LinkedIn Policy Compromises User Security: Check Your Settings
LinkedIn, the biggest business social network, has some privacy breach issues of its own and we’ll admit to being more than a little irritated. We wrote yesterday about some Facebook settings of which users were unaware that could potentially leave your browser unprotected and/or make your phone contacts accessible and figured I’d start a new by day talking about a disturbing breach of privacy on the part of LinkedIn.
A default setting called “Social Sharing” allows LinkedIn to pair an advertiser’s message with social content from a LinkedIn user’s network – in order to tailor the ad more closely to the audience. Ever notice how if you’re a female CEO, ads pop up when you’re on LinkedIn specifically tailored to … well, you guessed, it, things that might appeal to a female CEO.
I don’t know about you, but I’m not interested in my name or face showing up in an ad without someone first asking my permission to use my face in an ad, and second, paying me to do so. Think I’m kidding … check it out:
How Do I Fix This?
I know – you want to know how to change this. The good thing, it’s pretty easy. Go to Settings, then Account, then under Privacy Controls, select Manage Social Advertising. Make sure that box that, as a default setting that’s a little gift to you by LinkedIn, is NOT checked. Be sure to Save your changes and you’re good to go.
This Stuff Isn’t New
We saw this back in July of 2009, when it the NY Times reported that ads on Facebook were appearing without user knowledge or consent because they were automatically opted in as a result of Facebook’s Terms of Service — obviously written to protect Facebook and not Facebook users.
I remember it at the time because it was funny – in an OMG kind of way. A man noticed his wife’s picture appearing in an ad for a dating service. The ad was created by third party application developer, using the Facebook API that they had made available. And Facebook, as usual, didn’t seem to much care.
We’ve come to expect crap like this from Facebook – they’re pretty blatant about not caring about users, user privacy and the like. But it was surprising to discover this lack of respect for user privacy on LinkedIn. Go ahead, call me naïve. It would be warranted.
The issue is that LinkedIn automatically (and without permission) opts you into things like “Social Sharing” without any kind of notification. If you don’t know enough to dig deeply into these privacy settings, it could mean that your data might ultimately be compromised by a rogue developer or hacker. Or, it might mean that your mug shows up in third party advertising somewhere, without your knowledge. Either way, that stinks.
LinkedIn Should Know Better
It’s no secret that I like LinkedIn. I use it all the time and regularly recommend and train our clients on using LinkedIn for a variety of business uses (if you’re a LinkedIn user too and if you want to, connect with me). Additionally, I pay LinkedIn for a professional account. As such, I expect more from LinkedIn, the least of which some assurance about the security of my information, and the opportunity to opt in – or out – of data sharing. What users like me don’t expect is shenanigans like this.
Bottom line, be careful. Know that LinkedIn has a developer network and an API, so who’s to know what information they might make available if you don’t know about – and change – these settings.
LinkedIn API – What Info Is Available?
And, in case you’re wondering, the kinds of things that developers can get from the LinkedIn API include, but aren’t limited to the following kind of data:
Information about that member’s network
Information about companies
Suggestions to companies to follow
Sound like data you’d like to know is at least a little bit protected? For me, it sure is. For spammers, accessing data that belongs to others is a game. It’s like a puzzle. And working their way through a puzzle is what they do. Really, really well.
This is a backdoor tactic that LinkedIn should be ashamed of. As a public company now, they owe it to their users to do a better job of protecting the information that they trust the social network with. What do you think? Am I overreacting or does it hack you off a little, too?