Fake LinkedIn accounts used to obtain member data
Professional social networking site LinkedIn is taking legal action to try and force Amazon to hand over the names of people it says registered fake LinkedIn accounts to extract its users’ data.
The social media platform for professionals is fighting back after the fake accounts holders used bots to scrape data from the profiles of hundreds of thousands of its users.
LinkedIn traced the fake accounts to an Amazon Web Services account.
Many PeopleBiz readers will be familiar with LinkedIn Recruiter service that allows recruiters and headhunters to search the LinkedIn database of 259 million users. LinkedIn describes this service as one of its fastest growing and its integrity is vital.
In a public statement LinkedIn spokesperson Hani Durzy, said: “We’re a members-first organisation and we feel we have a responsibility to protect the control that our members have over the information they put on LinkedIn.”
A recent story in Information Week by Kristin Burnham reports the suit filed in California is against unnamed parties. It claims that since May 2013 the Doe Defendants’ used various automated software programs to register thousands of fake LinkedIn member accounts to extract and copy data from legitimate member profile pages.
Scraping is prohibited by LinkedIn’s user agreement and could also be a breach of US state and federal laws covering computer security and copyright.
“The Doe Defendants’ unlawful conduct threatens the LinkedIn platform in several ways. It undermines the integrity and effectiveness of LinkedIn’s professional network by polluting it with thousands of fake member profiles,” the company said in the complaint.
“Moreover, by pilfering data from the LinkedIn site, the Doe Defendants threaten to degrade the value of LinkedIn’s Recruiter product, in which LinkedIn has invested substantially over the years.”
Burnham reports that LinkedIn disabled the fake member profiles and put additional safeguards in place to protect user information.
She quoted a legal expert that believes the real battle will not be in the courts but in LinkedIn’s engineering department.
“Corporations are, by and large, left on their own to defend against bad actors in the IT space, so LinkedIn will be spending a lot of time figuring out how to block these people and how to prevent copycats,” Gant Redmon, general counsel for Co3Systems told Burnham.
Linked is one of a number of high profile battles between social platforms and fake account users including:
Twitter – in its IPO filing, Twitter listed spam as a risk factor that could hurt its reputation for “delivering relevant content or reduce user growth and user engagement and result in continuing operational cost to us.” Twitter estimated that fake accounts make up less than 5% of its monthly active users, though it said it was difficult to say for sure.
Facebook – In September the company was awarded $3 million in damages after Power Ventures and its CEO were found liable under the Can-Spam Act for sending more than 60,000 spam email messages to Facebook members. The company created a software program to access Facebook’s website, scraped user information from it, and changed its own IP address to bypass Facebook’s technical barriers, the ruling said.
Kristin Birnham covers social media, social business, and IT leadership and careers for InformationWeek.com. Contact her at Kristin.Burnham@ubm.com
Editors Note : LinkedIn’s Scraping Software Policy
Does LinkedIn allow the use of software tools that copy information from LinkedIn and utilize it outside the LinkedIn platform?
LinkedIn is committed to keeping its members’ data safe and secure. In order to protect the data that our members entrust to us, we don’t permit the use of any software, including crawlers, bots, browser plug-ins, or browser extensions (also called “add-ons”) that scrapes or copies LinkedIn profile or contact information. Such tools violate the user agreement, including many of the “Don’ts” listed in Section 8.2:
1 Scrape or copy profiles and information of others through any means (including crawlers, browser plugins and add-ons, and any other technology or manual work);
2 Deep-link to our Services for any purpose other than to promote your profile or a Group on LinkedIn (as set forth in the Brand Guidelines), without LinkedIn’s consent;
3 Copy, modify or create derivative works of LinkedIn, the Services or any related technology (except as expressly authorized by LinkedIn);
4 Collect, use, copy, or transfer any information obtained from LinkedIn without the consent of LinkedIn;
5 Share or disclose information of others without their express consent;
6 Use manual or automated software, devices, scripts robots, other means or processes to access, “scrape,” “crawl” or “spider” the Services or any related data or information;
7 Use bots or other automated methods to access the Services, add or download contacts, send or redirect messages.
Any member who uses tools for such purposes is in violation of the User Agreement. This means they risk having their accounts restricted or shut down. They also risk the possibility that these tools may become non-operational without notice.
In order to keep our members’ data safe, we’re constantly working to improve our technical measures and defenses against the operation of scraping tools that leverage LinkedIn’s platform.
Latest posts by admin (see all)
- Almost 80% of small businesses don’t have adequate workplace policies: Research - November 19, 2015
- HR outsourcing on the rise - November 16, 2015
- Fake LinkedIn accounts used to obtain member data - November 16, 2015