Stranger danger? LinkedIn denies 'hack and spam' attacks on members in marketing tussle

US lawsuit claims professionals' social network harvested email addresses without consent

The mystery of invitations to network from LinkedIn contacts you never knew you had may have been solved. The social network for professionals is facing a class-action lawsuit over allegations that the firm "hacks" into the email address books of its members and then sends out spam marketing emails.

LinkedIn, which claims more than 225 million users who access the service to share career updates, rejects the claims, made in a law suit filed in California on behalf of four US-based users, who are seeking unspecified damages from the company for running a "hack-and-spam" operation.

The suit claims that LinkedIn "hacks" into users' email accounts before harvesting email addresses and sending spam to their contacts, endorsing its products and services, without obtaining users' consent or requesting a password.

The plaintiffs allege that the emails, designed to persuade recipients to sign up to LinkedIn, contain the Linkedln member's name and likeness so it appears as if the member is endorsing the social network.

The lawsuit alleges that users' details were obtained "surreptitiously" and seeks redress for violation of federal wiretap law as well as California privacy laws.

A LinkedIn user, Deborah Lagutaris, told Bloomberg that more than 3,000 people on her contact list received invitations from LinkedIn in her user name.

When she questioned LinkedIn, she said that the company replied, "Oh, you can remove all those invitations from your account manually. We don't know what happened.'" Later, Lagutaris had to add a disclaimer to her page stating that she had not been sending out these spam mails.

LinkedIn asks for permission to "grow" each user's network. The overall rate of membership growth is slowing and the business needs to sell new products to maintain its expansion. But the widespread use of email invitations goes too far, the plaintiffs said.

The complainants have asked the company to pay them the money that it earned by using their LinkedIn accounts.

LinkedIn users can invite anyone to become a connection. But if the invitee replies "I don't know" or "Spam", this is recorded against the inviter, whose account may ultimately be restricted or closed.

LinkedIn is contesting the lawsuit, which it argues is "without merit". The California based company said it takes personal security seriously and never sends out information on a user's behalf unless given permission.

Blake Lawit, LinkedIn's head of litigation, wrote in a blog that members "choose to upload their email address books to LinkedIn".

"Claims that we 'hack' or 'break into' members' accounts are false," Lawit wrote. "We never deceive you by 'pretending to be you' in order to access your email account.

"We never send messages or invitations to join LinkedIn on your behalf to anyone unless you have given us permission to do so," he adds.

LinkedIn gives users the "choice to share your email contacts, so you can connect on LinkedIn with other professionals that you know and trust."

The company said boasted a commitment to being "transparent about how we protect and utilise our members' data."

Last year LinkedIn users complained that they were being bombarded by spam emails after the social network was hacked and hashed passwords of users dumped online.

Launched in 2003, LinkedIn is valued at about $20 billion, making it one of the biggest US technology companies. Analysts on average expect revenue of $1.5 billion in 2013.

But the number of new members added each year is slowing. Membership increased 36 per cent in the first quarter of 2013 from a year earlier, down from 39 per cent and 43 per cent in the previous two quarters.

Comments