• by Wendy Davis  @wendyndavis, July 16, 2012

A federal judge has slammed the door shut on two LinkedIn users who attempted to sue the social networking service for "leaking" data about them via referrer headers.

U.S. District Court Judge Lucy Koh in San Jose, Calif., ruled last week that the LinkedIn users didn't sufficiently allege that the company violated federal or state privacy laws. She dismissed their complaint "with prejudice," which means that they can't beef up their allegations and try again.

Koh previously dismissed an earlier version of the lawsuit, but that dismissal was "without prejudice."

The litigation stemmed from allegations that LinkedIn embedded users' unique IDs in referrer headers, which are transmitted to ad networks and other third parties. The users said that those ad networks were able to then discover LinkedIn members' names and connect them to tracking cookies on other sites.

But Koh found those allegations too speculative to sustain a lawsuit. "Although Plaintiffs postulate that these third parties could, through inferences, de-anonymize this data, it is not clear that anyone has actually done so, or what information, precisely, these third parties have obtained," Koh wrote.

She also rejected the users' attempt to sue LinkedIn for allegedly violating promises in its privacy policy by disclosing users' personal data. Koh ruled that users can't pursue a breach of contract claim against LinkedIn because they didn't incur any financial losses.

LinkedIn isn't the only Web company to face litigation for leaking information about users via referrer headers. Facebook, Google and others were hit with similar potential class-action lawsuits.

Facebook prevailed last November, when it convinced U.S. District Court Judge James Ware in San Jose to throw out a user's lawsuit about referrer headers. But a different federal judge, Edward Davila in San Jose, recently rejected Google's bid to dismiss a comparable case.

In May, the Federal Trade Commission announced that MySpace agreed to audits for 20 years (among other terms) to settle charges that it violated its privacy policy by leaking users' personal information to advertisers.

Questions about referrer headers surfaced in 2009, when researchers reported that social networks leak users' personal information to advertisers by including it in the HTTP header information that is automatically sent to ad networks.