LinkedIn, the site for self-promoting job seekers, has attracted legal scrutiny by changing its privacy settings by stealth and then making use of users' data in its advertising.
European law requires businesses to extract explicit consent from users in order to make use of their data in advertising and marketing campaigns, but LinkedIn as added an 'on-by-default' function that, according to insecurity outfit Sophos: 'mines usage habits to determine what products and services users are interested in, and uses actual names and photos of users in advertising on the site'.
"LinkedIn may sometimes pair an advertiser's message with social content from LinkedIn's network in order to make the ad more relevant. When LinkedIn members recommend people and services, follow companies, or take other actions, their name/photo may show up in related ads shown to you. Conversely, when you take these actions on LinkedIn, your name/photo may show up in related ads shown to LinkedIn members."
LinkedIn told Dutch site WebWereld that it posted notifications of the change on its blog as well as running an ad. Who really wants to read the firm's blog to find out what its up to with one's data. We didn't even know it had a blog. Sheesh! WebWereld consulted a bunch of legal boffins who were all pretty convinced the site had acted outside both Dutch and European law.
"We're used to this from Facebook, and it's disappointing to see LinkedIn follow in their footsteps," said Graham Cluley, senior technology consultant and rent-a-quote at Sophos.
"This feature certainly wasn't available when many of LinkedIn's users first signed up for the service, and as the majority of people don't tend to check privacy settings after they've set up an account, many people won't even be aware that their image and name could be used in this fashion."
We've asked LinkedIn to explain itself and will let you know if it succeeds in doing so.