LinkedIn scanning users' browser extensions sparks controversy and two lawsuits

LinkedIn is confronting significant legal challenges as two separate class action lawsuits were filed against it in the U.S. District Court for the Northern District of California. The core allegation is that the Microsoft-owned platform uses hidden JavaScript code to scan users' browsers on Chrome and Chromium-based browsers like Microsoft Edge, detecting which of over 6,222 extensions are installed. LinkedIn acknowledges the practice, stating it's for detecting abusive extensions that scrape user data, a disclosure it points to in its privacy policy's mention of collecting data on 'web browser and add-ons.' However, the plaintiffs argue this vague reference is insufficient and that the scanning constitutes a massive, covert surveillance operation.

The lawsuits, citing a 'BrowserGate' report by the advocacy group Fairlinked, allege the scanning goes far beyond simple abuse prevention. They claim LinkedIn builds detailed corporate technology profiles by detecting competitors' software like Salesforce and HubSpot, and even scans for personal tools like an Islamic content filter or neurodivergent user aids, which could reveal sensitive personal data. LinkedIn vehemently denies these broader espionage claims, calling the case a 'house of cards' built on fabrications by Fairlinked, which is linked to Teamfluence—an Estonian company whose LinkedIn accounts were suspended for alleged data scraping. The legal battle now centers on whether LinkedIn's scanning and data usage disclosures are adequate under privacy laws.