Will LinkedIn suffer Facebook's privacy problems?

In order to be successful, LinkedIn must exercise discretion in how it treats professionals and their data

LinkedIn's IPO has already raised billions. That value -- or overvalue, depending on your perspective -- derives from the mother lode of data on its 100 million-plus professional users. So the question looms: Will LinkedIn be tempted to treat that gold mine with the lack of discretion you'd expect of its Facebook cousin?

So far, LinkedIn has a solid track record of taking user privacy seriously. To begin, the privacy settings are straightforward: You can control whether people can see your "activities" (changes to your profile, who you've recommended, and so on) and your connections to others. LinkedIn also gives users the option to limit the data that can be accessed by advertisers. You can even opt out of "Web beacons," which provide advertisers with anonymous info about how users navigate LinkedIn.

LinkedIn's APIs may be of more interest to privacy buffs. These APIs are freely available to any and all developers for bringing "the power of identity and insights" to third-party sites. For example, there are plug-ins for bringing user and company profiles to third-party sites, as well as adding a button allowing LinkedIn users to log in to third-party sites or services.

Opening up data via APIs to third parties is inherently risky, but LinkedIn protects users by limiting what sort of data third parties can extract and what users of those third-party apps can view. According to the API documentation, accessing a user's LinkedIn data requires access tokens, a means of ensuring that the user making the request is who he or she claims. However, it is possible that someone could discover a vulnerability to exploit LinkedIn's tokens, which recently occurred with Facebook and Android platforms.

Further, users have control over which data can be viewed by anyone and which can be viewed by only approved LinkedIn users within their professional circles.

Nonetheless, a few potential worries are worth mentioning. LinkedIn does take pains to limit what user data an API can extract -- no phone numbers or desired job positions -- and has rules as to how that data can and can't be used; for example, it can't be sold to advertisers. But the company admits it may not screen or audit all third-party apps and services that use the APIs, and it can't guarantee those third parties will abide by all the rules. "You agree that your use of Combined Services or Platform Applications is on an 'as is' basis and without any warranty," the terms read.

Also, if you connect to an app via a LinkedIn API, then decide to dump it, your connections may still have access to the info you provided the app. As the company puts it, "Users of LinkedIn may still be using the Platform Application, so the Platform Application or Combined Service may still have access to certain information about you, just as those Users do. That is why it is important to only connect to Users you know and trust."

Even third parties that adhere to the letter of LinkedIn's policy laws can find ways to come up with mashups that might not sit well with users. One striking example is a website called Mixtent, which allows you to vote for your LinkedIn connections in different ways. For instance, you can log in via your LinkedIn account; once in, you might be given a question, such as, "With which of these people would you rather be stuck on a desert island?" followed by a choice of two of your contacts. You vote, and over time you get a ranking that your fellow LinkedInners can view.

The folks at Mixtent will tell you that there's a value in letting your LinkedIn peers vote on your leadership abilities and other skills: Recruiters will be dazzled by your high rankings and send job offers your way. But of course, many professionals might not like this sort of public scrutiny. Plenty of people have LinkedIn connections they don't really know, and through those connections become unwitting fodder for external sites such as Mixtent.

As LinkedIn grows through its huge infusion of cash, it's not too far-fetched to expect that more of these sites will spring up.

If LinkedIn is going to keep users engaged and feeding the LinkedIn databases with current, useful information, the service will need to come up with sensible policies regarding how third parties can use that data. The last thing a professional wants to do in order to find a nugget of value on the site is to have to opt out of application after application, reject contact request after contact request, and click through sponsored screens.

The real risk, then, is in how LinkedIn will respond to the pressures of being a public company that needs to show growth and profitability quarter after quarter. Many professionals spend more money on their company's behalf in a year than your average Facebook user would in a lifetime. The temptation to monetize with targeted ads and the brokering of enriched user data will be strong. Let's hope LinkedIn does not heed that call.

This article, "Will LinkedIn suffer Facebook's privacy problems?," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow InfoWorld.com on Twitter.

Copyright © 2011 IDG Communications, Inc.