LinkedIn recently made a splash with a flashy new iPad app that lets you sync your calendar with your LinkedIn contact page, but it turns out this function presents some privacy concerns. Researchers Yair Amit and Adi Sharabani discovered that when LinkedIn is accessing your iOS calendar, it sends the details back to its servers, including some things you may want to keep private. And, this is not necessary for the app to function.
Their blog explains the issue: “LinkedIn’s app collects full meeting details from one’s iOS calendar, which contains sensitive information such as meeting notes. While accessing this information locally by the app is not a problem by itself, this information is collected and transmitted to LinkedIn’s servers; moreover, this action is currently performed without a clear indication from the app to the user, thus possibly violating Apple’s privacy guidelines.”LinkedIn’s Joff Redfern responded to the criticism by explaining that it is necessary to send calendar information to its servers to match up LinkedIn profiles and stressed that this process is done securely. He writes: “In an effort to make that algorithm for matching people with profiles increasingly smarter we pull the complete calendar event, including email addresses of people you are meeting with, meeting subject, location and meeting notes.”
Via The LA Times.