A gaggle of angry social networking professionals claim that LinkedIn "hacked" their email accounts, leading to a deluge of emails to their contact lists with invitations to connect with them on the social network, complete with their photo, name, and implied endorsement. They want the email spamming to stop.
LinkedIn, meanwhile, wants this litigation to stop, and argued in a motion to U.S. District Judge Lucy Koh (the judge who seems to be the de facto tech trial judge in Silicon Valley, who presided over the Apple v. Samsung trial and a Google privacy dispute, amongst others) that users gave them permission to access their email accounts.
Plaintiffs' Beef Rehashed
The complaint alleged that when users sign up, they are required to use an email address. If that email account is logged-in in the same browser, the company "hacks" into that account and harvests the email addresses, without any reminders, password entries, or warnings. Messages, with the user's name and likeness, promoting LinkedIn's services and implying endorsement, are then sent to user's contacts.
We've all gotten those emails: "Connect with John!"
I bought a car from John five years ago. Why is he trying to connect with me? Creepy ...
LinkedIn: You Clicked the Button
In their motion to dismiss, LinkedIn argues that they had permission to harvest contact information, reports Courthouse News Service.
"Plaintiffs acknowledge that LinkedIn members must click through a series of permission screens when using Add Connections. Any reasonably prudent Internet user who reviewed these screens would understand that, by clicking buttons labeled 'Allow' and 'Add Connections,' they were consenting to the challenged actions."
They also claim that, because they allege claims based in fraud, the plaintiffs face a heightened pleading standard under Rule 9(b), which would require the plaintiffs to "allege what screens they saw, how they were supposedly deceived by the screens, and what actions they took in reliance on them."
Consent or Informed Consent?
How much notice is actual notice? And does clicking "Allow" suffice for permission if, as the plaintiffs alleged previously, the terms and conditions that the user assents to are hidden in a small, grey, asterisked footnote?
"LinkedIn, contrary to industry practice, does not require members to view its Terms documents nor does it display its terms documents in such a way that a party would have sufficient notice," the complaint argued.
For paper contracts, font and clarity requirements can determine the enforceability of its terms. What about online permissions? Does burying the terms on a separate page, with the only link appearing in a barely noticeable footnote really inform consumers of what they are "Allow[ing]?"
It's an interesting argument. Shrink-wrap licenses, and their modern web-based counterparts have long-since bound consumers who don't actually read them before clicking "Agree." How far are we willing to push that line, however?
We have no issues with LinkedIn. If you're on the professional social network, we'll skip the annoying emails and simply invite you to connect with us.
- LinkedIn's Motion to Dismiss (via Courthouse News Service)
- FTC Investigates Facebook's Proposed Privacy Policies (FindLaw's Technologist Blog)
- 9th Cir: Google's Wifi Sniffing May Have Violated Wiretap Laws (FindLaw's Technologist Blog)
- En Banc Shots: 5 Cases Set for Arguments, Streaming This Week (FindLaw's Ninth Circuit Blog)