LinkedIn Hit With 2 Class Action Lawsuits Over Alleged Secret Browser Surveillance

LinkedIn is facing two class action lawsuits after researchers discovered the platform has allegedly been secretly scanning users' browsers for thousands of installed extensions every time they visit the site.

The lawsuits, filed Monday in US District Court for the Northern District of California, accuse the Microsoft-owned professional networking site of running what one complaint calls a "covert surveillance system" embedded in its website code. The plaintiffs — California residents Jeff Ganan and Nicholas Farrell — allege that LinkedIn deploys hidden JavaScript on every page load that scans for more than 6,000 Chrome browser extensions, collects device data, and transmits the results back to LinkedIn's servers without users' knowledge or consent.

The controversy, dubbed "BrowserGate," stems from research by a German nonprofit called Fairlinked e.V., which claims to have reverse-engineered LinkedIn's code. According to the investigation, which was independently confirmed by BleepingComputer, LinkedIn's scanning system has grown dramatically — from tracking 38 extensions in 2017 to over 6,000 by early 2026. The system also allegedly collects 48 device characteristics, including CPU core count, screen resolution, battery status, and time zone, to build a detailed digital fingerprint of each visitor.

What makes this particularly sensitive is that LinkedIn accounts are tied to real names, employers, and job titles. The lawsuits allege that the type of extensions someone uses could reveal personal details about them — things like religious beliefs, political views, health conditions, or whether they're actively searching for a new job — and all of that information could allegedly be linked directly to an identifiable individual.

The complaints cite violations of the Electronic Communications Privacy Act, the California Comprehensive Computer Data Access and Fraud Act, and other state privacy laws. They're seeking damages and an injunction to stop the browser scanning.

LinkedIn is pushing back hard. The company told PCMag the lawsuits are "a house of cards built entirely upon a fabrication," saying the browser extension scanning is disclosed in its privacy policy and is used specifically to detect tools that scrape user data without consent. LinkedIn also says it does not use the data to infer sensitive information about its members.

The company also points to the origins of the BrowserGate report. Fairlinked e.V. has connections to Teamfluence, a company whose Chrome extension was restricted by LinkedIn for allegedly violating its terms of service. LinkedIn says a German court rejected Teamfluence's attempt to get an injunction against the platform earlier this year. Fairlinked disputes that characterization, saying the German case was about an account suspension and never addressed the browser scanning claims.

There is no settlement in this case yet. The lawsuits were just filed today, and the litigation could take months or years to play out.

Download ClassyAction to stay updated on this lawsuit and get notified when the payout drops.