This dialog looks very similar to the login form to the site. If you use the same password for both sites (I don't), you might be thinking that you're logging in, when in fact you're bringing in everyone in your address book. Not sure, if they then automatically spam everyone on your list or not.
Linkedin clearly has crossed over to the dark side since they went public. They keep reducing their free services and pushing harder and harder to try to get you to sign up for "premium" accounts. It's time for an alternative.
I am so hoping the case goes to trial so we can see the evidence of this presented.
i. LinkedIn used the users current passwords with their external addresses to access the external emails. ( impossible) ii. Linked in use some sort of Oauth/google authentication access to information permission thing(can't remember the name). (highly unlikely)
In any case I think we can only be certain with the actual evidence.
The Customers filing suit should know that LinkedIn is a publicly traded company and not a scam site.
Because even these claims are outrages if not utter BS.
Did you mean to say that? I know nothing about the details of this lawsuit, but I hope you realize that being a publicly traded company is no proof of being virtuous in all one's business operations!
Scummy in either case, even if it's technically legal.
I get some really odd ones like the property manager we pay rent to. I've only ever emailed or called him.
I presume he gave LinkedIn access to his email contact list but based on the number of these creepy recommendations a lot of people I email with must do it.
Even more spooky are the recommendations to connect with people I don't know but have names that match people I do. Anyone know how they do this?
In today's world - individuals' data is the digital goldmine for any company.
LinkedIn is a publicly traded company (LNKD), like any publicly traded company their main goal would be profits, plus assets like customer data, etc.
This info can be seen in their financial statements: http://www.sec.gov/cgi-bin/browse-edgar?action=getcompany&CI...
Nowadays it's common practice for our digital footprints and identities to be designed/built/directed so that before we can gain access to a company's services, data or content that we would need to read and agree to the terms & conditions and the privacy policies, etc.
This info can be seen in LinkedIn's:
Terms and Conditions http://www.linkedin.com/legal/user-agreement?trk=hb_ft_usera...
Privacy Policy http://www.linkedin.com/legal/user-agreement?trk=hb_ft_usera...
Cookie Policy http://www.linkedin.com/legal/cookie-policy?trk=hb_ft_cookie
What, you mean I'm supposed to read those things? Yes.
One of those boxes invites you to "grow your network". It's not all that explicit as a call-to-action, as in the text may just be a slogan. The main focal point of that box is a login & password form, which looks exactly like the regular login form that users get when they want to do something that requires explicit re-authentication.
In other words: it's common to have to enter your login/password on LinkedIn, this looks a bit like one of those cases, so users will blindly start typing. If they use the same email/password combo for their email account as for their LinkedIn account, then they've just given LinkedIn access to that email-account.
The box itself is quite deliberately misleading. Unlike the regular invitations to load your addressbook, there are no Google or Yahoo logo's, and no explicit descriptions.
I don't know whether there is a more explicit request for permission at the next step before it starts sucking in conctacts, I don't dare entering a valid password.
If there is a next step that requires explicit confirmation, than this "trap" (which it quite obviously is) is merely annoying and a bit scummy.
If there isn't, I think they have a good case, because this is would basically be phishing in reverse.
I've noticed that the "People you may know" section started to contain faceless placeholder entries with emails from my address book (though, I'm not sure if/when I've given the iOS app the address book access).
I thought it more of bad UI and lack of attention on my part. Everyone in my address book got an Invite.
LinkedIn need to address this but I think this lawsuit over-states the issue (still need to examine it in full but first impression)
Thus, in legal proceedings, the user was entirely informed of the possibility of this situation arising.
For future users, this sets a precedent that users are aware of the terms and conditions (as they have always been), and no further accidental leaks of personal information will occur.
