Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2013
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
Review Draft of 6 December 2010
Roger Clarke **
© Xamax Consultancy Pty Ltd, 2010
Available under an AEShareNet licence or a Creative Commons licence.
This document is at http://www.rogerclarke.com/EC/LinkedIn-1012.html
The business models underlying social networking services (SNS) are dependent on the provision of content by users, the compellingness of that content, and the capacity of the SNS operator to leverage off that content. It has therefore been in the interests of SNS operators to at least encourage and generally to enveigle users into providing content of interest to other users, and to maximise the discoverability and accessibility of that content. The terms of service and privacy policies applied to SNS are devised by SNS operators to serve those needs.
In the very early days of SNS, the author undertook an assessment of Plaxo (Clarke 2004). The market has diversified, adoption rates have grown, different services have achieved successes in different national contexts (see, for example, the Wikipedia entry), and the services have become more sophisticated and more closely inter-linked with the advertising market. Recently, a great deal has been published about the misbehaviour of leading players. Summaries of the issues are in Clarke (2010) re Facebook, and re Google's second attempt, Google Buzz (which follows its not-very-successful Orkut service).
Firefox 3.0.18 was unable to reliably render the documents in PDF, and copies were extracted using Safari 4.0.4.
A preliminary analysis was undertaken on 4-5 December 2010, by reading through the documents and identifying aspects that appeared to raise consumer rights or privacy issues. This activity was based on the author's 20 years of work in the eBusiness strategy and policy. Previous assessments have been published in Clarke (2005c, 2006 and 2008). Edited versions of the notes arising from that analysis are in Appendix 1 (Terms) and Appendix 2 (Privacy).
A second analysis was then undertaken, evaluating the two documents against a checklist of consumer interests and a privacy statement template. Details of the two reference-points are provided in the sections below. No testing has been performed of the details of particular functions performed by LinkedIn or of the veracity of claims in the two documents.
Conclusions were drawn, and this review draft was provided to LinkedIn for comment. [The paper was also exposed to colleagues who work in related areas, and to electronic communities comprising individuals with an interest in Internet policy and consumer matters and/or privacy. The draft was revised to reflect feedback received.]
This section describes a checklist of consumers' interests, and then reports on an evaluation of LinkedIn's Terms against it.
There is remarkably little in the way of a authoritative checklists of what consumers need in Terms of Service for online services. Clarke (2006) identified several partial sources, in particular OECD (2000) and UN (2003), and proposed a checklist. This was further enhanced in Clarke (2008), and discussed in Svantesson & Clarke (2010).
The Checklist is comprehensive, covering such aspects of the marketer-consumer relationship as information about the merchant, the process and the terms, the fairness of those terms, consent, privacy protections, recourse and redress. It is only a list, however, and does not, at this stage, include prescriptive statements about what consumers need. They therefore need to be interpolated, based on other sources and expertise.
Based on the 2008 version of the Checklist and LinkedIn's 2010 Terms, many aspects of consumers' needs appear to be reasonably addressed. There are, however, many other aspects that are not appropriately handled.
In the Information cluster, the accessibility of the terms is unsatisfactory, because prior versions are not available. On the other hand, if the company's assertion of the power to change contracts at will is accepted by courts (or never litigated), then old Terms become null and void as soon as the company makes a change.
Some of the Terms of Contract are not reasonable. Of particular concern are Terms 4A, 5 and 6, which deny any responsibility to actually provide the service, to provide it reliably, and to sustain all data stored on it. A further concern is the inconvenience for a great many subscribers of the jurisdiction of California, set by Term 8, irrespective of the location of the subscriber - even though for more than half of LinkedIn's subscribers, their contract is actually with a company in Ireland. Term 2I purports to impose unseen 'clickwrap' Terms in relation to the use of downloadable applications.
Terms 7A and 7B purport to provide the company with excessive powers to "restrict, suspend or terminate" accounts. Terms 10B1 and 10B28b set ambiguous thresholds in relation to "inappropriate, inaccurate, or objectionable content", and purport to provide the company with very substantial powers in relation to that content.
Term 9E purports to grant the company "the right to modify, supplement or replace the terms of the Agreement", i.e. to change the Terms unilaterally and without notice. Term 9G purports to deny a subscriber the right to any form of injunctive relief. Term 10B19 unreasonably prohibits a subscriber from taking what may be entirely justifiable actions to "Remove, cover or otherwise obscure any form of advertisement included on LinkedIn".
In relation to Security, aspects relating to the storage and transmission of data are reasonably clearly explained, and in general it appears that aspects that are under the company's control may be adequately addressed. However, Term 2F implies that if credit card details have been provided by the subscriber, then full rather than partial details are retained (e.g. all except the last four digits of the card-number).
Personal safety is unreasonably compromised, however. Identity protection is one area of concern. Term 2C(4) requires subscribers to "only maintain one LinkedIn account at any given time", despite the fact that many people use more than one identity. For literary authors and artists this may be merely a convenience, but for undercover operatives, and for political journalists in dangerous countries, it may be crucial to personal safety.
The situation is somewhat confused by Term 10B5, which says "[Don't] Create a user profile for anyone other than a natural person". A nom de plume is a partial profile, relating to one particular identity or persona of a natural person. (This kind of confusion is symptomatic of the failure of corporations and government agencies to appreciate that entities and identities are different notions). Term 10B26 says "[Don't] create a false identity on LinkedIn", without providing any guidance as to what the notion of 'false identity' means. Term 10B28a purports to ban the use of pseudonyms.
Personal control of location information is another factor crucial for some kinds of people, at least some of the time. Yet Term 2I forces subscribers to disclose their physical location, as a condition of service, and without an effective consent or even an opt-out facility, even if location is irrelevant to the transaction. Term 10B28h goes further and purports to preclude a person from protecting their net-location, and in some circumstances perhaps their physical location.
Particularly in view of these Terms, it is unconscionable for Term 5 to purport to deny "ALL LIABILITY FOR IDENTITY THEFT OR ANY OTHER MISUSE OF YOUR IDENTITY OR INFORMATION" (capitalised in the original).
As regards Consent, the Terms assert that the subscriber is granting consent, despite the fact that the Terms are all non-negotiable. This does not satisfy the requirements of informed and freely-given consent (Clarke 2002). Similarly, Term 9E purports to render consent irrelevant to modifications of the Terms of Service.
Recourse is severely limited. Although processes are declared in relation to complaints about copyright and content, no general enquiry and complaints process is provided in relation to such matters as service quality and terms of service. Nor is any external complaints process offered, nor any indication as to which regulators have responsibilities and powers in relation to the company's operations. Such information may be available to subscribers after they have logged in, but no information is available to people considering whether to become subscribers. Term 9G purports to deny a subscriber the right to any form of injunctive relief.
In relation to the final section of the Checklist, Redress, LinkedIn also serves subscribers very poorly. Terms 4A, 5 and 6 go as far as to purport to deny any rights to restitution, irrespective of the nature and gravity of the loss and of the extent of the company's responsibility for the harm occurring. No indication is provided of relevant laws, nor any way to initiate queries and complaints, nor any paths for seeking redress from any authority.
The 2008 version of the Checklist is deficient in not providing a separate heading for Copyright. Term 2B grants the company the kind of copyright licence over the subscriber's data that essentially negates the subscriber's nominal ownership of it. Anything that a subscriber puts on the site becomes available to LinkedIn with almost the same powers as if they owned it. This appears to include not only published Profile data, but also Registration data and 'Private' data. In relation to its own content, LinkedIn is over-zealous in its endeavours to protect its interests. Term 3 purports to grant a right to access, and to deny the rights to 'screeen-scrape' and to 'deep link'. None of those rights exists under copyright law.
Limited guidance is available in the literature as to what constitutes an appropriate form for a PPS Clarke (2011). Based on the author's 30 years of professional, consultancy and research activity in the area, including consideration of the various guides to and exemplars of PPS published by government agencies and industry associations, a Privacy Statement Template was published in Clarke (2005a, 2005b).
During the first 5 years following its publication, the Template has accumulated over 20,000 downloads. It has been used by many organisations in preparing their own PPS. Its primary benefit, however, is as a standard against which corporate PPS can be compared. The Template stipulates requirements in the areas of data collection, data security, data use, data disclosure, data retention and destruction, access by data subjects to personal data, information about data handling practices, the handling of enquiries, general concerns and complaints, enforcement, and changes to privacy undertakings.
A number of aspects of LinkedIn's PPS approach best practice, such as the clear explanations of the nature and purpose of the service (Introduction), of cookie-usage (1F), and of log data (1H). A number of the features of the service are also privacy-positive, such as the opt-out facilities for web beacons (1G) and promotional communications (2B), the repeated mentions of and links to Settings, the statement that users are provided with "granular control over the information they share" (3B), and the memorialisation provisions (3D).
However, a number of aspects give rise to concerns, some of them very serious.
Term 1, which links with 1A and 1B, refers to "certain information", but at no stage is it made clear which data-items the Terms refer to. This lack of clarity needs to be overcome in order to deliver 'certainty' to subscribers.
In relation to Data Security, Term 5B stipulates as a condition of service that the data will be stored in the USA, irrespective of the subscriber's location. For many of the more than 50% non-American subscribers, the USA has lower-grade data protection and more highly intrusive government powers than is the case in their own jurisdiction.
Although a statement is made about technical security measures, and about control over the behaviour of contractors, no undertakings whatsoever appear to be provided in relation to the behaviour of staff, and controls over that behaviour.
The term Data Use refers to LinkedIn's use of personal data that it has access to. Profile data is made available by subscribers to other subscribers. Private data is stored on the system by each subscriber for their own purposes alone. Yet Terms 1B and 1C provide the company with considerable latitude to put both Profile and Private data to any purpose it chooses, including for serving advertisements and for increasing networking. Term 3B also defaults to allow use of personal data by LinkedIn for polls and surveys.
The term Data Disclosure encompasses all forms of access to personal data by parties other than the subscriber and LinkedIn. LinkedIn's policies fall a long way short of an acceptable standard.
On the one hand, Term 2E states that "we do not ... provide your personally identifiable information to third parties for marketing purposes". On the other hand, Term 2F declares that "permission to access certain account information may be automatically granted [to a large number of LinkedIn Partners and Platform Developers] to provide combined services or functionality". This access is "automatically granted", i.e. a condition of service. There are grounds for concern that this may represent a substantial undermining of what otherwise appeared to be substantial assurances.
Term 2K is unreasonable, in that it purports to permit the disclosure of personal data, without legal authority, merely "to assist government enforcement agencies". Moreover, the provision appears to apply to almost any agency.
Although Term 3B declares that LinkedIn's settings are designed "to provide our users granular control over the information they share", a person who is not (yet) a subscriber cannot see what the options are. Moreover, Term 3B sets a default permission by subscribers to receive third-party advertising.
In addition, no undertaking is given to communicate to the subscriber that an exceptional disclosure has occurred; and no undertaking is given to disclose only such data as is necessary in the particular circumstances.
The Data Retention and Destruction undertakings are also inadequate. Terms 1J, 3A and 3C contain mutual inconsistencies. It is feasible that they could permit retention for a long period, or even indefinitely, and it is unclear what the complete set of purposes is that could be used to justify retention. As noted earlier, full credit-card details appear to be retained, which creates the risk of financial fraud.
It is a fundamental of data protection that Access and Correction Rights must exist. It would appear that the subscriber has access to data that they themselves create and the ability to maintain it. However, it is not clear that subscribers have the necessary access and correction rights in relation to:
Correction rights include the ability to delete data. But Term 1J suggests that data deletion is not under the subscriber's direct control, and, further, that a response to a request can take as long as 30 days, and even then the data may not be deleted.
As regards Information about Data-Handling Practices, a moderate amount about the company's processes is provided, together with an email-address for "questions or comments".
That address provides a starting-point for the Handling of Enquiries, General Concerns and Complaints. However, very little information is available about the processes involved. Term 5B states that "If you do not receive acknowledgment of your inquiry or it is not satisfactorily addressed, you may raise your complaint with TRUSTe". However, TRUSTe is merely the operator of a meta-brand (Clarke 2001), and the actions that the organisation takes have commonly had more to do with protection of its own brand than with protection of consumers.
In relation to Enforcement, there is, admittedly, no effective regulator in the USA. However, the Federal Trade Commission should be at least mentioned, and it is highly unsatisfactory that no mention is made of the large number of data protection commissioners in many countries throughout the world that have powers, particularly in relation to complaint investigation.
In short, all of the good features of the document are completely undermined by the malleability of the undertakings, at the company's sole discretion, without notice, and with what amounts to retrospective effect.
LinkedIn is targeted at professionals. It would be reasonable to expect that LinkedIn's users would be generally better-informed than users of other SNS, would have higher expectations about the reasonableness of the terms of service, would be more capable of registering their disapproval, and would expect professional responses from their service-provider. Yet LinkedIn's Terms include a significant number of provisions that are unreasonable and even unconscionable. The deficiencies are so serious that some categories of individuals should currently avoid any association with LinkedIn.
It is unclear what proxy the corporation used for its users when it devised the Terms. Focus groups would be one way to gather insights into the expectations and concerns of targeted market-segments. Discussions with representative and advocacy groups would be another approach to gaining information. A further possibility is a third-party evaluation conducted by a consultancy with appropriate expertise.
SNS may be finally growing beyond fashion-accessories and becoming part of the fabric of the society - and particularly in LinkedIn's case, of the economy. During 2010, consumers have shown a heightened level of concern about the policies and practices of Facebook and Google. LinkedIn is also highly-exposed, by virtue of its size and the relative sophistication of its user-base. It would appear to be highly advisable that the company take much greater care in relation to the consumer-friendliness and privacy-protectiveness of its policies and practices.
This Appendix contains the results of the preliminary analysis of LinkedIn's Terms of Service, undertaken on 4 December 2010.
Term 2B grants the company the kind of copyright licence over the subscriber's data that essentially negates the subscriber's nominal ownership of it. Once you've put anything on the site, that's the end of your control over it.
The licence is provided to LinkedIn in respect of "any information you provide, directly or indirectly to LinkedIn, including but not limited to any user generated content, ideas, concepts, techniques or data to the services, you submit to LinkedIn".
For bland profile data, this may not be much of an issue. But subscribers are at risk of being sucked into publishing more than just profile data.
When a subscriber posts useful information (e.g. an answer to a request for advice) in a manner visible to every other subscriber, it may be reasonable to infer an open content licence (for everyone, not just LinkedIn). But a one-to-one message, even if it were accompanied by an express or implied copyright notice or confidentiality constraint (e.g. "just between you and me"), would arguably be open for exploitation by LinkedIn.
Term 2C(4) requires subscribers to "only maintain one LinkedIn account at any given time". But many people use more than one identity. Typical examples include literary authors and artists, but political journalists in dangerous countries, and undercover operatives may also be dependent on maintaining separation between their personas.
This is somewhat confused by Term 10B5, which says "[Don't] Create a user profile for anyone other than a natural person". A nom de plume is a partial profile, relating to one particular identity or persona of a natural person. (The confusion arises from the all-too-common failure to appreciate that 'identity' and 'entity' are different notions).
Term 10B26 says "[Don't] create a false identity on LinkedIn", without providing any guidance as to what the notion of 'false identity' means. Term 10B28a purports to ban the use of pseudonyms.
Term 2F implies that full credit card details are retained (if they are provided by the subscriber), rather than partial credit card details, e.g. all except the last four digits of the card-number.
Term 2I declares that "If you use the Services through a mobile device, you agree that information ... may be communicated to us, including ... your physical location". Hence, as a condition of service, subscribers are required to disclose their physical location, even if this is irrelevant to the transaction.
Term 2I purports to force subscribers to accept unseen Terms for the use of downloadable applications ("by using any downloadable application to enable your use of the Services, you are explicitly confirming your acceptance of the terms ...", emphasis added).
Term 2K declares that "You acknowledge that your submission of any information, statements, data, and content to us is voluntary on your part". This is not logical, because some data is obligatory, as a condition of registration.
Term 3 purports to "grant ... a ... right to access". No such right exists under copyright law.
Term 3 purports to deny a right to 'scrape', which is presumably intended to refer to 'screen-scraping'. It is unclear whether such a right exists under copyright law. It is in any case counter-productive, since it would preclude a subscriber sending a screen-image as part of an incident report. Term 10B11 repeats the purported prohibition against scraping.
The problem is compounded by Term 10B6, which says "[Don't, on pain of termination] Utilize information, content or any data you view on and/or obtain from LinkedIn to provide any service that is competitive, in LinkedIn's sole discretion, with LinkedIn". The 'sole discretion' term is unconscionable.
Terms 4A, 5 and 6 purport to deny any liability to provide the service, to provide it reliably, to sustain data stored on it, etc., and also purport to deny warranties or limit them to a very small sum. Term 4A even lacks a saving phrase along the lines of 'to the extent permitted by law'.
Term 5 purports to deny "ALL LIABILITY FOR IDENTITY THEFT OR ANY OTHER MISUSE OF YOUR IDENTITY OR INFORMATION" (capitalised in the original). Some of that information is provided openly, but some (such as credit card details) is provided to LinkedIn alone. It is unconscionable to attempt to deny liability in such circumstances.
Term 7B purports to empower LinkedIn to "restrict, suspend or terminate the account of any User [for] any ... behavior that LinkedIn, in its sole discretion, deems contrary to its purpose".
Term 7B also purports to empower LinkedIn to have a policy of "terminating accounts of Users who, in LinkedIn's sole discretion, are deemed to be repeat infringers under the United States Copyright Act". The terms 'sole discretion' and 'deemed' represent a far-from-adequate basis for such an action.
Further, the relevance of the US Copyright Act is unclear in the case of subscribers who reside other than in the United States, and whose contract is declared to be with LinkedIn Ireland Limited.
Term 8 purports to determine the jurisdiction as being California, irrespective of the locations of the subscriber and of the company with whom the subcriber has a contract, and to do so irrespective of law.
Term 9E purports to grant LinkedIn "the right to modify, supplement or replace the terms of the Agreement", i.e. to change the Terms unilaterally and without notice.
Term 9G purports to deny a subscriber the right to any form of injunctive relief, and is not qualified by any saving phrase along the lines of 'to the extent permitted by law'.
Term 10B1 imposes as a condition of service an obligation not to post "inappropriate, inaccurate, or objectionable content". Those terms are undefined and highly ambiguous, and could be interpreted as a very low threshold. For example, comments made in this analysis of LinkedIn's Terms could be argued (or, given the nature of other Terms, merely asserted or deemed) to be any and all of "inappropriate, inaccurate, or objectionable content". Similarly, Term 10B28b purports to ban "otherwise objectionable" content.
Term 10B4 says "[Don't] Include information in your profile or elsewhere, except in designated fields, that reveals your identity or sensitive personal information such as an email address, phone number or address or is confidential in nature". Presumably this is meant to be qualified by 'unless you intend to disclose it'. But 10B4 is expressed as a condition of access that has to be 'strictly observed', and hence grounds for the draconian suspension and termination Term.
Term 10B28c prohibits "any personally identifiable information for which there is not a field provided by LinkedIn". Cultural variants are profuse (e.g. saints' names and their equivalents in religions other than Christianity, star-signs and other birth-signs). Breach (at LinkedIn's discretion) is asserted to be grounds for unilateral and unappealable termination.
Term 10B17 purports to prohibit "unsolicited communications to other Users", on pain of termination. This appears to be a rather silly Term for a networking site. Term 10B20 contains a more reasonable provision.
Term 10B19 purports to prohibit a subscriber from taking an action to "Remove, cover or otherwise obscure any form of advertisement included on LinkedIn". It is unconscionable to preclude such actions as:
Terms 10B21 and 22 purport to prohibit the use and sharing of personal data "obtained from LinkedIn except as expressly permitted in this Agreement or as the owner of such information may expressly permit". The context of a networking service that publishes individuals' creates circumstances in which consent is implied, and does not have to be express, particularly in an Agreement between the accessor and LinkedIn.
Term 10B24 says "[Don't] Invite people you do not know to join your network". This appears to be impracticable in a professional networking service - unless the concept of 'know' has been substantially redefined.
Term 10B28h prohibits content that "Forges headers or otherwise manipulate identifiers in order to disguise the origin of any communication transmitted through the Service". This nominally precludes a person from protecting their net-location, and in some circumstances perhaps even their physical location. This threatens personal safety and has implications for executives in locations that would tend to disclose their activities at the time (such as negotiations with a takeover prospect).
In 2L, "We may also disclose [all personal data] as part of a reorganization or a sale of the assets of LinkedIn Corporation, a subsidiary or division. Any third party to which LinkedIn transfers or sells LinkedIn's assets will have the right to continue to use the personal and other information that you provide to us".
The combination of these provisions gives rise to the following issues:
From 1A, it is clear that the "certain" personal data includes "name, email address, country, and password", none of which is in itself problematical. From 1B, there is reference to "information [that] is minimally required at registration", from which might be inferred that the short list in 1A is all that is mandatory. It remains unclear, however, whether there are any other items of "certain" personal data whose provision is a condition of participation.
It appears that there are four categories of personal data:
On the other hand, a quite different set of categories appears on one open but obscure web-page entitled Managing Account Settings.
It might be inferred that only Registration and Profile data are available to LinkedIn for any purpose, including the serving of advertisements. But that is far from clear.
1C says that "All information that you enter or upload about your contacts ... will enable us to provide customized services such as suggesting people to connect with on LinkedIn". It therefore appears that all four categories of personal data are available to LinkedIn for any customised services, including increasing networking.
It might be inferred that LinkedIn will not disclose anything to its subscribers about other subscribers other than the (open) Profile data and the fact that, on the basis of the Registration data, both kinds of Profile data and Private data, LinkedIn imputes a potential for common interests between the parties. But that is far from clear.
In 1C, "You may not invite anyone you do not know and trust to connect with you". It is unclear what "know" and "trust" mean. Given that the purpose of the service is "to connect with others on LinkedIn", the practicality and the enforceability of this provision are both doubtful. The expression might also be inferred to empower LinkedIn to impute some kind of trust relationship between individuals simply on the basis of an invitation being sent.
In 1C, "The names and email addresses of people whom you invite will be used to send your invitations and reminders as well as to allow LinkedIn to help expand your network". This could be read as meaning that you may provide additional contact-details of your own contacts who are not LinkedIn users, and that LinkedIn may keep those additional contact-details. Name and email-address are not in themselves highly sensitive. On the other hand, some SNS encourage subscribers to upload their entire address-books, or to maintain their address-books on the SNS, in which case a great deal more about non-subscribers than name and email-address may be exposed to the SNS operator.
In 1J, "If you update any of your information, we may keep a copy of the information that you originally provided to us in our archives for uses documented in this policy". This is unbounded in time, and vague as to purposes. It could also be inferred to mean that even deleted data may be retained indefinitely, despite the expiry of the purpose for which it was provided.
In 3A, "even after your request for a change is processed, LinkedIn may, for a time, retain residual information about you in its backup and/or archival copies of its database". This is vague as to the retention period, but is much less unreasonable than the apparently conflicting provision in 1J.
In 3C, "we may retain certain data contributed by you if LinkedIn believes it may be necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally identifiable data, account recovery, or if required by law. LinkedIn may also retain and use your information if necessary to provide the Services to other Users". This appears to be a reasonable set of relevance criteria for data retention, but it is unclear whether this is the complete set of "uses documented in this policy" referred to in 1J.
In 1J, "You may request deletion of your information at any time by contacting LinkedIn customer service. We will respond to your request within 30 days". It is reasonable to infer that there is no general deletion command available within the service (although the function may be available for individual data items, by means of amending the content to <null>). In all circumstances, if a person has decided to request deletion, they want it done now and not deferred or forgotten. Further, in some circumstances, there may be personal safety concerns arising from the continued availability of the data.
On one occasion, however, by following an obscure trail within the site, a page entitled Managing Account Settings was discovered, which provides some information about those Settings.
In 2F, "permission to access certain account information may be automatically granted [to certain LinkedIn Partners and Platform Developers] to provide the combined services or functionality". The list shows there is a large number of partners.
This access is "automatically granted", i.e. a condition of service. There is a form of opt-out in the Settings area, but this is acknowledged as being only partially effective.
There are grounds for concern that this may represent a substantial undermining of what otherwise appeared to be significant assurances, in particular "we do not ... provide your personally identifiable information to third parties for marketing purposes. Further, we will only share your personally identifiable information with third parties to carry out your instructions or to provide the Services or information unless compelled by law, or as necessary to enforce our User Agreement or protect the rights, property, or personal safety of LinkedIn, its Users, and the public" (2E).
In 2K, "we may need to disclose personal information, profile information and/or information about your activities as a LinkedIn User ... if LinkedIn has a good faith belief that disclosure is necessary ... to assist government enforcement agencies".
This is unreasonable and excessive. No such disclosures should be made without legal authority. In addition, the term 'government enforcement agencies' is different from 'law enforcement agencies' and could be reasonably inferred to mean any government agency in any jurisdiction. (Exceptions are of course reasonable in rare emergency situations relating to the likely prevention of harm to a person or persons, but these must be subject to ex post facto controls).
In 3B, "LinkedIn accounts are also defaulted to allow Users to be contacted to participate in polls, surveys and partner advertising. Click here to change these settings". The company asserts that the majority of the Settings "are what we believe to be reasonable default settings that we have found most professionals desire"; but this does not appear to apply to these three settings, particularly the last of them (third-party advertising).
In 4, "You must not provide to LinkedIn and/or other Users information that you believe might be injurious or detrimental to your person or to your professional or social status". This is not matched by any requirement relating to 'information that might be injurious or detrimental to other people'.
In 5B (under a non-relevant heading), "by becoming a User, you have given us your express and informed consent to transfer the data that you provide to us to the United States and to process it in the United States".
This is a serious matter for the more than 50% of subscribers who are not resident in the USA, because US data protection law is the weakest in the advanced world, US government agencies have very substantial and in many cases ineffectively controlled data access capabilities, and the US asserts for itself very substantial extra-territorial powers.
Clarke R. (2001) ''Meta-Brands' Privacy Law & Policy Reporter 7, 11 (May 2001), at http://www.rogerclarke.com/DV/MetaBrands.html
Clarke R. (2002) 'e-Consent: A Critical Element of Trust in e-Business' Proc. 15th Bled Electronic Commerce Conference, Bled, Slovenia, 17-19 June 2002, at http://www.rogerclarke.com/EC/eConsent.html
Clarke R. (2004) 'Very Black 'Little Black Books' Xamax Consultancy Pty Ltd, February 2004, , at http://www.rogerclarke.com/DV/ContactPITs.html
Clarke R. (2005a) 'Privacy Statement Template' Xamax Consultancy Pty Ltd, December 2005, at http://www.rogerclarke.com/DV/PST.html
Clarke R. (2005b) 'About the Privacy Statement Template' Xamax Consultancy Pty Ltd, December 2005, at http://www.rogerclarke.com/DV/PSTAbt.html
Clarke R. (2005c) 'Evaluation of Google's Privacy Statement against the Privacy Statement Template of 19 December 2005' Xamax Consultancy Pty Ltd, December 2005, at http://www.rogerclarke.com/DV/PST-Google.html
Clarke R. (2006) 'A Major Impediment to B2C Success is .... the Concept 'B2C' Invited Keynote, Proc. ICEC'06, Fredericton NB, Canada, 14-16 August 2006, at http://www.rogerclarke.com/EC/ICEC06.html
Clarke R. (2008) 'B2C Distrust Factors in the Prosumer Era', Invited Keynote, Proc. Collecter IberoAmerica eCommerce Conf., Madrid, June 2008, pp. 1-12, at http://www.rogerclarke.com/EC/Collecter08.html
Clarke R. (2010) 'Vignettes of Corporate Privacy Disasters' Xamax Consultancy Pty Ltd, August 2010, at http://www.rogerclarke.com/DV/PrivCorp-0609.html
OECD (2000) 'Guidelines for Consumer Protection in the Context of Electronic Commerce' Organisation for Economic Cooperation & Development, Paris, March 2000, at http://www.oecdbookshop.org/oecd/get-it.asp?REF=9300023E.PDF&TYPE=browse
Svantesson D. & Clarke R. (2010) 'A Best Practice Model for eConsumer Protection' Computer Law & Security Review 26, 1 (January 2010) 31-37
UN (2003) 'Guidelines for Consumer Protection' United Nations, New York, 2003, at http://www.un.org/esa/sustdev/publications/consumption_en.pdf
Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. His focus for the last 20 years has been on strategic and policy aspects of eBusiness, information infrastructure, privacy and dataveillance. He is a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., and a Visiting Professor in the Department of Computer Science at the Australian National University. He is an Advisory Board Member of Privacy International, and a Board Member of the Australian Privacy Foundation and its Chair 2006-11.
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 40 million by the end of 2012.
Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 4 December 2010 - Last Amended: 6 December 2010 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/EC/LinkedIn-1012.html