But is this really a problem? LinkedIn is "advertising for yourself", presumably to get a job. With the exception of my phone number, I'm ok with the world knowing this information about me. It's the equivalent of a phone book and I'm putting myself out there and advertising myself in the hopes of getting a job.
if you look at the sample image there are data points like "inferred salaries", "inferred years of experience", number of connections (and possibly other stuff) that somebody may or may not have wanted to advertise to the universe.
the leaking of semi-public data (over which we may have some control) alongside "inferred bits" and behavioral data (over which we don't) and combined with other legally or illegally obtained sources means that individuals are facing an information environment where long held assumptions about who knows what no longer hold.
lots of people still don't seem to realize what a crushing downgrade it is in all senses (economic, social, political) to be a transparent, mined entity with no sovereignty
there are many ways to skin this cat if one was motivated enough to put their mind to it... but some suggestions anyway:
never have 700M profiles in one place. decentralization by default - large scale centralization only when absolutely needed and with rigorous controls as a public (or highly regulated) good.
never create portable / tradeable behavioral profiles that can be linked to individuals. what can happen will happen and is happening.
never offer trivial free services in exchange for significant private data. establish a respectful and healthy client/user relation without hidden third parties in the loop
I feel like the lines between a data leak and large scale scraping are getting blurred. At least in their impact for the user. Which is a bad thing as it will support the "so what" attitude that many people have toward their data.
It is a fact that all this data is already being crawled by bot nets.
If all data is leaked at once, this is similar to a large scale successful crawling of the site. At least from a user perspective.
So I get what you are saying. It sounds more dramatic than it actually is.
It is still a massive leak. But from a pool that scummy businesses have been thoroughly scooping from already anyway.
Are these details publicly-available for the scraping though?
I'd be suspicious it was an employee with internal access to the data or someone who had hacked such an employee's computer. Of course they wouldn't admit such criminal act and risk getting caught, they'd claim a route anyone could use.
You can also "hibernate" your account to disable it completely until you log in again. I just did this; my go-forward strategy will be to resurface and collect connections anytime I switch jobs, then hibernate it again when I no longer need it. That way it can serve its only real function of being a face for my job applications, and can be made invisible all other times.
It’s good to hear that it hasn’t affected you personally, but the severity of the leak must be assessed based on the privacy that was reasonably expected by users. LinkedIn has not met their duty to protect their personal information and that alone is enough to say: yes, it’s a problem.
Yeah I agree that LI hasn't done a great job of protecting their data from being misused. But that's the nature of social networks though, data is to be shared in order to build the network. As another commenter said, just don't put in anything you don't want people to find out. Absolute privacy cannot be achieved when you give out your information willingly. To paraphrase WOPR, "the only way to win the game is to not play."
Well I can see your point, but this is not exactly the same.
As a thought experiment imagine that someone now builds a website called Linkedout and they post your profile with a layover animation resembling a big red stamp which reads 'Slacker'. I guess you are not OK with THAT information about you.
I have no problem with people accessing my data, but only so long as it's people who have a valid reason to access that data. In the case of LinkedIn, I don't mind my connections, coworkers, and (reluctantly) recruiters seeing what's on my resume. I do mind a random hacker accessing that information, selling it to anyone who'll buy, and those people then using that data for things that probably aren't related to offering me employment.
