LinkedIn People You May Know Privacy Controversy

September 14th, 2009 | by Jason Alba |

I regularly get questions about how in the world LinkedIn knows who you might know… people that you are not connected to but show up in the People You May Know section.  I wrote to a contact at LinkedIn who gave me permission to paraphrase his response… which is this (this response was to my question from someone who saw some surprising suggestions in the box):

If you never imported your mail account contacts then LinkedIn really has no way to get them.

If you import your contacts from any system then LinkedIn can make the logic connections between YOU and your imported contacts.  Makes sense, doesn’t it?

The algorithm (logic) for the People You May Know section is proprietary – it’s their “secret sauce” (or what we in IT call “black box”), and is a constant work in progress.

There is an analytics person who scours LinkedIn data looking for correlations between connections to try to figure out why they connected.

Some of the logical, easy-to-figure-out connections would come from asking questions like:

Was the person you may know a common person they both knew at their most recent job? Someone at their first job? At college? Etc.

As you would expect, LinkedIn has revised this logic/algorithm over the years. Different factors would become the most important ones based on how the network changes and their understanding of it. Their goal is to deliver those “how did they know that” moments in a way that makes sense to you (not freaks you out).

Finally, my contact made it clear that the contacts that show up in that box are not coming from some access to any of your non-LinkedIn accounts without your approval.

Perhaps when it is most eerily correct, it’s more a function of them getting their algorithm correct :) I’m pretty confident that they are not hacking into my mail system, nor are they allowed access by my mail providers.

  1. 15 Responses to “LinkedIn People You May Know Privacy Controversy”

  2. By Miles Austin on Sep 14, 2009 | Reply

    I have wondered about this from time to time but was not bothered enough to dig into it. The explanation does pass the sniff test for logical. Guess we will have to take them at their word, no reason not to.

    Thanks for providing the answer to what will eventually become a trivia question!

  3. By Scar on Sep 15, 2009 | Reply

    I’ve wondered this about Facebook too; I share a computer with two other people, and they’ve had people popping up on their ‘Suggested Friends’ lists that are on my email contacts lists, but who I haven’t added. Long sentence, hope that made sense!

    It worries me slightly as it seems to be storing my email contacts even if they’re not my contacts on Facebook, and recommending them to others who share my machine.

  4. By Peter on Feb 1, 2010 | Reply

    I’m not sure that their response does pass the sniff test. A person recently showed up on my People You May Know list that I did know – 30 years ago. We live in different cities, in different countries, work in completely unrelated industries, have no contacts in common on LinkedIn and the language school where we met is not listed in either of our profiles. I have not had any contact with this person, personal or electronic, in the past 30 years.

    Now here is the interesting bit. The only electronic connection that does exist between us is that this person is a friend of my wife’s on Facebook. I am not connected to my wife on LinkedIn and am no longer connected with her on Facebook, having deleted my account there some time ago. But I used to be and those records undoubtedly still exist somewhere.

    I have asked LinkedIn for an explanation and, like you, they responded with a short list of obvious fields they use – none of which apply in this case. Otherwise, they decline to tell me how they made the connection. So, the question is, how did they glean this connection without mining data outside of our own LinkedIn profiles?

  5. By Greg on Feb 13, 2010 | Reply

    I had some of Peter’s concerns as well. My theory is this: I’m undoubtedly on some contact lists uploaded by others. So, it’s easy as pie for LinkedIn to suggest I might know THOSE people. Then, there are 2nd degree connections, 3rd degree connections, etc. I suspect LinkedIn is mining all uploaded contacts, looking for potential networks of connections. For example, if I’m on Mary, Bob, and Joes’s lists, and Susie is also on those 3 lists, then I might know people on Susie’s list, even if I never uploaded Susie as a contact. Combine this information with classmate information, colleague information, and there’s all sort of possibilities.

  6. By Peter on Feb 17, 2010 | Reply

    I agree that there is potentially quite a bit of information that LinkedIn could validly use to infer relationships, but in the case I described, none of this was applicable. The only electronic data that connected us existed on my wife’s computer in a supposedly separate application.

    Since that last post I have also seen on my “People you may know” list the person who bought my last house – more than 3 years before I joined LinkedIn. We are now in different cities and completely unrelated industries. We have no contacts in common. He is in my Apple Address Book, but I did not give LinkedIn permission to scan that for potential contacts.

    I am a software designer, not an expert in data mining or data security, but when I describe these situations to colleagues in that end of the biz they get jittery and tell me my concerns are valid. You know what they say about the duck.

  7. By Jason Alba on Feb 17, 2010 | Reply

    @Peter, what do they say about the duck? I’m dying to know :p

  8. By Peter on Feb 17, 2010 | Reply

    The old expression is: If it walks like a duck and it quacks like a duck and it looks like a duck …. then it is probably a duck.

  9. By Jason Alba on Feb 17, 2010 | Reply

    oooooooooooooooooooh yeah… that duck thing. Sorry, my brain was far away from ducks when I asked…

  10. By Jason Alba on Feb 17, 2010 | Reply

    @Peter and @Greg – have either of you installed the Outlook toolbar? Or what email systems do you use?

  11. By Peter on Feb 17, 2010 | Reply

    I use Apple Mail on my Mac. No connection to Outlook whatsoever (thank goodness).

  12. By Frank on Feb 17, 2010 | Reply

    I am not sure why this is an issue. The purpose of using any social networking site is to be found, isn’t it?

  13. By Peter on Feb 18, 2010 | Reply

    I would put it differently Frank. I see the purpose, especially of this site as it is a business networking site, rather than a social networking site, is to connect with people who you want to connect with. I search for people I am looking for and, if their personally set privacy settings allow, I find them. I find the “People you may know” feature to be useful, but I have not granted LinkedIn permission to access and use any and all data that may exist about me on my PC or in cyberspace. (And let me state that I have no direct evidence that they have done so and am simply questioning how they could have made some of these connections.)

    Separation of data sources is key to personal privacy. I don’t think that either of us would want this service, for example, to have access to our banking or income tax records to connect us to people in similar income levels. LinkedIn should only be using the data we explicitly provide to them to suggest connections. That is the principle we are discussing – not the result.

  14. By Rebecca on Mar 9, 2010 | Reply

    I too have concerns about this “people you may know” thing. I recently met someone completely new who has no friend or work connections to myself. We met through an online dating site (where we are both insulated with aliases and indirect email). We became friends on Facebook. Now he’s showing up in “people you may know”. And he guarantees that he has not allowed access of his contacts to Linkedin, and neither have I. That leaves our only connection being Facebook. Clearly there is some data sharing happening between Facebook and Linkedin.

  15. By Peter on Mar 9, 2010 | Reply

    Thanks for the confirmation Rebecca. I was pretty sure that I wasn’t drawing false conclusions, but it is hard to be certain when you only have one example.

    Here is the latest news in this saga. Being a cranky old SOB I am not predisposed to let this lie, so I have chased this story a little further. First, to close off other possible explanations I have confirmed with my mystery contact that she did not have me in her address book or any other reference to me on her computer. She also confirmed that she never performed a search for me on LinkedIn. That leaves my wife’s Facebook account as our only electronic connection.

    Then I re-opened the issue with LinkedIn customer support and asked them point blank whether they used any external data that users did not explicitly provide to LinkedIn. Here is their reply: “I can assure you that we do not obtain any information outside of one’s Linkedin account.” They suggested an e-mail address connection that was granted by my contact. I wrote back indicating that this was not the case and asked them to explain the specific data used to infer this connection. That was two weeks ago and I have not received a reply.

    I will send the question again, but they can decide to ignore me again if they choose. Jason, do you know of any way that we can spread this issue a little further?

  1. 1 Trackback(s)

  2. Feb 17, 2010: I’m On LinkedIn – Now What??? » Blog Archive » LinkedIn Privacy Issue: People You May Know

Post a Comment