Articles / Security

LinkedIn Scans Users Browser Extensions to Detect Scraping, Sparks Two Lawsuits Over Privacy

Available in: 中文
2026-04-09T20:35:30.577Z·2 min read
LinkedIn is facing two class-action lawsuits filed in US District Court for the Northern District of California over its practice of scanning users browsers to identify installed extensions. Linked...

LinkedIn Faces Two Lawsuits Over Scanning Users Browser Extensions

LinkedIn is facing two class-action lawsuits filed in US District Court for the Northern District of California over its practice of scanning users browsers to identify installed extensions. LinkedIn acknowledges the practice but disputes whether its privacy disclosures are adequate.

What LinkedIn Does

LinkedIn scans Google Chrome and Chromium-based browsers (including Microsoft Edge) to detect browser extensions that may violate its terms of service by scraping user data. The company uses JavaScript to enumerate installed extensions.

The Lawsuits

Two separate complaints were filed by different law firms:

Nicholas Farrell lawsuit: Alleges that LinkedIn privacy policy does not adequately disclose that it tracks browser extensions or shares data about extensions with third parties.

Jeff Ganan lawsuit: Claims LinkedIn crossed the line by using anti-abuse justifications as cover for massive covert browser surveillance that far exceeded necessity and consent.

LinkedIn Response

LinkedIn calls the allegations a fabrication:

This is a house of cards built entirely upon a fabrication. We do disclose that we scan for browser extensions in our Privacy Policy, in order to detect abuse and provide defense for site stability.

The company argues the scanning is specifically designed to detect extensions like Teamfluence that scrape LinkedIn data without user consent.

The Teamfluence Connection

The lawsuits rely on a BrowserGate report by Fairlinked, which appears to be connected to Teamfluence — an Estonian company that sells a LinkedIn radar tool and distributes a Chrome extension. LinkedIn suspended Teamfluence accounts for violating its user agreement by scraping data.

Key Questions

  1. Privacy policy adequacy: Does mentioning add-ons in a privacy policy constitute sufficient disclosure for browser extension scanning?
  2. Scope of scanning: Is detecting specific abusive extensions different from general browser surveillance?
  3. Third-party data sharing: Does LinkedIn share extension data with third parties?
  4. User consent: Do users reasonably expect their browser extensions to be scanned?

Broader Implications

This case could establish important precedent for how tech companies can monitor users local browser environments in the name of platform security.

Source: Ars Technica — April 2026

↗ Original source · 2026-04-09T10:00:00.000Z
linkedinprivacybrowserextensionslawsuitscrapingmicrosoftdatacollectionclassaction
← Previous: Iran Denounces Ceasefire Violations as Conflict Continues Despite AgreementNext: One Item Purchased, Ten Emails: How E-Commerce Over-Communication Is Destroying the Customer Experience →

Related Articles

Hacker compromises A16Z-backed phone farm, calling them the 'antichrist']
2026-04-14T04:44:56.014Z · Security
[36kr] 中信建投:受益军工补库/安全备货,持续看好战略金属投资机遇
2026-04-14T00:10:06.680Z · Security
The Dumbest Hack of the Year Exposed a Very Real Problem
2026-04-13T10:44:58.114Z · Security
Rockstar Games says hack will have ‘no impact’
2026-04-12T17:27:47.774Z · Security
Brocards for Vulnerability Triage]
2026-04-12T01:38:17.186Z · Security
Comments0