Judge dismisses privacy lawsuit against LinkedIn
Lawsuit accused social media company of illegally sharing browsing histories with third parties
Computerworld - A federal judge in California dismissed a privacy class-action lawsuit against LinkedIn that alleged the social media network violated provisions of the Stored Communications Act (SCA) when it disclosed the IDs and browsing histories of LinkedIn users to advertising companies.
In a 27-page decision, District Judge Lucy Koh, of the U.S. District Court for the Northern District of California, ruled that LinkedIn cannot be sued under the SCA because the company is neither a remote computing service (RCS) nor an electronic communication service (ECS).
"The SCA only creates liability for a provider that is an RCS or an ECS," Koh said in her ruling. LinkedIn is neither and therefore did not violate the SCA, she noted.
News of the ruling in the case was first reported by legal blog Fourthamendment.com.
LinkedIn user Kevin Low filed the lawsuit in March 2011 on behalf of all users of the professional social networking service. Low alleged that LinkedIn violated his privacy rights under the SCA when the company illegally transmitted his personally identifiable browsing history to advertisers, Internet marketing companies, data brokers and web tracking companies.
Low claimed that LinkedIn's user tracking was different from the mostly anonymous tracking done by other Internet companies. "LinkedIn associates its users' unique identifiers with the cookies and beacons that are the keys to their browsing history," Low alleged in his complaint. "LinkedIn thus puts a name to browsing histories that would otherwise be anonymous, thereby exploiting its users' personal information for commercial profit."
Low claimed that LinkedIn's tracking abilities allowed the company to build highly detailed profiles of its users containing private and potentially embarrassing information gathered from their browsing histories. LinkedIn users who visit websites to discreetly seek information on medical conditions, personal problems or marital issues could have those details attached to their personally identifiable profiles, Low claimed.
Low's complaint provided details on what he claimed were the methods used by LinkedIn to conduct intrusive user tracking.
Koh, however, rejected the arguments, saying that even if Low's claims were true, the SCA did not apply to LinkedIn. She dismissed Low's argument that LinkedIn is a remote computing service as defined under the SCA.
Under the statute, an RCS is a company that processes or stores data belonging to others. "In defining RCS, 'Congress appeared to view 'storage' as a virtual filing cabinet,' " Koh said, citing from another case.
"LinkedIn was not acting "as a virtual filing cabinet," or as an off-site processor of data with respect to the user IDs it created," Koh wrote. The URL addresses of viewed pages were not sent to LinkedIn for storage or processing purposes, she said in dismissing the complaint.
Attorneys for Low could not be reached for comment at deadline.
The SCA is a frequently used statute in privacy lawsuits involving social media companies. Earlier this month, prosecutors used the provisions of the SCA to seek information from Twitter on an Occupy Wall Street protester who was being investigated for disorderly conduct.
In that case, the court ruled that the SCA did apply to Twitter and ordered the social media network to hand over the requested information despite its protests.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His email address is firstname.lastname@example.org.
- NSA defends collecting data from U.S. residents not suspected of terrorist activities
- Groups fear bill would allow free flow of data between private sector and NSA
- Google's move into home automation means even less privacy
- Bill to require warrant for email searches gains ground in House
- Coming soon to a fridge near you -- targeted ads
- Snowden leaks prompt tech firms to tout privacy, transparency policies
- License reader lawsuit can be heard, appeals court rules
- Is EU's 'right to be forgotten' really the 'right to edit the truth'?
- Tails 1.0: A bootable Linux distro that protects your privacy
- Privacy jitters derail controversial K-12 big data initiative
Read more about Privacy in Computerworld's Privacy Topic Center.
- Combating Identity Theft in a Mobile, Social World Offering identity theft protection and remediation allows businesses to give their workforce the confidence to efficiently engage while bringing financial reward to the...
- After a Breach: Managing Identity Theft Effectively This white paper from LifeLock Business Solutions notes that FIs in addition to managing fraud should strive to turn a negative event for...
- Combating Identity Fraud in a Virtual World This slide presentation reveals findings from the Javelin Strategy & Research 2012 Identity Fraud Report about mobile and social trends, the real risks...
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- On-Demand Webinar: Transform Your Datacenter with Cisco ACI and Citrix NetScaler Learn how Citrix NetScaler -- the leader in public clouds, integrates with Cisco ACI to enable the enterprise network transition to a new... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!