Introduction
LinkedIn [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11], a subsidiary of Microsoft, is embroiled in a legal battle over allegations of improperly sharing private messages from its Premium users to train artificial intelligence models. This lawsuit raises significant concerns about privacy violations and data misuse.
Description
LinkedIn [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11], owned by Microsoft [8], is currently facing a class-action lawsuit in the US District Court for the Northern District of California [7], initiated by Premium users [11], including plaintiff Alessandro De La Torre [2]. The lawsuit [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11], filed on January 21, 2024, alleges that the platform unlawfully disclosed private messages from its Premium customers to third parties [7], including Microsoft affiliates and an unspecified provider [2], for the purpose of training generative artificial intelligence (AI) models [1]. This is claimed to be in violation of the US federal Stored Communications Act, breach of contract [1] [2] [3] [5] [7] [10] [11], and California’s unfair competition law [1] [2] [3] [5] [8] [11].
The plaintiffs contend that LinkedIn began using personal data for AI training prior to a privacy policy update in September 2024 [11], which disclosed the use of user data for machine learning [11]. They argue that a new privacy setting introduced in August 2024 automatically enrolled users in a program allowing their personal data to be used for AI training without proper notification or explicit consent. Although LinkedIn later reversed this policy in the UK, European Economic Area [1] [3] [9] [10], and Switzerland [1] [2] [3] [9] [10], US users remained subject to the opt-out policy. The change was only made public in September following significant user backlash, and the lawsuit highlights that critical disclosures regarding data sharing were obscured in an FAQ rather than the Privacy Policy [10], suggesting an attempt to minimize public scrutiny [3].
The complaint emphasizes the sensitive nature of the communications shared [8], which include personal and professional information regarding employment and compensation. It seeks $1,000 per user for the alleged violations and additional damages for breach of contract and California’s Unfair Competition Law. The lawsuit also demands the deletion of all AI models trained on improperly collected data [2], raising concerns about the permanent embedding of customer data in LinkedIn’s AI systems, which could lead to future unauthorized use and expose user data across other Microsoft products, thereby increasing the risks of privacy breaches and misuse [8]. Furthermore, the lawsuit accuses LinkedIn of attempting to conceal its actions by modifying its privacy policy a month after the new setting was implemented [6], further eroding user trust.
In response to the allegations, LinkedIn has denied the claims [5], labeling them as “false claims with no merit,” and asserts that it does not share user data for AI purposes in the UK, the European Economic Area [1] [3] [9] [10], and Switzerland [1] [2] [3] [9] [10]. The company boasts over one billion users globally [1], with a significant portion in the US [1], and reported $1.7 billion in revenue from premium subscriptions in 2023 [1]. Additionally, LinkedIn has previously faced scrutiny from the Irish Data Protection Commission [4], which fined the company €310 million for violations of the EU General Data Protection Regulation (GDPR) related to its data processing practices [4].
Conclusion
The lawsuit against LinkedIn underscores the growing tension between technological advancement and user privacy. As AI continues to evolve, companies must navigate the complex landscape of data protection laws to maintain user trust. This case may set a precedent for how user data is handled in AI training, potentially leading to stricter regulations and more transparent data practices in the future.
References
[1] https://www.bbc.com/news/articles/cdxevpzy3yko
[2] https://www.itpro.com/security/privacy/linkedin-faces-lawsuit-amid-claims-it-shared-users-private-messages-to-train-ai-models
[3] https://www.techradar.com/pro/security/linkedin-facing-lawsuit-over-accusations-private-messages-used-to-train-ai
[4] https://www.siliconrepublic.com/business/linkedin-ai-lawsuit-us-premium
[5] https://www.thedailystar.net/tech-startup/news/linkedin-sued-using-private-data-ai-training-3806506
[6] https://digitalmarketreports.com/news/33175/linkedin-faces-legal-battle-over-alleged-misuse-of-private-messages-for-ai-training/
[7] https://mashable.com/article/linkedin-lawsuit-alleging-messages-used-to-train-ai
[8] https://www.cybersecurityintelligence.com/blog/linkedin-accused-of-misusing-private-messages-to-train-ai-models-8205.html
[9] https://www.computerworld.com/article/3808822/linkedin-sued-for-training-ai-on-private-messages.html
[10] https://legaltechnology.com/2025/01/23/linkedin-faces-us-class-action-for-allegedly-disclosing-private-messages-to-third-parties-to-train-ai/
[11] https://www.techspot.com/news/106474-premium-users-sue-linkedin-abusing-their-data-train.html
