This month, LinkedIn is facing two class-action suits alleging it is using security and anti-abuse mechanisms to cover a broader, invasive surveillance apparatus of users’ browser extension data.

LinkedIn denies these allegations, claiming the behaviour is part of its efforts to enforce site security and guard against web-scraping. It also claims that this activity is cited in its privacy policy.

These cases show the complicated nature of privacy protections and policies related to web-scraping, and the need for data buyers to thoroughly understand and vet a company’s data policies.