Privacy and security fears dog LinkedIn's new email service

LinkedIn wants its users to hand over their email experience, worrying many that security concerns have not been addressed.

Let’s say I work for your phone company. I call you and make an offer: most of your calls are from friends and family, but occasionally business contacts use your home number. If you want - and for no extra charge! - whenever that happens I’ll call beforehand to give you a biography of that person before connecting them to you. Y’know, so you’re better prepared. The only condition is that you need to let me screen all of your calls before they get to you, so I know when you’ll need me to call you first.

Interested? I’m guessing you’re not - it sounds like a reasonably large invasion of privacy for a negligible payoff. And yet it’s not far from the offer LinkedIn has made when it comes to your email, with a new service it calls Intro for its users who are on iOS:

What's happening under the hood: without Intro, your Mail app connects directly to the servers of your email provider (e.g. Gmail or Yahoo!) to download messages. With Intro, your Mail app connects instead to the Intro servers, which fetch messages from your email provider and then pass them back to your Mail app. As the messages pass through the Intro servers, we add the social context that helps you be brilliant with people.

For each of your emails, Intro tries to find the sender of the message on LinkedIn. If we find information, we include it at the top of the message, and you can tap to see more detail.

In other words, your emails go to LinkedIn, and then to you. If one of those emails is coming from someone with a LinkedIn account, it’ll stick a little bar at the top of the message containing a condensed version of that person’s LinkedIn account. And if you send an email to anyone else, it’ll have something similar at the bottom that links to your LinkedIn account. Here’s what it looks like (as mocked-up by LinkedIn):

It might seem like a lot of bother, but for LinkedIn it’s worth it if it means people choose to turn the iPhone’s default Mail app into a de facto LinkedIn app. The benefit for the user is that it makes it easier to sort the spam from the wheat, but for LinkedIn the benefit is that they get to define how someone experiences email. That’s a powerful way to get people to pay attention to your site - and LinkedIn is fully aware of just how many of its users ignore all those update emails it sends out all the time.

However, remember that LinkedIn is reading your emails to do this, in a way that exactly mirrors a man-in-the-middle attack. That’s a type of attack where someone slips in between two other computers on a network, intercepting each message that gets passed along and reading it as it goes. Sure, you might consent to it when it’s LinkedIn doing it, but it creates an attractive new target. The weakest point in the network isn’t you, or your email provider, any more - it’s LinkedIn. The site’s reputation as secure was damaged greatly by the hack of 6.5 million user passwords last year, so, perhaps understandably, people have been sceptical of how safe Intro is.

Blog posts like this one at security consultancy Bishop Fox lay out several perceived problems - such as that it appears to break cryptographic email, that it could mean you waive your legal right to attorney-client privilege in private correspondence, that it could violate your company’s security policy, and that LinkedIn is generally quite vague about the details of how Intro works - have forced LinkedIn onto the back foot.

Cory Scott, LinkedIn’s senior manager of information security, has written on the company’s blog to try and reassure users that Intro is nothing to fear. He writes:

Many things have been said about the product implementation that are not correct or are purely speculative, so this post is intended to clear up these inaccuracies and misperceptions.

When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios.

Scott claims that an outside security firm - iSEC Partners - has gone through Intro’s code “line-by-line”, and that Bishop Fox was incorrect to claim that Intro breaks cryptography.

However, take a look on social media, or through reddit, and you’ll see people making a point that it’s harder for LinkedIn to refute: even if Intro is secure now, social networks are notorious for updates that render things insecure, or things that were once private no longer being so. Not saying that LinkedIn would do this deliberately - obviously, they wouldn't - but mistakes happen. And for many, Intro looks like it could be a pretty terrible mistake in the waiting.

LinkedIn Intro rejigs how Mail works on iOS. (Photo: ekkiPics/Flickr)

Ian Steadman is a staff science and technology writer at the New Statesman. He is on Twitter as @iansteadman.

Green Party
Show Hide image

Caroline Lucas and Jonathan Bartley: "The Greens can win over Ukip voters too"

The party co-leaders condemned Labour's "witch hunt" of Green-supporting members. 

“You only have to cast your eyes along those green benches to think this place doesn't really represent modern Britain,” said Caroline Lucas, the UK’s only Green MP, of the House of Commons. “There are lots of things you could do about it, and one is say: ‘Why not have job share MPs?’”

Politics is full of partnerships and rivalries, but not job shares. When Lucas and Jonathan Bartley were elected co-leaders of the Green party in September, they made history. 

“I don't think any week's been typical so far,” said Bartley, when I met the co-leaders in Westminster’s Portcullis House. During the debate on the Hinkley power plant, he said, Lucas was in her constituency: “I was in Westminster, so I could pop over to do the interviews.”

Other times, it’s Bartley who travels: “I’ve been over to Calais already, and I was up in Morecambe and Lancaster. It means we’re not left without a leader.”

The two Green leaders have had varied careers. Lucas has become a familiar face in Parliament since 2010, whereas Bartley has spent most of his career in political backrooms and wonkish circles (he co-founded the think tank Ekklesia). In the six weeks since being elected, though, they seem to have mastered the knack of backing each other up. After Lucas, who represents Brighton Pavilion, made her point about the green benches, Bartley chimed in. “My son is a wheelchair user. He is now 14," he said. "I just spent a month with him, because he had to have a major operation and he was in the recovery period. The job share allows that opportunity.”

It’s hard enough for Labour’s shadow cabinet to stay on message. So how will the Greens do it? “We basically said that although we've got two leaders, we've got one set of policies,” said Lucas. She smiled. “Whereas Labour kind of has the opposite.”

The ranks of the Greens, like Labour, have swelled since the referendum. Many are the usual suspects - Remainers still distressed about Brexit. But Lucas and Bartley believe they can tap into some of the discontent driving the Ukip vote in northern England.

“In Morecambe, I was chatting to someone who was deciding whether to vote Ukip or Green,” said Bartley. “He was really distrustful of the big political parties, and he wanted to send a clear message.”

Bartley points to an Ashcroft poll showing roughly half of Leave voters believed capitalism was a force for ill (a larger proportion nevertheless was deeply suspicious of the green movement). Nevertheless, the idea of voters moving from a party defined by border control to one that is against open borders “for now” seems counterintuitive. 

“This issue in the local election wasn’t about migration,” Bartley said. “This voter was talking about power and control, and he recognised the Greens could give him that.

“He was remarking it was the first time anyone had knocked on his door.”

According to a 2015 study by the LSE researcher James Dennison, Greens and Kippers stand out almost equally for their mistrust in politicians, and their dissatisfaction with British democracy. 

Lucas believes Ukip voters want to give “the system” a “bloody big kick” and “people who vote Green are sometimes doing that too”. 

She said: “We’re standing up against the system in a very different way from Ukip, but to that extent there is a commonality.”

The Greens say what they believe, she added: “We’re not going to limit our ambitions to the social liberal.”

A more reliable source of support may be the young. A May 2015 YouGov poll found 7 per cent of voters aged 18 to 29 intended to vote Green, compared to just 2 per cent of those aged 60+. 

Bartley is cautious about inflaming a generational divide, but Lucas acknowledges that young people feel “massively let down”.

She said: “They are certainly let down by our housing market, they are let down by universities. 

“The Greens are still against tuition fees - we want a small tax for the biggest businesses to fund education because for us education is a public good, not a private commodity.”

Of course, it’s all very well telling young people what they want to hear, but in the meantime the Tory government is moving towards a hard Brexit and scrapping maintenance grants. Lucas and Bartley are some of the biggest cheerleaders for a progressive alliance, and Lucas co-authored a book with rising Labour star Lisa Nandy on the subject. On the book tour, she was “amazed” by how many people turned up “on wet Friday evenings” to hear about “how we choose a less tribal politics”. 

Nevertheless, the idea is still controversial, not least among many in Nandy's own party. The recent leadership contest saw a spate of members ejected for publicly supporting the Greens, among other parties. 

“It was like a witch hunt,” said Lucas. “Some of those tweets were from a year or two ago. They might have retweeted something that happened to be from me saying ‘come join us in opposing fracking’, which is now a Labour policy. To kick someone out for that is deeply shocking.”

By contrast, the Greens have recently launched a friends scheme for supporters, including those who are already a member of another party. “The idea that one party is going to know it all is nonsense,” said Bartley. “That isn’t reality.”

Lucas and Bartley believe the biggest potential for a progressive alliance is at constituency level, where local people feel empowered, not disenfranchised, by brokering deals. They recall the 1997 election, when voters rallied around the independent candidate Martin Bell to trounce the supposedly safe Tory MP Neil Hamilton. Citing a recent letter co-signed by the Greens, the Scottish National Party and Plaid Cymru condemning Tory rhetoric on immigrants, Bartley points out that smaller parties are already finding ways to magnify their voice. The fact the party backed down on listing foreign workers was, he argued, “a significant win”. 

As for true electoral reform, in 2011, a referendum on changing Britain's rigid first past the post system failed miserably. But the dismal polls for the Labour party, could, Lucas thinks, open up a fresh debate.

“More and more people in the Labour party recognise now that no matter who their leader is, their chance of getting an outright majority at the next election is actually vanishingly small,” she said. “It’s in their interests to support electoral reform. That's the game changer.” 

Julia Rampen is the editor of The Staggers, The New Statesman's online rolling politics blog. She was previously deputy editor at Mirror Money Online and has worked as a financial journalist for several trade magazines.