by Brent Dirks
June 6, 2012
LinkedIn has updated its free iOS app today to change how data from the meeting notes section of your calendar was sent back to the company without explicit permission. The Next Web broke the news last night that in the previous version of the app, if a user opted-in to the calendar viewing feature, every entry for the next five days is scraped and sent back to LinkedIn every time the app is opened. More troubling was that the information was sent in plain text, not cryptographically hashed to protect privacy. After the story broke, LinkedIn’s head of product development Joff Redfem responded in an official blog post. The calendar feature is designed to show information about the people in the meeting from their profiles on the site. Redfem also explicitly laid out what the app does and doesn’t do.
We Do: We ask your permission before accessing your calendar, this will continue to be an opt-in feature We provide you with a way to turn off the calendar feature at any time in the settings We send calendar data to our server only when the LinkedIn app is launched to be matched with relevant LinkedIn profiles of meeting attendees We send your calendar data to our servers over a secure SSL connection We Don’t: We do not store any calendar information on our servers We do not share or use your calendar data for purposes other than matching it with relevant LinkedIn profiles We do not under any circumstances access your calendar data unless you have explicitly opted in to sync your calendarBut, in version 5.0.3, data from the meeting notes section of a calendar is no longer sent to LinkedIn and there is a new “learn more” link to provide information about how your calendar data is being used. And if that privacy dustup wasn’t bad enough for the company, The Verge reported early this morning that a user in a Russian forum has claimed to hack almost 6.5 million LinkedIn user account passwords. The passwords are hashed, meaning it would take time for someone to crack the information. But it’s still worrisome. On Twitter, LinkedIn said the company was unable to confirm that any type of security breach has occurred and to “stay tuned.” Even so, it would probably be a good time to change your LinkedIn password. LinkedIn is a universal app designed for both the iPhone/iPod touch and iPad. It can be downloaded free in the App Store. Does this dustup change how you look at the business-oriented social network? Source: The Next Web, The Verge