The Secure Times

An online forum of the ABA Section of Antitrust Law's Privacy and Information Security Committee

Recent Google and LinkedIn Lawsuits Provide Lessons for Web and Mobile App Developers

1 Comment

Recent lawsuits against Google and LinkedIn remind website and mobile application developers to be fully transparent when crafting user agreements and interacting with users.

In the Google suit, Google’s Gmail service is accused of scanning users email in order to create user profiles and provide targeted advertising.  In an attempt to dismiss the case, Google unsuccessfully argued that the Wiretap Act, which authorizes email providers to intercept messages in order to facilitate message delivery (or other incidental functions), protected its practices.  More significantly, however, was how the court treated Google’s assertion that Gmail users had consented to the scanning under its end-user agreement.  The court held that the agreement did not adequately spell out Gmail’s practices.  Nor did it explain how Google would use the information it was scanning.  Additionally, the court found that non-Gmail users, whose emails to Gmail users would also be scanned, did not consent to the user agreement.  This ruling suggests that developers should continually be transparent about their practices, including the purpose of the information they are collecting.  And developers should be mindful about non-users who may interact with their platform, and whether such users’ consent raises privacy concerns.

In a separate suit, LinkedIn is accused of improperly accessing a user’s contacts through the user’s email account.  Upon logging in, LinkedIn asks for permission to access a user’s email account to discover the user’s contacts.  And once these contacts’ addresses are imported, LinkedIn asks for permission to invite them to connect.  Rather than asking the user to opt in, however, LinkedIn preselects all of the contacts it wishes to invite on the users behalf, and requires the user to uncheck contacts that should not be invited.  Under the procedure, a user may unwittingly send out hundreds of invitations to contacts in his/her address book. The lawsuit alleges that LinkedIn will email these contacts two reminder emails, and there is no way to unsend the invitations.  Finally, plaintiffs criticize LinkedIn’s notification of its terms of use policy because it does not require the user to actually view it or click through the policy.  Though the court has not ruled on the legality of LinkedIn’s practices, prudent developers will affirmatively require users to select contacts to invite to a service and generally disclose the implications of the users’ actions.  Additionally, developers should remember to require users to actually click through the terms of use (as opposed to simply requiring users to check a box).

The lawsuits are In re: Google Inc. Gmail Litigation, 13-MD-02430-LHK, and Perkins et al. v. LinkedIn Corporation, Case No. 13-cv-04303-HRL.

Advertisements

Author: Sanjay Nangia

Sanjay Nangia is an attorney at Davis Wright Tremaine's San Francisco office. He has a broad litigation practice, including antitrust, privacy/media, intellectual property (copyright, trademark, trade secret, patent), contract, and tort dispute. Sanjay also has counseled clients, including small businesses and non-profits, regarding intellectual property rights and risks, business entity formation, contract drafting and negotiation, joint ventures, employment, transactions, privacy, and other matters.

One thought on “Recent Google and LinkedIn Lawsuits Provide Lessons for Web and Mobile App Developers

  1. I have advised my clients on this same issue as it pertains to the collection of children’s information. In order to remain compliant with COPPA they have had to make certain disclosures that otherwise would not have been made.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s