Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
The Courts Businesses Media Microsoft Social Networks United States Technology

Judge Says LinkedIn Cannot Block Startup From Public Profile Data (reuters.com) 166

A U.S. federal judge on Monday ruled that LinkedIn cannot prevent a startup from accessing public profile data, in a test of how much control a social media site can wield over information its users have deemed to be public. Reuters reports: U.S. District Judge Edward Chen in San Francisco granted a preliminary injunction request brought by hiQ Labs, and ordered LinkedIn to remove within 24 hours any technology preventing hiQ from accessing public profiles. The dispute between the two tech companies has been going on since May, when LinkedIn issued a letter to hiQ Labs instructing the startup to stop scraping data from its service. HiQ Labs responded by filing a suit against LinkedIn in June, alleging that the Microsoft-owned social network was in violation of antitrust laws. HiQ Labs uses the LinkedIn data to build algorithms capable of predicting employee behaviors, such as when they might quit. "To the extent LinkedIn has already put in place technology to prevent hiQ from accessing these public profiles, it is ordered to remove any such barriers," Chen's order reads. Meanwhile, LinkedIn said in a statement: "We're disappointed in the court's ruling. This case is not over. We will continue to fight to protect our members' ability to control the information they make available on LinkedIn."
This discussion has been archived. No new comments can be posted.

Judge Says LinkedIn Cannot Block Startup From Public Profile Data

Comments Filter:
  • Huh? (Score:5, Insightful)

    by Sebby ( 238625 ) on Monday August 14, 2017 @09:10PM (#55014015)

    We will continue to fight to protect our members' ability to control the information they make available on LinkedIn

    If users added their info, and made it public, it's not up to LinkedIn to decide what users want to protect.

    Besides, given LinkedIn's past behavior with scraping people's contacts/address books on their PCs and email accounts, it has no lessons to give anyone else.

    • Re:Huh? (Score:5, Interesting)

      by jenningsthecat ( 1525947 ) on Monday August 14, 2017 @09:39PM (#55014167)

      If users added their info, and made it public, it's not up to LinkedIn to decide what users want to protect.

      Besides, given LinkedIn's past behavior with scraping people's contacts/address books on their PCs and email accounts, it has no lessons to give anyone else.

      LinkedIn doesn't give a good goddamn about "what users want to protect", and their "past behavior" is the proof. LinkedIn cares only about having exclusive use of that mine full of data, (except for the bits and pieces that users gather about each other), because it doesn't want potential competitors to eat a slice of the pie they've come to think of as belonging entirely to them.

    • Re: (Score:2, Insightful)

      Whether or not the user made the info public, does this ruling affect how a website or service can regulate third parties and the extra load they create?

      Grabbing one users public info is a world of difference to grabbing a million users public info - LinkedIn may have a legitimate argument about undue additional load on their service as a result of scraping public info from them.

    • Re:Huh? (Score:5, Insightful)

      by sg_oneill ( 159032 ) on Monday August 14, 2017 @11:41PM (#55014673)

      If users added their info, and made it public, it's not up to LinkedIn to decide what users want to protect.

      Wrongo! Its their server. This ruling is *very* erroneous, and since I'm not in the job market, I'm going to be deleting my account now. Which is actually a shame, because I was using it to keep up with former workmates from previous jobs, but I'll be damned if I'm going to be handing my work history over to asshole companies that specializing in mining through other peoples bins looking for evidence to hang me with

      • by Sebby ( 238625 )
        But that line has nothing to do with the ruling - it specifically about how LinkedIn is pretending to 'protect' their users in that statement, as if it was trying to do them a favor "fighting" this.
    • As a LinkedIn user, I'm actually fine with anyone scraping my data and using it. Whatever information I put on LinkedIn, I did so with the full intention of being available to the public at large. That's the whole point of LinkedIn, at least for me. It's a place to post your public resume + a way of maintaining professional contacts with colleagues. If it were not publicly view-able, I wouldn't have bothered, as I want potential employers to be able to find me.

      Obviously, this is very valuable data, but

      • What kind of simpleton would give LinkedIn full access to their email account?
        Much to many, considering that I get contact suggestions that only can come from the fact that the other person imported my eMail address somehow into their linked.in account.
        Or how else should linked-in suggest one who I only know because I was sailing with him a year ago?

        • I guess I've never seen that the benefits outweighed the potential risks. E-mail security is absolutely vital to securing your complete online identity. Why someone would entrust that to a third-party is beyond me. If there's someone I want to get in contact with, I can generally do so without potentially compromising my email security.

          No offense, as the "simpleton" crack was probably not appropriate. Different people have different priorities, I guess.

    • In one feel swoop I shall render HiQ labs ploys against Linkedin worthless...(Please forgive the N00bness of my intrusion; *this is my first slashdot post ever.*) I have; as of 2 days ago, posted my Canadian SIN number on my blog as well as my enemies Youtube videos. I did this not only to prove that I have been spied on but also because I am done working for a corrupt system. You see; my SIN number has been "hacked by certain religious group(s) (111/666/644)... I wont bother posting any details here becaus
    • by DrXym ( 126579 )
      I have no love for LinkedIn and believe it is a skeezy meat market and data vacuum. However it is their website and I don't see why they shouldn't put any measures they like into it to prevent competitors from scraping it.

      Even if the ruling goes against them I'm sure they can think of imaginative ways to fuck around with people scraping their site.

    • by AmiMoJo ( 196126 )

      Back when I was on LinkedIn, so several years ago now, you used to be able to see who was viewing your profile. It was quite interesting to see who was looking at you. Mostly recruiters of course.

      If that's still the case then copying the data to another web site means that users of LinkedIn can no longer see who is viewing their profile, or get an accurate "hit count" on the stuff that is public and available to non-logged-in viewers.

      I don't know what controls LinkedIn has for privacy. Is public visibility

    • by mysidia ( 191772 )

      If users added their info, and made it public, it's not up to LinkedIn to decide what users want to protect.

      It is not absolutely public. Users shared their information with LinkedIn, and possibly chose not to restrict it through privacy controls LinkedIn offers users, BUT LinkedIn themself gets to decide how "Public" their website actually is. That "Public" could very well mean only visible to users that registered and/or accepted some terms prior to viewing.

  • Read https://linkedin.com/robots.tx... [linkedin.com]

    Especially at the end

    User-agent: *
    Disallow: /
     
    # Notice: If you would like to crawl LinkedIn,
    # please email whitelistcrawl@linkedin.com to apply
    # for white listing.

    • We don't need to look at robots.txt to know that LinkedIn would prefer they not do this, as there is a lawsuit about it. I'm guessing you don't understand that robots.txt is a request, not a mandate.
  • Translation (Score:5, Informative)

    by sit1963nz ( 934837 ) on Monday August 14, 2017 @09:44PM (#55014193)
    "We will continue to fight to protect our members' ability to control the information they make available on LinkedIn."

    Translates to

    "We will continue to fight to protect our profits and our ability to control and sell the information they make available on LinkedIn "
    • "We will continue to fight to protect our profits and our ability to control and sell the information they make available on LinkedIn "

      further translates to:

      "sell the information they make available for free on LinkedIn

  • My server, My rules (Score:2, Interesting)

    by Anonymous Coward

    LinkedIn's servers are their private property, and they should have the right to decide who can access them.

    In the physical world, there are many places that are generally "open to the public", but they are private property, and the property owner can order you to leave and never come back. If you come back again it's called trespassing, and it's a criminal offense. You can and will be arrested, and if you go to trial, you will be convicted. It's well settled law.

    I don't see why the LinkedIn situation is

    • by Kkloe ( 2751395 )
      A public profile is more like a item in a display window, if you display things in the windows of the store for people walking outside too see then it should be available to everyone, someone might go outside taking notes or images of what you have displayed to the outside.
      • And if some garment manufacturer chooses to allow Macy's to sell and display their garments in their window, but not Bloomingdales, why shouldn't they be allowed to do that?
        • This is more like a garment manufacturer displaying their garments in a publicly viewable Macy's window, but having a guard outside who pushes certain people off the sidewalk.
      • A public profile is more like a item in a display window, if you display things in the windows of the store for people walking outside too see then it should be available to everyone, someone might go outside taking notes or images of what you have displayed to the outside.

        No, a display window has no marginal cost per viewer, whereas a service like LinkedIn does. Crowds in front of display windows likely cause more people to come want to view the displays. Crawlers cause much higher loads on all sorts of backend systems compared to normal users. Each crawler has a real monetary cost to LinkedIn, and their usage may have a chilling effect on LinkedIn members.

        Further, the aggregate of openly available data is often much more valuable than what it simply visible on a profile.

        • by Kkloe ( 2751395 )
          actually there are still costs to a display windows as keeping it clean and depending on the land\road outside the store owner might to keep it clean aswell, so yes there are still costs, and like local taxes and rent for the building, if the land around the store get more popular as more people come there the tax can get higher or the building owner might put a higher rent.
    • They aren't any different and that's the point. They can't make it public and not public at the same time.
  • Microsoft bought Linkedin to profit off of users data. Users on Linkedin specifically post info so it is shared. Most users were members long before MS bought the social network. I certainly didn't have any say in this purchase, or my data. I don't appreciate that they can buy my public data, 3rd party website or not, and then act holier than though about it.

    I'm not sure MS could create a social network that worked based on their past history. They've already changed the behavior of the site to promo

  • So accessing the public profiles is to be allowed unless its done in such a way as to create unnatural load on their servers, something akin to a DDoS attack. They can set a throttle on hits per minute for programmed access. Or provide an API so HiQ and others can access the public profile info without impacting user facing servers, except the users get an additional profile security option to allow API access and default it to Off for everyone initially so they can opt in.
    • by Joe U ( 443617 )

      So accessing the public profiles is to be allowed unless its done in such a way as to create unnatural load on their servers, something akin to a DDoS attack. They can set a throttle on hits per minute for programmed access. Or provide an API so HiQ and others can access the public profile info without impacting user facing servers, except the users get an additional profile security option to allow API access and default it to Off for everyone initially so they can opt in.

      So, public data, except not accessible to the entire public and not on by default.

      Sounds like a great way to give the host company a huge advantage on mining while pretending to give access to others. That API is worthless unless you restrict the host to the same requirements.

  • until the whopper at the end.

  • Am I the only one here who actually tried to read the article? The summary points to the wrong article: "Tech companies in the crosshairs on white supremacy and free speech".

    The LinkedIn article is here [reuters.com].
  • ...Linkedin from rate-limiting the scraping. For example, limit scraping to 1 page ever 10 seconds after the 100th page request within 100 seconds. That would solve their problem.
  • Linkedin wants to have their cake and eat it, too. The users post their data for all interested parties to see, unless they put some explicit restrictions (e.g. friends only). Linkedin then add all sorts of artificial limits on visibility, search, and god forbid you try to fetch that data with a script. Suddenly it is no longer the person's data shared as they want, but Linkedin's data intended for monetization.

    I understand they have expenses incurred by careless bots. It is possible to traffic shape the

  • by Anonymous Coward

    LinkedIn should have a right to keep anyone from using their property - their servers.

  • by Anonymous Coward

    The ruling is certainly a tradeoff for the Internet.
    (Lowers content creation funding, but raises content access freedoms.)
    I think on balance it's a good thing.

    Here's the kernel of hiq's argument.

    28. LinkedIn is thus improperly using the Computer Fraud and Abuse Act, the Digital
    Millennium Copyright Act and related state penal code and trespass law, not as a shield – as
    intended by those laws – to prevent harmful hacking and unauthorized computer access, but as a
    sword to stifle competition and asse

  • We block people from scraping our clients' sites all the time, because it places excess load on the server.

    We played cat and mouse with one for awhile ... eventually, they emailed a generic address with our client and said they weren't going to give up, so we should just make an easy to consume feed available to them. I laid it out to the client and said they might want to consider it, but they didn't go for it.

    I can't imagine a court order mandating us to allow scrapers.

    • by mysidia ( 191772 )

      We played cat and mouse with one for awhile ... eventually, they emailed a generic address with our client and said they weren't going to give up

      This is when you get your attorney to write up a Cease and Decist letter and reply back to the scraper's E-mail, AND now they have been warned and ordered by the owner of the property to stop, and further actions can result in a lawsuit or criminal charges regarding Unauthorized Access/Access In Excess of Authorization.

  • If you'd bothered to RTFA before commenting you'd have noticed the link doesn't go to the story mentioned, it links to an article about Charlottesville.

The opossum is a very sophisticated animal. It doesn't even get up until 5 or 6 PM.

Working...