LinkedIn's been forced to change its iOS app, following reports that they've been collecting data from users' calendars and sending it back to its servers.
An opt-in feature allows users to view their calendar entries within the app. However, when they do this, the app automatically and secretly transmits the entries back to the company.
"To the best of our knowledge and based on LinkedIn’s good reputation and leadership in the market, we do not believe it utilized the collected information in a malicious way," say the researchers who discovered the issue.
"However, we are concerned by the fact it collects and sends-out sensitive information about its users, without a clear indication and consent."
The company's defended its use of the data.
"In order to provide our calendar service to those who choose to use it, we need to send information about your calendar events to our servers so we can match people with LinkedIn profiles. That information is sent securely over SSL and we never share or store your calendar information," says mobile product head Joff Redfern.
"In an effort to make that algorithm for matching people with profiles increasingly smarter we pull the complete calendar event, including email addresses of people you are meeting with, meeting subject, location and meeting notes."
But, he says, the company doesn't keep the data, share it or use it for anything other than matching it with relevant LinkedIn profiles.
All the same, LinkedIn's now in the process of improving the app, adding a new 'learn more' link to provide more information about how calendar data's being used. More importantly, it's also promised to stop sending data from the 'meeting notes' section of calendar events.
"Apps cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used," it reads.