A strange message arrived in my LinkedIn inbox yesterday. A connection copied me into a round robin message which was designed to request a personal recommendation. Unusually for LinkedIn, I was able to see the list of all the people who had been sent the message.
Even stranger, the email notification I received of the same message included all the email addresses of those same people. This is a clear breach of UK Data Protection Law. You don’t need to be a lawyer or the Information Commissioner to know that it is a violation to publicise people’s personal email addresses without their permission.
Who is breaching data protection rules?
The question is, who is guilty of breaking the rules? The person who sent the message was using a third party tool called Erated (more on that below), which created the messages. The data being shared was from LinkedIn, which is bound by the rules of Data Protection but which is unwittingly having its data shared.
So, if I, as a subject of this breach, wish to complain, who would the defendant be? Even without a complaint, this serious breach of privacy should act as a warning to anyone not to use third party tools like Erated.
What exactly is Erated and how does it work?
In order to see how Erated works, you have to log in using your LinkedIn profile – something I am not going to do. I advise you to be equally wary.
In the FAQ page, which describes how Erated works, we are told, “If you want to consolidate your reviews from your professional network you have come to the right place. We help you to collect ratings from your connections and make a better profile for your self in couple of clicks.”
This sounds all very attractive except for these warning signs:
- They bill in dollars, which means they are outside the UK Data Protection jurisdiction
- The fact that they bill at all is a security worry
- The poor grammar on the site suggests they are a sub-standard company not to be trusted (in my opinion).
The suggestion that the company is all about privacy protection is paper thin, though, when you notice there is nothing about them sharing all the email addresses of the people you send messages to, using the system.
If you want to lose connections fast on LinkedIn by pissing them off, Erated is for you.