LinkedIn Intro: Security, Privacy--You Name It, There's a Problem
If business is the mutual satisfaction of relationships, then automating the process of tracking who is who in your email inbox should be a boon. That's what Microsoft has done in Outlook, pulling together emails, meetings, news feed updates, and more about whoever is associated with a given email address.
Now LinkedIn is trying to do the same, and you can understand why. It's a business-oriented social networking site--what else would you expect it to do. That's what its acquisition of the Rapportive desktop application did for Google Apps and Gmail. Only, that can be tricky on mobile devices, particularly iPhones and iPads because Apple keeps a tight lid on what third-party vendors can do. Integration with Apple's email? We think not.
So LinkedIn launched an iOS Mail feature called Intro. The app, with your permission, intercepts your email, adds HTML to pull in extra information from LinkedIn, and displays the lot. You can see who people are and how you're connected to them.
As TechCrunch's Matthew Panzarino notes, it's both a very clever bit of engineering and something that should raise some significant security concerns, even though LinkedIn is unlikely to have nefarious intentions. He writes:
"Unfortunately, that feature relies on handing over access to your email to a third-party--LinkedIn. That's just never a good idea and may actually be against many corporate IT policies (I can guarantee it actually). Those corporate clients who have sensitive email that should never be transmitted via a proxy server probably have a fairly high overlap with the types of professionals targeted by LinkedIn with 'Intro.'"
Quite right. And as Panzarino also reminds, LinkedIn is one of those companies that have experienced a massive data theft loss due to someone compromising its security systems. But there are additional subtle security and privacy issues that should make someone hesitate about installing this app.
First, have you ever found, either on the sending or receiving side, that LinkedIn can get a touch ... zealous about sending invitations to contacts to either join the site or connect with a given user? Many have experienced this, and you're talking about sending virtually every contact email through the company's electronic hands. It can be embarrassing, puzzling, irritating, or a mix of the three. Effectively offering more email addresses would seem to tempt fate.
"After you install Intro, your emails are passed through LinkedIn's servers, which are secured and monitored 24/7 to prevent any unauthorized access.
In order to provide the Intro service, the servers use software to extract information from each message: for example, the sender's email address is extracted, so that the servers can search for their LinkedIn profile to include in the message."
No obvious limit on what information could be culled because there are only examples of what LinkedIn could do, not what it would refrain from. The company says that it does not disclose information to its partners, but a lot can be done with even aggregate data. And what are the chances that LinkedIn could introduce a contact to a competitor that buys ads because the two of you have swapped messages and the context of the exchange would show the person a potential good ad target? Automatic scanning of emails to better target ads is as common as Google and Yahoo.
ERIK SHERMAN | Columnist
Erik Sherman's work has appeared in such publications as The Wall Street Journal, The New York Times Magazine, and Fortune. He also blogs for CBS MoneyWatch.