Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

In Re Linkedin User Privacy Litigation

March 5, 2013

IN RE LINKEDIN USER PRIVACY LITIGATION


The opinion of the court was delivered by: Edward J. Davila United States District Judge

ORDER GRANTING DEFENDANT'S MOTION TO DISMISS THE FIRST AMENDED CONSOLIDATED CLASS ACTION COMPLAINT [Re: Docket No. 59]

United States District Court For the Northern District of California

Plaintiffs Katie Szpyrka ("Szpyrka") and Khalilah Wright ("Wright"), collectively "Plaintiffs," bring this putative class action against Defendant LinkedIn Corporation ("Defendant" 19 or "LinkedIn"). Presently before the Court is LinkedIn's Motion to Dismiss Plaintiffs' First 20 Amended Consolidated Complaint (the "FAC"). Having reviewed the parties' papers and after 21 having heard oral arguments of counsel, the Court has determined that LinkedIn's Motion will be 22 GRANTED. 23 24

I.Background

LinkedIn owns and operates the website www.LinkedIn.com, which provides an online 26 community for professional networking. First Am. Consolidated Class Action Compl. ("FAC") ¶ 12, Docket Item No. 54. Prospective members may sign up for a membership by providing a 2 valid email address and registration password, which LinkedIn stores on its database. Id. ¶ 13. 3

Once registered, a member may create a free online professional profile containing such 4 information as employment and educational history. Id. 5

When members register, they are required to confirm that they agree to LinkedIn's User Agreement ("User Agreement") and Privacy Policy ("Privacy Policy").*fn1 Id. ¶¶ 15--16; Declaration 7 of Eric Heath in Supp. of Def.'s Mot. to Dismiss Exs. A, B. The "Introduction" to the Privacy 8 Policy states, 9 Of course, maintaining your trust is our top concern, so we adhere to the following principles to protect your privacy:

United States District Court For the Northern District of California

* All information that you provide will be protected with industry standard 12 protocols and technology.

Id. The "Security" section of the Privacy Policy states, 14

In order to help secure your personal information, access to your data on LinkedIn is password-protected, and sensitive data (such as credit card information) is protected by SSL encryption when it is exchanged between your web browser and the LinkedIn website. To protect any data you store on our servers, LinkedIn also regularly audits its system for possible vulnerabilities and attacks, and we use a tier-one secured-access data center. However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to LinkedIn. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. Please note that emails, instant messaging, and similar means of communication with other Users of LinkedIn are not encrypted, and we strongly advise you not to communicate any confidential information through these means.

Id.

For a monthly fee, members can upgrade to a paid "premium" account which grants them 24 increased networking tools and capabilities. FAC ¶ 14. Members who purchase a premium account 25 26 agree to the same terms and services of the User Agreement and Privacy Policy as if they were 2 non-paying members. Heath Decl. ¶ 3, Exs. A, C. 3 4 services. FAC ¶ 4. On June 6, 2012, the hackers posted approximately 6.5 million stolen LinkedIn 5 users' passwords on the Internet. Id. ¶ 27. Plaintiffs also allege that the stolen information also 6 included the users' email addresses. Id. ¶ 29. On or around June 9, 2012, LinkedIn released a 7 statement on its blog stating that it had recently completed a switch of its password encryption 8 method from a system that stored member passwords in a hashed*fn2 format to one that used both 9 salted*fn3 and hashed passwords for increased security. Id. ¶ 31. 10

Plaintiffs allege that sometime in 2012 hackers infiltrated LinkedIn's computer systems and Plaintiff Wright registered for a premium LinkedIn account on or around March 2010, paying a monthly fee of $99.95 for the premium, upgraded services. Id. ΒΆΒΆ 46--47. She alleges that 12 her password was one of the ones retrieved by the hackers and posted on the Internet on June 6, 13 ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.