The proposed settlement, which was outlined in court papers filed last week, calls for LinkedIn to pay up to $50 to some of the users who purchased premium memberships to the service. The social networking company also promises that for the next five years, it will protect users' passwords by “salting” and “hashing” them.
“This settlement provides an extraordinary result,” lawyers for the plaintiffs say in a motion asking U.S. District Court Judge Edward Davila in San Jose, Calif. to approve the deal. “By providing significant direct cash to the class and valuable prospective relief, the instant settlement exceeds the majority of privacy settlements that have won preliminary and/or final approval.”
If it gets the OK, the settlement will resolve a class-action lawsuit brought by Virginia resident Khalilah Gilmore-Wright, a paid LinkedIn subscriber. She alleged that she wouldn't have purchased a premium LinkedIn membership if she had known the company used “obsolete” security measures.
The litigation stems from an incident in 2012, when hackers obtained access to the company's servers and then posted 6.4 million users' passwords online.
The deal provides that any money that isn't distributed to class members will go to three three nonprofits: the Center for Democracy and Technology, World Privacy Forum and the Carnegie Mellon CyLab Usable Privacy and Security Laboratory.
News of the deal comes several months after lawyers for both sides met with a mediator.
Davila will hold a hearing in January about whether to grant the settlement preliminary approval.