LinkedIn Lands in Court for Spying on Your Browser Extensions
LinkedIn is now facing two class-action lawsuits in the United States over claims that it scans users’ browser extensions without clearly informing them. In response, the company acknowledged that it checks for browser extensions, saying it does so to detect tools that scrape data without permission and to protect the platform from abuse.
However, the complaints claim that LinkedIn’s actions go beyond what users would reasonably expect. The plaintiffs argue that vague references to “browser data” or “add-ons” in a privacy policy do not clearly explain that a website might actively scan a user’s browser to identify installed extensions. One filing states that a typical user would not interpret those general disclosures as permission for what it describes as covert inspection of their device.
The controversy gained momentum after a report from the German advocacy group Fairlinked claimed that LinkedIn uses a script that runs when users load the site, allowing it to detect thousands of browser extensions. Independent testing by security researchers has confirmed that LinkedIn performs extension detection through client-side scripts, though the scale and intent remain disputed.
The report suggests LinkedIn checks for more than 6,000 extensions, including tools unrelated to scraping. It also claims the script gathers device-level information such as memory capacity, screen size, language settings, and time zone. These data points are often used in browser fingerprinting, a method that can help identify unique devices.
Because LinkedIn accounts are tied to real identities, including names, job titles, and employers, many argue that combining this information with device data will allow for deeper profiling. Fairlinked goes further, claiming the scan includes extensions tied to sensitive areas such as political views, religion, and health-related tools. Some of these claims, including whether data is shared with third parties, have not been independently verified.
LinkedIn has strongly rejected the accusations. The company says the claims are exaggerated and tied to a dispute with a developer linked to a tool called Teamfluence, which it alleges was used to scrape LinkedIn data in violation of its terms of service.
In statements to media outlets, LinkedIn has described the allegations as inaccurate and insists that its extension scanning is disclosed in its privacy policy. The company maintains that it uses this information only to detect abuse and protect its systems, not to infer sensitive personal details about users.
Still, the lawsuits focus less on whether the scanning exists and more on whether users truly understood it. Lawyers behind the cases argue that meaningful consent requires clear and specific disclosure, not broad language that most users are unlikely to interpret in a technical way.
For more articles like this, check out our Tech News page!