Received any funny emails from LinkedIn lately? If so, you might be kicking yourself that you didn't think to take it to the courts.
According to a complaint filed in San Jose district court earlier this week, a few LinkedIn members are suing the company, accusing it of "breaking into its users' third party email accounts, downloading email addresses that appear in the account, and then sending out multiple reminder emails ostensibly on behalf of the user advertising LinkedIn to non-members."
The LinkedIn customers in the complaint alleged that the company requires users to provide an email address when signing up for the service — a fairly innocent request, and one that's common to just about every web service on the planet right now. However, they also say that LinkedIn then takes this information and uses it to "hack into the user's external email account and extract email addresses."
The plaintiffs didn't indicate exactly how the alleged hack works, aside from suggesting that LinkedIn waits for a user to leave his or her email account "open" before it allegedly spoofs a user's login credentials and downloads his or her entire contact lists. In other words, it's likely that users somehow grant LinkedIn this permission to access their accounts, and the company allegedly takes the ball and runs.
"LinkedIn is able to download these addresses without requesting the password for the external email accounts or obtaining users' consent," reads the complaint.
Once that happens, alleges the plaintiffs, LinkedIn spams one's friends and contacts with emails promoting the company and enticing new users to join up. Worse, it does so by allegedly using a user's own likeness as a kind of "endorsement" within the email itself – suggesting that it was the allegedly hacked user who was trying to get his or her friends interested in LinkedIn, not LinkedIn itself.
According to Bloomberg, one such user – Deborah Lagutaris — said that LinkedIn blasted more than 3,000 of her contacts (allegedly using its aforementioned technique). This included those who had been CC'd on Lagutaris' various email messages, recipients who might have not even been in her actual contact book.
LinkedIn denies the allegations.
"LinkedIn is committed to putting our members first, which includes being transparent about how we protect and utilize our members' data. We believe that the legal claims in this lawsuit are without merit, and we intend to fight it vigorously," reads a statement by the company.