIn illegally accessed their email accounts, stole their contacts and then proceeded to spam them with sign-up offers. In 2014, the company settled another lawsuit after losing 6.5 million hashed passwords and agreed to implement the standard security procedures used by most of the rest of the industry.

Basically, just because LinkedIn doesn't have access to the kind of compromising personal stuff (like drunk selfies) you might see on Facebook or Instagram doesn't mean its data poses no risk to you. And with close to 100% of employers using it, job-seekers find themselves in the uncomfortable position of trading their work histories to a potentially untrustworthy third party or missing out on a lot of opportunities. That's bad.