LinkedIn, the professional networking website, is facing a lawsuit from a number of its users who say the company hacked into their external email accounts to gain access to their contacts' addresses. LinkedIn then spammed those contacts repeatedly by sending them invitations to join the social network, the lawsuit states.
"These 'endorsement e-mails' are sent to e-mail addresses taken from LinkedIn users' external e-mail accounts including the addresses of spouses, clients, opposing counsel, etc.," according to the complaint, Bloomberg reported.
The four plaintiffs said LinkedIn pretended to be the owner of the email account when it contacted people about joining the site.
"LinkedIn pretends to be that user and downloads the email addresses contained anywhere in that account to LinkedIn's servers," the suit said, according to Bloomberg. "LinkedIn is able to download these addresses without requesting the password for the external email accounts or obtaining users' consent."
The plaintiffs say LinkedIn sends reminder emails to users' email contacts for monetary gain.
While four people are involved in the suit thus far, the group is seeking damages on behalf of all LinkedIn users. The lawsuit also brings to light the issue of data privacy and security. Is LinkedIn making its users fully aware of what it does with their personal information? And, The New York Times asks, does LinkedIn actually have their consent to use that information?
As of the end of June, LinkedIn had 238 million users around the globe - an increase of 37 percent from the second quarter of 2012, the Times reported.
The company has defended itself, saying it always asks for consent from users before sending emails to their contact, the Times reported.
"LinkedIn is committed to putting our members first, which includes being transparent about how we protect and utilize our members' data," the company said. "We believe that the legal claims in this lawsuit are without merit, and we intend to fight it vigorously."
It has also denied ever hacking into users emails accounts or pretending to be a customer to reach other potential users, according to Bloomberg.
"We never send messages or invitations to join LinkedIn on your behalf to anyone unless you have given us permission to do so," a LinkedIn blog stated.
Yet hundreds of complaints have been filed on LinkedIn's own website regarding the privacy issue, Bloomberg reported.
The lawsuit was filed in San Jose federal court. The plaintiffs want a jury trial, according to the source.
Brett Montgomery is a fraud operations team leader at IDentity Theft 911.