Corporate Surveillance Investigation

LinkedIn Exposed Your Private Messages To Train AI Models

EvilCorporations.com • Case No. 5:25-cv-00709, N.D. Cal., Filed Jan. 21, 2025 • 30 min read

The Non-Financial Ledger: What Was Actually Stolen

LinkedIn is where people go when they are scared. Scared about losing a job. Scared about not finding one. Scared about what their career looks like after a layoff, a medical leave, a gap they are not sure how to explain. The InMail feature, available to paying Premium subscribers, is where those fears get typed out and sent to strangers who might be able to help.

Plaintiff Alessandro De La Torre sent InMail messages between July 2021 and September 2024 discussing startup financing, job searches, and attempts to reconnect with former colleagues. He is one person with one set of messages. Multiply him by the millions of Premium subscribers LinkedIn has, and you start to see the shape of what LinkedIn fed to its AI training pipeline.

Think about what actually lives inside those messages. A recruiter reaching out to someone who hasn’t told their current employer they’re looking. A founder asking a potential investor for money at a valuation they’d never want competitors to see. A mid-career professional quietly messaging a former boss after being pushed out of a role. A person reaching out to an old contact they lost touch with, navigating that awkward combination of professional need and personal history.

These are not public posts. They are not résumé bullet points. They are the private mechanics of people trying to survive in an economy that treats their labor as a commodity, sent through a platform those same people were paying specifically because it promised to protect that information.

The lawsuit warns that this data could now surface inside Microsoft’s product ecosystem in ways that users cannot predict or detect. A job search you kept secret could influence what a Word document auto-suggests. A salary negotiation you conducted in confidence could influence a Teams feature someone else is using. A business strategy you floated in an InMail thread could already be embedded in a model someone is querying right now. You will never know. LinkedIn has confirmed it will not delete the data or retrain the models, and the opt-out it eventually offered explicitly does not apply to training that already happened.

What LinkedIn sold to Premium subscribers was trust. The entire value proposition of a paid tier on a professional network is that the platform treats you differently than a free user, more carefully, more privately. LinkedIn priced that trust at $39.99 a month for career users, $169.99 a month for recruiters. Then it used that trust to harvest the most sensitive professional communications those users had, and handed them to AI training pipelines without asking.

There is no settlement that gives you back the salary negotiation that might now live in a machine. There is no check that restores the confidentiality of a conversation you had about whether to leave your job. The legal system can award damages. It cannot un-embed your private words from an AI model they were never supposed to touch.

Legal Receipts: What the Documents Actually Say

Every claim in this lawsuit is anchored to specific contractual language LinkedIn agreed to and then violated. The following are verbatim quotes from the complaint, drawn directly from LinkedIn’s own contracts and public statements.

“The artificial intelligence models that LinkedIn uses to power generative AI features may be trained by LinkedIn or another provider.” (LinkedIn FAQ, emphasis added in complaint)

• What this proves: LinkedIn acknowledged that your private data was shared not only with its own systems and Microsoft affiliates, but potentially with an entirely unnamed external party. The phrase “another provider” has no definition and no disclosure anywhere in the Privacy Policy or contracts users agreed to.
• Why burying it in a FAQ matters: The complaint notes this admission was placed in a secondary hyperlinked FAQ document rather than the Privacy Policy itself. The lawsuit treats this as deliberate: LinkedIn knew its existing terms did not authorize these disclosures, and used a low-visibility document to avoid further scrutiny while still technically having disclosed it somewhere.

“Process Customer Personal Data (i) only for the purpose of providing, supporting and improving LinkedIn’s services (including to provide insights and other reporting), using appropriate technical and organizational security measures; and (ii) in compliance with the instructions received from Customer. LinkedIn will not use or Process the Customer Personal Data for any other purpose.” (DPA, Section 5.1(a))

• What this proves: The Data Protection Agreement, incorporated by reference into the LinkedIn Subscription Agreement, contains an explicit and unambiguous list of permitted data uses. Training third-party AI models is not on that list.
• The damning detail: LinkedIn updated its public-facing Privacy Policy on September 18, 2024 to add AI training as a permitted purpose. It did not update the DPA. The complaint argues this was deliberate, because updating the DPA would force a direct confrontation with the breach LinkedIn had already committed against Premium subscribers.

“[LinkedIn will] not disclose Confidential Information to any third party except (1) to Affiliates or employees, students, consultants, and agents who (i) have a need to know it in order to carry out their obligations under the Agreement.” (LSA, Section 3.2(c))

• What this proves: LinkedIn’s own Subscription Agreement required that confidential information only be shared with parties who had a documented operational need under the agreement. Training AI models is not an obligation under any agreement LinkedIn had with its Premium subscribers.
• How LinkedIn’s own definition works against them: The LSA defines “Confidential Information” to include data that “from the relevant circumstances should reasonably be known by recipient to be confidential,” specifically citing “non-public Personal Data.” Private InMail messages about job searches, startup financing, and personal reconnections fit this definition without any ambiguity.

“LinkedIn (‘we’ or ‘us’) can modify this Privacy Policy, and if we make material changes to it, we will provide notice through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. If you object to any changes, you may close your account.” (LinkedIn Privacy Policy)

• What this proves: LinkedIn’s own Privacy Policy required advance notice before material changes became effective. The September 18, 2024 update, made the same day press coverage exposed the data sharing, was a retroactive policy change made after the conduct had already occurred.
• What users never got: No notification was sent before the change. No opportunity was provided to close accounts. The complaint treats this as a second, independent breach of contract, layered on top of the underlying data disclosure breach.

“Where LinkedIn trains generative AI models, we seek to minimize personal data in the data sets used to train the models, including by using privacy enhancing technologies to redact or remove personal data from the training dataset.” (LinkedIn FAQ, prior version; deleted on or around October 1, 2024)

• What the deletion proves: LinkedIn made a public commitment to use technical measures to protect users’ data in the training process. It then quietly removed that commitment from its public-facing FAQ approximately two weeks after the initial press coverage. The complaint characterizes this as evidence that LinkedIn was not actually implementing the privacy protections it had promised.
• The pattern: The complaint catalogs this deletion alongside the default opt-in, the retroactive Privacy Policy update, and the FAQ burial of the “another provider” disclosure as a coordinated pattern of covering tracks rather than taking accountability.

“It may be unfair or deceptive for a company to adopt more permissive data practices—for example, to start sharing consumers’ data with third parties or using that data for AI training—and to only inform consumers of this change through a surreptitious, retroactive amendment to its terms of service or privacy policy.” (FTC, February 2024)

• What this proves: The FTC issued this guidance in February 2024, seven months before LinkedIn’s September 2024 retroactive policy update. The complaint notes directly that LinkedIn’s conduct matches this description with precision, strengthening the California Unfair Competition Law claim by grounding it in established federal regulatory guidance.
• The timeline significance: LinkedIn’s legal team would have had access to this FTC guidance. The complaint’s implication is that LinkedIn proceeded anyway, a choice rather than an oversight.

Societal Impact Mapping

Public Health: The Psychology of Surveillance

The harm from LinkedIn’s actions extends beyond individual users. It creates conditions for psychological harm and institutional distrust that affects how people navigate professional life at the most vulnerable moments.

• Chilling effects on professional communication: When people know, or suspect, that private career messages may be stored and analyzed by AI systems, they self-censor. Job seekers in hostile work environments may avoid reaching out on the one platform designed for professional networking, precisely when they most need it.
• Weaponized vulnerability: InMail messages frequently involve disclosures of precarious employment situations, health-related career gaps, financial need, and personal circumstances. The complaint identifies job-seeking efforts and discussions about startup financing as specific content in the plaintiff’s own messages. These categories of information, embedded in AI systems, create permanent exposure of people at their most economically vulnerable.
• Untraceable influence on employment decisions: The complaint raises the direct possibility that AI systems trained on private career conversations could influence employment-related decisions, citing “unintended profiling, biased decisions, and misuse in sensitive contexts like employment.” A person could be screened out of a job by an AI model partially trained on their own private messages, with no mechanism to know it happened or challenge the outcome.
• Erosion of informed consent as a practice: When a platform normalizes opt-out-by-default for sensitive data sharing, it teaches users that privacy is something you have to fight for, not something that is protected by default. This normalization weakens the expectation of consent across the entire tech ecosystem, not just on LinkedIn.

Economic Inequality: Who Gets Hurt

The class of people most affected by this breach are those who paid for premium access to the professional labor market, workers who already operate at a disadvantage and paid extra for protection that was not delivered.

• Premium subscribers paid $39.99 to $169.99 per month for heightened privacy protections that were not delivered. People paying $169.99/month for Recruiter Lite are not tech executives with expense accounts. They are independent recruiters, small agency operators, and professionals investing significant personal income into tools for their livelihood.
• The population using LinkedIn InMail for job searching skews toward people in career transitions, recent graduates, workers in industries with high volatility, and people with non-linear career histories who cannot rely solely on their existing networks. These groups paid for a privacy guarantee that protected sensitive information during their most economically precarious moments.
• Intellectual property and business strategy disclosures in InMail messages represent real economic harm for small business owners and founders. The complaint specifically names “discussions about potential financing for startups” as content in the plaintiff’s messages. Competitive intelligence extracted from these conversations, embedded in AI models accessible to unknown third parties, represents a direct transfer of economic value from individuals to corporate AI systems without compensation.
• The opt-out offered after exposure does nothing for the period when data was already collected and shared. The people who would have chosen to opt out, specifically those most sensitive to privacy risks, had no opportunity to do so because the setting was enabled by default and not disclosed until press coverage forced LinkedIn’s hand.
• LinkedIn has monetized the data without compensating the people who created it. Premium subscribers paid LinkedIn for the service, and LinkedIn extracted additional value from their private communications to train commercial AI products. The complaint frames this as overpayment: subscribers paid for a level of service that was not delivered, meaning every month of their Premium subscription was worth less than what they were charged.

The “Cost of a Life” Metric

What Now? Resistance, Watchlists, and Next Steps

The lawsuit is filed and moving through the Northern District of California. Here is who is responsible and what you can do.

The People and Entities Accountable

• LinkedIn Corporation: Defendant. Principal place of business at 1000 W Maude Ave., Sunnyvale, California 94085. A Delaware corporation and subsidiary of Microsoft.
• Microsoft Corporation: Named as a LinkedIn “affiliate” and listed Subprocessor. The complaint identifies Microsoft’s vast AI product ecosystem, including Word, Teams, and Microsoft 365 features, as potential vectors for data surfacing.
• “Another Provider” [REDACTED: Not Named in Source]: An unnamed third-party AI provider referenced only in a FAQ document. LinkedIn has not publicly identified this entity.
• Lead Plaintiff: Alessandro De La Torre, Premium subscriber since July 2021, California resident.
• Plaintiff’s Counsel: Rafey Balabanian and Jared Lucky of Edelson PC, 150 California Street, 18th Floor, San Francisco, California 94111.

Watchlist: Regulatory Bodies With Jurisdiction

• Federal Trade Commission (FTC): Already on record in February 2024 warning that retroactive, surreptitious privacy policy amendments for AI training “may be unfair or deceptive.” The FTC has direct jurisdiction over LinkedIn’s conduct under Section 5 of the FTC Act.
• California Attorney General: California’s Unfair Competition Law (UCL) is a named cause of action in this lawsuit. The AG has enforcement authority and can pursue injunctive relief and civil penalties independent of the class action.
• U.S. Department of Justice (DOJ): The Stored Communications Act, 18 U.S.C. § 2702, is a federal criminal statute as well as a civil cause of action. Criminal referrals for knowing, willful violations are within the DOJ’s authority.
• California Privacy Protection Agency (CPPA): California Business and Professions Code § 22576, which prohibits website operators from violating their own privacy policies, is specifically cited in the complaint. The CPPA has enforcement authority over California privacy law violations.

What You Can Do Right Now

• Opt out immediately if you are a LinkedIn Premium subscriber. Go to Settings, Data Privacy, and disable “Data for Generative AI Improvement.” It will not undo what has been shared, but it stops future collection.
• File a complaint with the FTC at reportfraud.ftc.gov. Describe the retroactive policy change and the default opt-in. The FTC tracks complaint volume when deciding enforcement priorities.
• File a complaint with the California Attorney General at oag.ca.gov/contact/consumer-complaint-against-business if you are a California resident. Reference California Business and Professions Code § 22576 and the UCL.
• Download your LinkedIn data archive to document what information LinkedIn held about you before any future deletion. Go to Settings, Data Privacy, Get a copy of your data. This creates a record of what was potentially disclosed.
• Share this lawsuit with your professional network outside of LinkedIn. The proposed class requires people to know they are class members. Direct communication helps organizers find potential plaintiffs LinkedIn cannot reach.
• Support digital rights organizations doing this work: Electronic Frontier Foundation (eff.org), Electronic Privacy Information Center (epic.org), and Fight for the Future (fightforthefuture.org) are all active on AI data consent issues.
• Mutual aid angle: If you are a union member or work in an organized workplace, bring this case to your shop steward or labor council. Collective bargaining agreements can include data privacy provisions, and the labor movement has standing to file joint regulatory complaints. Unions representing workers in tech-adjacent industries have increasingly taken positions on AI data rights.