Wednesday, July 09, 2014

Wow, LinkedIn as gone seriously evil

I don't know how long LinkedIn has been doing this because I hardly ever use my account, but today I accepted an invitation from someone and was taken to this screen:

It took me a moment to realize that LinkedIn was actually asking me, not for my LinkedIn password, but for my email password.  At the risk of stating what should be obvious, you should NEVER EVER give your email password to ANYONE.  Anyone who has your email password owns you.  They can, if they choose to, reset the password on any other account you have, including your on-line baking and brokerage accounts.

But, you may object, LinkedIn is a reputable company.  They would never do that.  Trying to break in to their customers' bank accounts would be incredibly stupid.  They'd be caught, and that would put them out of business.  And this is true.  But breaking in to your bank accounts is far from the only thing that someone with your email password can do.  They can also (again at the risk of stating the obvious) read your email.  And LinkedIn absolutely will do that.  How do I know?  By looking at the fine print of what they promise not to do: "We will not store your password or email anyone without your permission."  Even if we take them entirely at their word, they have just tacitly admitted that they are going to download everything in your inbox and store that.  In fact, the whole point of getting your email address is so they can download your contacts list, and the most effective way of getting that is to download all your email and see who you've already corresponded with.  And if they should happen to collect some additional data on you along the way that they might be able to sell to some marketing company, well, where's the harm, right?  I mean, those fine folks at LinkedIn need to make a living too, no?

What bothers me about this no so much that they are doing it, but the surreptitious way they are going about it.  If they were up-front about it, "Please give us your email password so we can log in to your account and collect your contacts list" (or, even better, "Please give us your password so we can break in to your account and rummage around in whatever we might happen to find there") that would be fine.  But LinkedIn obviously knows that no one would give them permission to do this if they knew what LinkedIn's real intentions were, so they have to be sneaky.

I'm starting to think that LinkedIn is an intelligence test: anyone who actually uses it has failed.

3 comments:

Danston said...

LinkedIn has been doing this from the beginning and getting flak for it.
http://www.flickr.com/photos/adactio/6060713976/

lordbap said...

What others might call rants, Ron, I call good reads. Thanks.

I've quit all social networking sites except LinkedIn by now. Considering that now too. They have always been shady.

Ron said...

@lordbap: Thanks for the kind words (though I don't think anyone called this post a rant :-)

@Danston: The image you link specifically says that they're going to search your email contacts. That's not quite full disclosure, but it's a lot better than what they're doing now (IMHO).