• by Wendy Davis , Yesterday

LinkedIn on Monday was hit with new class-action privacy lawsuits over allegations that it scans users' browsers to determine what extensions have been installed.

"When users visit LinkedIn, defendant executes hidden scripts that scan their browser for installed extensions and it then transmits that data to third parties without users’ consent or knowledge," California resident Nicholas Farrell alleges in a complaint brought in U.S. District Court in the Northern District of California.

Farrell adds that the extensions can reveal users' political opinions, religious beliefs, disabilities and employment statuses.

The other complaint, brought by California resident Jeff Ganan, makes similar allegations.

The complaints include claims that LinkedIn violates various California privacy laws as well as the anti-hacking laws that prohibit people from accessing computers without authorization.

A LinkedIn spokesperson disputed the claims.

"This is a house of cards built entirely upon a fabrication," the spokesperson stated.

Both suits are based on a recent report titled "BrowserGate," which alleged that the Microsoft-owned platform searches users' browsers for more than 6,000 different extensions.

That report, by the German entity "Fairlinked," which describes itself as an association of commercial LinkedIn users, also alleged that the scans enable LinkedIn to deduce additional information about users and their employers.

Bleeping Computer reported late last week that it tested LinkedIn and independently confirmed that the platform scanned users' browsers for extensions, but could not verify claims regarding LinkedIn's use of that data.

LinkedIn says in its privacy policy that it obtains information about users' networks and devices, including "web browser and add-ons."

Soon after the BrowserGate report was published, LinkedIn publicly acknowledged that it looks for "extensions that scrape data without members’ consent or otherwise violate LinkedIn’s Terms of Service" in order to protect users' privacy and "ensure site stability."

But the company added that it does not use the data "to infer sensitive information about members."